Cybersecurity and privacy

At PwC, we help organisations build trust with consumers, regulators, and other stakeholders in their use of personal information. We can help you evaluate how privacy impacts your business and institute a thorough rule book informed by insights from our global privacy framework. Our C&P specialists will help you craft privacy strategies to confidently support your growth and advance your business model. We can help you turn GDPR compliance into a competitive advantage.

We believe in consumer protection and privacy by design. Our highly experienced team uses proprietary technology and has the diversity,  perspective and knowledge required to help our clients stay ahead of change. We also support our clients in case of a data breach or complaint and, through PwC Legal, offer legal support.

Visit our dedicated privacy page for more info.

PwC works with you to architect, design, and implement cybersecurity solutions (such as IAM – Identity & Access Management, PAM – Privileged Access Management, DLP – Data Loss Prevention, SIEM – Security Incident and Event Management, and other SOC – Security Operations Centre services) that elevate your security posture and deliver on your strategic cybersecurity goals. For this purpose we maintain alliances with key vendors like Claroty, CyberArk, DXC.technology, ForgeRock, Micro Focus, Microsoft, Palo Alto, SailPoint and Tanium.

While many of the core disciplines delivered by our team remain unchanged, the technologies used to support these disciplines and the paradigms by which they are delivered are rapidly evolving along with your business realities. Our teams focus on continuously adapting our strategy to align to these challenges.

Our co-sourced cyber services provide competitive, ‘white glove’-managed security services across several key offerings. These high-value services are what helps set PwC apart. Providing long term expertise, our cybersecurity managed services can bring an experienced team ready to meet the specific technical and business needs of your organisation.

Our managed services can help with the management and continual enhancement of critical security components.

We help you understand dynamic cyber challenges, adapt and respond to risks inherent to your business ecosystem and prioritise and protect the most valuable assets fundamental to your organisation strategy.

Our PwC C&P specialists can help your organisation prepare for a cybersecurity incident by providing response policies, procedures and playbooks, performing tabletop exercises and using proprietary tools – like our PwC Hacking Experience and Game of Threats - to help build, evaluate, and test your technical incident response capabilities. We also have IT forensic capabilities to support clients in case of a breach or compromise, or to support our colleagues from Forensic Services during an investigation.

Our services range from classic disaster recovery planning and business continuity management, to crisis management and help with implementing integrated management systems (ISO 22301, ISO 27001 and others). We  support you in achieving true organisational resilience.

We also have a strong penetration testing team that can handle not only IT and consumer technology, but also Operational Technology (OT), Industrial Control Systems (ICS) and hardware, offering a broad range of different types of assessments at the infrastructure, middleware and application layers. We also do Red Team Exercises, in the context of TIBER (Threat Intelligence-based Ethical Red Teaming), for example. PwC is also a OWASP SAMM practitioner.  Furthermore, we have experts in secure development and software assurance, and offer DevSecOps solutions and implementation support.