Incident Response

Service Summary

As Japanese organisations grow and evolve, both domestically and in overseas markets so does their digital technology footprint. This growth is not unique to Japanese organisations and can affect foreign corporations operating in Japan. The increasing frequency of high profile data breaches show that no organisations are immune to a cyber breach. Cyber breaches can lead to

  • Brand Reputation Damage
  • Data Loss including customer data
  • Revenue Loss 
  • Loss of Intellectual Property / trade secrets

PwC Cyber Security Incident Response services can help your organisation:

  • Incidents Response retainers for on-demand support
  • Incident response advisory
  • Stakeholder management 
  • Investigation support for security incidents
  • Post Incident Review
  • Digital forensics (malware analysis, etc.)
  • Threat Hunting Service

Our PwC Cyber Security Incident Response team includes experts from a wide range of backgrounds each specializing in their respective fields. Our team locally is made up of bi-lingual staff and where required we can leverage our global PwC network to provide assistance on the ground across APAC, AMERICAS and EMEA.

Service Overview

Incident Response retainer - Discounted annual pre-paid hours to provide on-demand support in the event of a Cyber crisis. Retainer arrangements allow your organization to engage our team of Cyber Security experts in the immediate event of a cyber crisis. Our retainer services have a number of different options which can be tailored to your organization to cover aspects such as number of hours, discounted fees, coverage times, in-country and overseas support.

Where you are not able to utilize the annual prepaid discounted hours, we will be able to repurpose this time to cover other services our broader team provides including penetration testing, red teaming, threat hunting, risk assessments, security assessments, educational training and awareness.

Incident Response advisory - Advice and guidance for your organization's readiness and capability to respond to cyber security incidents and data breaches. We can help your organisation develop Incident Response plans and Incident Response Playbooks for specific threats and incident types tailored to your organisation. Our team can help you navigate the complex stakeholder environment during the event of an incident which may involve but not limited to; customers, legal, public relations, third party vendors and regulatory agencies, etc.

Investigation support and Digital Forensics - Expertise in evidence preservation, analysis of logs, malware and forensic analysis on affected hosts. Our experienced team can perform forensically sound preservation of endpoint and server data. We will perform detailed analysis to identify indicators of compromise to help determine the root cause of the incident.

Stakeholder management - Navigating the complex stakeholder environment within an organisation can impact and hinder the speedy identification and resolution of incidents. Our team had experience dealing with organizations and can act as independent experts. We will liaise with your organization’s teams across; media and communications, legal, business units, executive leadership and your board to provide comfort to all stakeholders involved through the incidents lifecycle.

Our Approach

PwC’s Cyber Incident Response team can support your organization proactively and during an incident. PwC’s approach to incident response aligns to industry recognized, tried and tested processes together with our in-house developed processes.

Preparation - Our team will assist by performing a high level current state assessment of your organization’s capability to respond to an incident. We will review existing team members, processes (including Incident response plans and playbooks) and tools (detection, analysis and response capability). We will also aim to understand the established communication channels and how they are invoked in the event of a crisis.

Detection & Analysis - We will collect data and logs from various sources including host, network devices and log servers. These will be collected through the use of your organization's existing tools and PwC bespoke data collectors. We will analyse these in our big data platform designed to identify indicators of compromises and determine the extent and impact of the security Incident / breach.

Containment, Eradication & Recovery - Through known and tested procedures we will limit the impact to systems, ultimately limiting impact to your customers and brand reputation. After the threat has been contained, we will assist where required to restore necessary infrastructure and systems so your organization can resume business operations.

Post Incident Review - From our detection, analysis, containment and eradication activities, we will document lessons learnt to help your organization to be better prepared for any future potential incidents. We will feed this back into the preparation phase of the incident response lifecycle.

PwC rated as a Leader in Cybersecurity Consulting Services Providers in Asia Pacific

PwC announced that it was cited as a Leader in The Forrester Wave™: Asia Pacific Cybersecurity Consulting Providers Q4 2019.

Forrester notes that: “Innovation, vision, and the ability to engage executives are key differentiators.”

Find out more


{{filterContent.facetedTitle}}

{{contentList.dataService.numberHits}} {{contentList.dataService.numberHits == 1 ? 'result' : 'results'}}
{{contentList.loadingText}}