No Match Found
Cybersecurity at PwC: we focus on risks
Cyber Attack and Readiness Evaluation is a new service designed by PwC to help clients evaluate their security posture – their ability to deal with the main threats of our cyber world − in an easy and understandable way.
How does it work? First, we do a workshop with you to evaluate online your risk appetite and the measures currently in place to mitigate your exposure to the main cyber risks. We then challenge these responses with a technical evaluation of your readiness.
This service is primarily designed for small and medium-sized enterprises, but it is modular and scalable to any size and field of activity. We have credentials in a range of industries including public administrations, banks, consumer and luxury goods. Our modular approach with the services is described below.
We also provide an online free self-assessment which will give you an initial overview of your exposure to cyber risks and the maturity of your controls.
The purpose of the self-assessment is to provide you an initial overview of your exposure to cyber risks and the maturity level of your controls.
In this phase, you will complete an online questionnaire to evaluate your risks and the maturity of your security controls. We have based our set of controls on the ICT Minimum Standard from the Federal Office for National Economic Supply FONES.
A report with a concise view of your cyber risks and your current maturity level based on the answers that you have provided.
The purpose of a Cyber Risk evaluation is to identify potential problems before they occur. This enables you to plan risk-mitigating measures and invoke them as needed across your information systems or projects.
In this phase, we will go through an online questionnaire to evaluate your risks and the maturity of your security controls. We have based our set of controls on the ICT Minimum Standard from the Federal Office for National Economic Supply FONES.
The external security assessment can be executed in two phases, depending on your needs.
First we run an external vulnerability scan, which is a simple out-of-the-box solution for rapidly identifying weak points in your company’s network that could be exploited by hackers.
The penetration testing is then conducted to discover the depth of the problem and finds out exactly what type of damage could be done if a vulnerability were exploited.
Depending on the services that were chosen, you will receive the following deliverables:
Phishing is the most frequently used technique by hackers to gain an initial foothold in a company’s network. Phishing enjoys a high success rate as it targets the weakest component of the security chain: human beings! Our awareness campaign simulates a phishing attack by sending a credible email to a defined group of people asking them to perform a particular action (for example clicking on a link or opening an attachment) which could compromise the end-user device or lure the recipient into disclosing confidential information.
Every action of the tested group will be recorded and summarised in a report. It will outline the response of your employees (e.g. the number of people who clicked on the link, opened the attachment and provided their credentials) so that you can effectively gauge their level of awareness and/or determine the effect of any training they may have done in this area.
Given the rapidly evolving nature of cyberrisk, company directors and executives have to be kept regularly up to speed on the salient technology and developments in cyber risk.
Our Game of Threats™ session will help your executives or colleagues understand, try out, iterate and play a near real hack use case with our interactive tool.
You’ll receive a presentation which summarises the key findings observed during our session with practical actions.
We have designed a scalable and adaptive service model to gear our services to your needs and size. Depending on the depth of the assessment required and your experience and knowledge of cybersecurity, you may need a certain level of technical and human behaviour evaluation. Let’s tailor your package together!
In response to the continuing evolution of cyber threats and the cyber landscapes of our clients, PwC has developed a subscription-based version of our existing Cyber Attack and Readiness Evaluation offering to help organisations assess their security posture over time. This new approach is called Continuous Cyber Attack and Readiness Evaluation.
Please contact us to get a free self-assessment or find out how we can help you to get better prepared against cyber risks with our Cyber Attack and Readiness Evaluation service offering.
Partner and Leader Cybersecurity and Privacy, PwC Switzerland
Tel: +41 58 792 42 21
Partner Digital Assurance and Cybersecurity and Privacy, PwC Switzerland
Tel: +41 58 792 84 59