Cyber security and privacy

Building confidence in your digital future.

There has to be a better way

How we can help

In the last two decades, the technology revolution has changed the way we all go about our business.

While offering opportunities for innovation and productivity, the Cyber era also presents new risks and challenges. From governments and their citizens to businesses and their employees and customers, we are all connected and affected by cyber risks.

The cyber supply chain has removed the traditional security perimeter as enterprises adopt cloud, mobile and social technologies, and invest in third party business relationships.

There’s no such thing as perfect security. An agile and commercially pragmatic approach is essential for the growth and innovation required to thrive in the new world.

The cyber ecosystem is complex and fast. While it’s necessary to invest in protection, incidents will occur. Rapid response is key to minimising brand damage and financial loss.

Protection, detection and response are interdependent. Leading practice needs a cohesive relationship between technology risk, information security, forensics and operational teams.

Confidence in your people

People make critical security decisions every day.

Disappearing organisational boundaries mean that you can no longer rely on technology alone. You need to make sure your people understand security and act securely.

We can help you foster secure behaviours by shaping your culture and designing processes, systems and roles with human vulnerability in mind.

Confidence in your priorities

Addressing cyber threats helps you prioritise what matters most. Being prepared for changes in the digital era will help you get your priorities straight. A ‘cyber savvy’ governance and management structure means you can prioritise opportunities and know where you can afford to take risks.

We can help you to recognise your key tangible and intangible assets and align your security strategy to your priorities.

Confidence to take risks

Digital opportunities cannot be realised without managing the inherent risks.

Some risks are worth taking, but if you’re struggling to manage the downside, you won’t be able to take advantage of the upside.

We can help you consider your interactions within the digital world and assess where and how they impact your past, present and future.

Confidence during a crisis

Cyber attacks are now commonplace.

Resilience means being able to react quickly and effectively when compromised. Being aware of and prepared for threats will help you prevent incidents and react to them quickly enough to reduce their impact, and prevent them becoming a crisis.

We can help you protect what’s important, detect intruders, dealwith the regulators and minimise your exposure when you’re compromised.

Confidence in your connections

Organisations exist in an increasingly complex digital ecosystem.

We share information and transact digitally more than ever before. Your digital relationships with customers, suppliers and others expose you to new areas of risk that need to be managed.

We can help you assess your connections, negotiate robust contracts and build an agile risk management framework, adept at keeping pace as your collaborative networks evolve.

Understanding your capabilities and maturity to help you prioritise your improvement programs

Cyber security diagnostics, maturity assessments and benchmarking:

Governance
Threat intelligence
Control effectiveness
Third party management
Incident response and resilience

Cyber security capability “deep dives”:

Strategy reviews
Compliance reviews
Skills assessments
Threat landscape assessments
Vulnerability assessments and penetration testing
Red/Blue team exercises
Third party risk assessments
Incident preparedness exercises
Cloud security assessments

Designing and delivering on your cyber security improvement programme

Framework implementation

Establish security management systems (e.g. ISO 2700x)
Build industry compliance programmes (e.g. PCI/DSS)
Develop security MIS platforms

Capability build

Create a cyber secure culture
Cyber skills development and training
Strategic staff secondments
Investing to enhance cyber resilience
Understanding and adapting to changes in the cyber risk environment
Defining security policy and the mandatory requirements that your business users, and third parties must adhere to
Communicating security posture and risk decisions to drive a cyber aware culture

Operations enablement

SOC design and development
Data leak management
Access governance
Vulnerability management
Threat modelling and management
Incident readiness and response
Advanced threat protection

Rapid, global access to leading cyber incident containment, investigation and crisis management expertise

Computer, network and malware forensics
Network intrusion containment and remediation
Threat hunting
Fraud and eCrime investigations
Regulatory proceedings
Crisis management
e-Discovery
Expert witness services in support of legal actions
Surveillance
Root cause analysis of cyber events to enhance your cyber strategy
Using intelligence, monitoring and testing results to improve cyber resilience
Understanding and communicating risks and cost effectively fixing problems
Training and sharing of lessons learnt
Having people, systems and processes in place to respond immediately
Maintaining capability that is scalable and cost-effective
A proven approach to containing the incident and minimising damage
Teamwork between all stakeholders including outsourced service providers to minimise brand damage and financial loss

Outsourced managed security services to enable you to focus on strategic priorities

Cyber as a service

VMaaS - Vulnerability management as a service
AGaaS - Access governance as a service
SIEMplus - Security Analytics and event monitoring
Security event and incident management services
Advanced threat detection and monitoring
Threat intelligence
Retained incident response service
Cyber defence
Understanding all cyber risks – Government agencies and industry peers sharing intelligence
Continually assessing risks and re-testing security and controls
Reporting cyber risks and status to the executive and board

Contact us

Junaid Amra

Director | Forensics Technology Solutions Leader, PwC South Africa

Tel: +27 (0) 82 953 9325