PWC Brochure Cyber Security

Download as pdf or txt
Download as pdf or txt
You are on page 1of 6

Cyber Security

Protecting your
crown jewels
Our Cyber Security Services
We view cyber security through a series of interconnected lenses. This rounded
approach is designed to provide organisations with greater confidence in their people,
technology and connections; and in how they manage risks; set priorities; and respond
to an incident or during a crisis.

Our services span eight broad areas:

Strategy, Governance and


Architecture
Align your business processes,
prioritise investments, align security
capabilities and create sustainable
security solutions to provide Identity and Access Management
foundational capabilities and (IAM)
operational design.
Enable and maintain secure access
to applications and infrastructure.

Security Implementation
Implement optimal security products
and solutions.
Threat and Vulnerability
Management
Protect, detect and respond to
vulnerabilities at the operational
layer.

Active Defence Services


Ensure active hunting, rapid
response and threat intelligence.

Risk and Compliance


Ensure effective compliance and
risk management.

Incident Management
Plan, detect, investigate and react
to security incidents in a timely
manner.
Managed Services
Manage security end to end via
continuously monitoring and
analysing a number of security
parameters related to systems and
external threats.

Building a resilient cyber function


Strategy, Governance and Architecture

We help clients define a comprehensive cyber security strategy, prioritise investments


and align security capabilities with strategic imperatives of the organisation. Additionally,
we help clients define business-driven enterprise security architecture, create
sustainable solutions to provide foundational capabilities and operational discipline,
maintain agility in the event of business/technology changes, and protect our client’s
information.

Security Strategy and Governance


Our services include:
• Cyber security framework, strategy and programme transformation
• Security policy and standards framework definition
• Cyber security skill development and enhancement programmes
• Stakeholder sensitisation and awareness
• Small business cyber security strategy
• Certification advisory services

Security Architecture
Our services include:
• Cyberthreat assessment
• Enterprise cyber security architecture design and design
• Supply chain security architecture and implementation
• Cloud and mobility security architecture
• SCADA security
• Internet of things (IoT) security

Identity and Access Management (IAM)

We help clients provide integrated and secure processes, services and infrastructure to
enable appropriate controls over access to critical systems and assets. Our approach
takes into account business requirements and trends, and provides a holistic view to
manage and maintain identities.

Our services include:


• Identity and access management architecture definition
• Enterprise and consumer identity and access management solution implementation
• IAM business value health check and enhancement advisory services
• Privileged identity management solution implementation and operations
• Identity governance administration and on-going operations maintenance

Security Implementation

We offer an integrated approach to select and implement security solutions to help


clients discover their optimal value. We also help clients manage their strategies for
building and maintaining a best-in-class Security Operations Centre (SoC).

Our services include:


• Security product/solution selection
• Security product/solution effectiveness review
• Security solution implementation
• SoC transformation
Threat and Vulnerability Management

We help clients develop and institutionalise a resilient threat and vulnerability


management programme that helps in protecting, detecting and responding to
vulnerabilities at various operational layers of technology. We also provide services for
intelligence-based modelling of human behaviour to track and contain insider threats.

Our services include:


• Vulnerability assessment and penetration testing
• Application security and source code review
• Mobile and cloud application security review
• Payment devices security review
• Financial inclusion compliance audits
• Insider threat management
• Context-sensitive vulnerability advisory

Active Defence Services

We help organisations transform the way they respond to threats through active hunting,
rapid response and threat intelligence. Our services include:

Active Discovery
The Active Discovery team helps organisations discover advanced threats through a
combination of baiting, analytics and reverse engineering:
• Network and host compromise assessment
• Honeypots, custom baits and sinkholes
• Malware analysis

Cyber Response
Our specialist Cyber Response team helps address cyber incidents in a rapid and
confidential manner, utilising state-of-the-art solutions:
• Remote triage
• Analysis and response
• Cyber and financial forensics
• Post-incident support

Threat Intelligence
• Curated feeds
• Focused signatures
• Seamless integration

Overview of PwC’s Active Defence Services Platforms


• PwC TIP
• PwC Nethunt
• PwC FlyTrap
• PwC CIRCA
Risk and Compliance

We assist clients in ensuring effectiveness of compliance management to organisation


policies, industry-specific and regulatory requirements.

Our services include:


• IT risk management
• Information lifecycle management services
• Industry-specific security compliance reviews
• Business continuity management services
• Third-party vendor security governance

Incident Management

We help establish a cyber-response framework that follows a proven approach to


contain an incident and minimise damage.

Our services include:


• Incident response and crisis management
• Breach remediation
• Forensic investigations
• Third-party reporting, notification and disclosure
• Remediation planning and implementation

Managed Services

We assist clients in maintaining situational awareness by continually monitoring and


analysing a number of security parameters related to their systems as well as external
threat intelligence to detect and respond to cyberthreats.

Our services include:


• Facility with high-end technology and best resources in the industry, with 24x7
security events monitoring
• Merging of deep security domain expertise with consulting experience through Cyber
Protection Centre, thus providing a differentiated experience
• Industry-specific threat intelligence with 150+ feeds
• Signature-less user behaviour analytics for detecting insider and targeted attacks
• Automated end-to-end incident management workflows from event collection and
detection to response
• Continuous network security through automated vulnerability management and
remediation
• Best-in-class zero-day malware analysis lab with automated malware detection,
analysis and report submission
About PwC
At PwC, our purpose is to build trust in society and solve important problems. We’re a
network of firms in 158 countries with more than 250,000 people who are committed to
delivering quality in assurance, advisory and tax services. Find out more and tell us what
matters to you by visiting us at www.pwc.com
In India, PwC has offices in these cities: Ahmedabad, Bengaluru, Chennai, Delhi NCR,
Hyderabad, Kolkata, Mumbai and Pune.
For more information about PwC India’s service offerings, visit www.pwc.com/in
PwC refers to the PwC International network and/or one or more of its member firms,
each of which is a separate, independent and distinct legal entity.
Please see www.pwc.com/structure for further details.
© 2019 PwC. All rights reserved

Contact us

Siddharth Vishwanath Anirban Sengupta


Partner and Cyber Advisory Leader Partner, Cyber Security
[email protected] [email protected]

Hemant Arora Krishna Sastry Pendyala


Partner, Cyber Security Executive Director, Cyber Security
[email protected] [email protected]

Manu Dwivedi PVS Murthy


Partner, Cyber Security Partner, Cyber Security
[email protected] [email protected]

Rahul Aggarwal Ramanathan (Ram) V. Periyagaram


Partner, Cyber Security Partner, Cyber Security
[email protected] [email protected]

Sangram Gayal Sriram Sivaramakrishnan


Partner, Cyber Security Partner, Cyber Security
[email protected] [email protected]

Sundareshwar Krishnamurthy Unnikrishnan P


Partner, Cyber Security Partner, Cyber Security
[email protected] [email protected]

Venkat Nippani Murali Krishna Talasila


Partner, Cyber Security Partner, Cyber Security
[email protected] [email protected]

pwc.in
Data Classification: DC0
© 2019 PricewaterhouseCoopers Private Limited. All rights reserved. In this document, “PwC” refers to
PricewaterhouseCoopers Private Limited (a limited liability company in India having Corporate Identity
Number or CIN : U74140WB1983PTC036093), which is a member firm of PricewaterhouseCoopers
International Limited (PwCIL), each member firm of which is a separate legal entity.
SG/May2019-17596

You might also like