Cyber security and privacy

Building confidence in your digital future.

There has to be a better way

How we can help

In the last two decades, the technology revolution has changed the way we all go about our business.

While offering opportunities for innovation and productivity, the Cyber era also presents new risks and challenges. From governments and their citizens to businesses and their employees and customers, we are all connected and affected by cyber risks.

The cyber supply chain has removed the traditional security perimeter as enterprises adopt cloud, mobile and social technologies, and invest in third party business relationships.

There’s no such thing as perfect security. An agile and commercially pragmatic approach is essential for the growth and innovation required to thrive in the new world.

The cyber ecosystem is complex and fast. While it’s necessary to invest in protection, incidents will occur. Rapid response is key to minimising brand damage and financial loss.


Protection, detection and response are interdependent. Leading practice needs a cohesive relationship between technology risk, information security, forensics and operational teams.

Confidence in your people

People make critical security decisions every day.

Disappearing organisational boundaries mean that you can no longer rely on technology alone. You need to make sure your people understand security and act securely.

We can help you foster secure behaviours by shaping your culture and designing processes, systems and roles with human vulnerability in mind.

Confidence in your technology

Technology underpins your business.

As your business changes so should your technology. While embracing the new, you still need to protect legacy technology and information against cyber threats.

We can help you understand the inherent risks of your technology and how to mitigate them.

Confidence in your priorities

Addressing cyber threats helps you prioritise what matters most. Being prepared for changes in the digital era will help you get your priorities straight. A ‘cyber savvy’ governance and management structure means you can prioritise opportunities and know where you can afford to take risks.

We can help you to recognise your key tangible and intangible assets and align your security strategy to your priorities.

Confidence to take risks

Digital opportunities cannot be realised without managing the inherent risks.

Some risks are worth taking, but if you’re struggling to manage the downside, you won’t be able to take advantage of the upside.

We can help you consider your interactions within the digital world and assess where and how they impact your past, present and future.

Confidence during a crisis

Cyber attacks are now commonplace.

Resilience means being able to react quickly and effectively when compromised. Being aware of and prepared for threats will help you prevent incidents and react to them quickly enough to reduce their impact, and prevent them becoming a crisis.

We can help you protect what’s important, detect intruders, dealwith the regulators and minimise your exposure when you’re compromised.

Confidence in your connections

Organisations exist in an increasingly complex digital ecosystem.

We share information and transact digitally more than ever before. Your digital relationships with customers, suppliers and others expose you to new areas of risk that need to be managed.

We can help you assess your connections, negotiate robust contracts and build an agile risk management framework, adept at keeping pace as your collaborative networks evolve.


Understanding your capabilities and maturity to help you prioritise your improvement programs

Cyber security diagnostics, maturity assessments and benchmarking:

  • Governance
  • Threat intelligence
  • Control effectiveness
  • Third party management
  • Incident response and resilience

Cyber security capability “deep dives”:

  • Strategy reviews
  • Compliance reviews
  • Skills assessments
  • Threat landscape assessments
  • Vulnerability assessments and penetration testing
  • Red/Blue team exercises
  • Third party risk assessments
  • Incident preparedness exercises
  • Cloud security assessments

Designing and delivering on your cyber security improvement programme

Framework implementation

  • Establish security management systems (e.g. ISO 2700x)
  • Build industry compliance programmes (e.g. PCI/DSS)
  • Develop security MIS platforms

Capability build

  • Create a cyber secure culture
  • Cyber skills development and training
  • Strategic staff secondments
  • Investing to enhance cyber resilience
  • Understanding and adapting to changes in the cyber risk environment
  • Defining security policy and the mandatory requirements that your business users, and third parties must adhere to
  • Communicating security posture and risk decisions to drive a cyber aware culture

Operations enablement

  • SOC design and development
  • Data leak management
  • Access governance
  • Vulnerability management
  • Threat modelling and management
  • Incident readiness and response
  • Advanced threat protection

Rapid, global access to leading cyber incident containment, investigation and crisis management expertise

  • Computer, network and malware forensics
  • Network intrusion containment and remediation
  • Threat hunting
  • Fraud and eCrime investigations
  • Regulatory proceedings
  • Crisis management
  • e-Discovery
  • Expert witness services in support of legal actions
  • Surveillance
  • Root cause analysis of cyber events to enhance your cyber strategy
  • Using intelligence, monitoring and testing results to improve cyber resilience
  • Understanding and communicating risks and cost effectively fixing problems
  • Training and sharing of lessons learnt
  • Having people, systems and processes in place to respond immediately
  • Maintaining capability that is scalable and cost-effective
  • A proven approach to containing the incident and minimising damage
  • Teamwork between all stakeholders including outsourced service providers to minimise brand damage and financial loss
group of people icon

Outsourced managed security services to enable you to focus on strategic priorities

Cyber as a service

  • VMaaS - Vulnerability management as a service
  • AGaaS - Access governance as a service
  • SIEMplus - Security Analytics and event monitoring
  • Security event and incident management services
  • Advanced threat detection and monitoring
  • Threat intelligence
  • Retained incident response service
  • Cyber defence
  • Understanding all cyber risks – Government agencies and industry peers sharing intelligence
  • Continually assessing risks and re-testing security and controls
  • Reporting cyber risks and status to the executive and board

Contact us

Junaid Amra

Junaid Amra

Partner | Forensics Technology Solutions Leader, PwC South Africa

Tel: +27 (0) 82 953 9325

Follow us