Collaborating to achieve cybersecurity excellence

Case study

With ongoing investments in cybersecurity, our client, a Canadian financial institution, has leveraged industry-leading cybersecurity practices to protect customers throughout the pandemic

Client: Canadian financial institution
Today's issues: Cybersecurity, Privacy and Financial Crime
Services: Cybersecurity
Country: Canada

Introduction

For the last four years, PwC Canada and our client, a Canadian financial institution, have been working together to strengthen and mature that organization’s already robust cybersecurity program. At the highest level, our goals were to evolve the financial institution’s cybersecurity posture to further protect customers, safeguard employees and provide a secure experience in attracting new customers.

The important work we had already done together over the years on the cybersecurity front was essential when they had to rapidly adapt to threats due to the COVID-19 pandemic. It was that strong foundation that allowed our client to quickly move the majority of their back-office employees from office settings to working remotely while also protecting their customers from evolving cyber threat actor activity.

The head of information security at this organization highlights, “Due to COVID-19, the volume of cyber threats has increased exponentially for all sectors over the past year. Our current assessment is that this trend will persist for at least the foreseeable future, with threat actors continuing to take advantage of the opportunity to profit from the current uncertainty and trends from distanced work and learning environments. That being said, the planned investments we’ve made in our cybersecurity program over the past four years have and will continue to increase our resilience to these types of threats.”

Challenge

At the beginning of our journey, we decided together that the objectives were to protect the financial institution’s cybersecurity posture and further increase the resilience of their organization. This was especially important given our client was, at that time, developing and implementing their new online banking platform, which required industry-leading security programs and supports.

As a financial institution, our client knew an excellent cybersecurity program was paramount in protecting their customers, employees and the organization as a whole. They’ve always been very definitive about their strategy and understood that to achieve their strategic business objectives, they’d need to make sure their defences were on par with or better than those of their competitors.

Our client has a talented in-house team of cybersecurity professionals. To retain that talent while continuing to attract industry-leading cyber specialists, they depend on an augmented model with us as their trusted adviser to help them transform their cyber resilience and preparedness.

“The PwC relationship is structured to allow an ebb and flow of demands and the level of maturity for a specific cyber discipline. We are responsible for a resilient cybersecurity program, and that requires the highest level of expertise, both internally and through collaboration with external firms to ensure sustainability. PwC has been incredibly flexible and receptive to a relationship that drives shared outcomes and overall success.”

—Head of information security, Canadian financial institution

Approach

So how did we work together to achieve their cyber resilience goals?

First and foremost, the two organizations built a strong working relationship so both clearly understood the cybersecurity goals and requirements to achieve those goals. Our client notes, “The PwC relationship is structured to allow an ebb and flow of demands and the level of maturity for a specific cyber discipline. We are responsible for a resilient cybersecurity program, and that requires the highest level of expertise, both internally and through collaboration with external firms to ensure sustainability. PwC has been incredibly flexible and receptive to a relationship that drives shared outcomes and overall success.”

While this Canadian financial institution has their own outstanding internal cybersecurity team, they augmented this team with members of PwC Canada’s state-of-the-art Digital Resilience Centre to more effectively detect and respond to cyber threats 24/7 and build digital trust. Together, we’ve built multi-layered defences and controls and a strong cyber program that helps protect against multi-pronged attacks and continuously adapts to the evolving threat landscape.

Impact

One of the keys to the success of our work with our client was our collaborative approach. Our teams worked together to make the most of our respective strengths to ensure the richest outcome, taking full advantage of the diverse perspectives of our combined teammates.

Being well positioned ahead of the pandemic, our client was able to anticipate emerging trends impacting cybersecurity across the board. They were equipped to better protect their customers and employees with confidence, despite the increase in direct cyber threats and supply chain attacks as more people took to working remotely and digital demands increased dramatically.

Being prepared with the right level of maturity has allowed this organization to respond to the changing environment with agility, and their strategic relationship with PwC Canada has freed resources to support their business with fast risk assessments and new business service implementations.

The result is the ability for this Canadian financial institution to invest in the right ways to move confidently into the future.

Follow PwC Canada

Required fields are marked with an asterisk(*)

First Name*

Last Name*

Email*

Organization*

Job Title*

Additional comments

By submitting your e-mail address, you acknowledge that you have read the privacy statement for this site and you consent to our processing the data in accordance with that privacy statement to include international transfers. If you change your mind at any time, please send an email message to the Chief Privacy Officer.