Cybersecurity Strategy and Transformation

We help organisations build an effective security governance

Our Strategy Transformation services help clients understand the current cybersecurity and privacy landscape, make cybersecurity a collective priority, and develop and implement solutions across people, processes, and technologies.

We provide the foundations to design, manage and operate a cybersecurity program aligned to business strategy, and increase organisational resilience in the face of an ever changing threat landscape.

Discover our areas of focus

From cyber resilience to cyber risk quantification, find our more on how we help organisations work smarter and grow securely.

Cyber resilience

Building confidence in your digital future

Maturity assessment and security roadmap development

Your Challenges:

Is your business resilient to a cyber-attack?
Which threats should you be most concerned about?
Are there gaps in your cybersecurity capabilities?
Are you making the right investment to protect your business?
Is your information security strategy aligned with your business objectives?

How can we help you?

Cybersecurity maturity assessment against PwC’s Cybersecurity and International frameworks.
Security roadmap and investment plan to secure your digital future and reach the desired maturity.
Develop business case and target operating model for Security Operation Centre (SoC) and Data Centre design in line with TIA-942, Energy Star, ISO and NIST leading framework.

Key benefits:

Enhance brand and reputation.
Assess program effectiveness.
Reduce communication and compliance burdens.
Demonstrate value to board and audit committee.

CISO as a service

Your Challenges:

Are your cybersecurity initiatives aligned with your business objectives?
Is cybersecurity strategically managed from the C-suite and boardroom?
Is a C-Level stakeholder responsible and dedicated to information security?
Do you measure and demonstrate to stakeholders the effectiveness of your cybersecurity efforts?
Does your program leverage stride in cybersecurity to boost your economic performance?

How can we help you?

Provide strategic role as Virtual Chief Information Security Officer (V-CISO).
Establish Cyber Security framework and build security culture within the organisation.
ConductCyber Security risk assessment and define controls aligned to leading standards -NIST, ISO 27001 series, PCI and CIS controls.
Define key performance and security indicators (KPI/KRI) to monitor the effectiveness of your security programme.
Manage ongoing security activities with defined set of processes and procedures to identify, detect, protect, respond and recover from cyber incidents.

Key benefits:

Virtual Chief Information Security Officer (V-CISO) to align your cyber investment on projects and be a market differentiator.
Assist clients to understand business objectives based on industry expertise and peer comparisons in order to strategically plan security initiatives.
Assist you to transpose security objectives into non-technical terms and accurately communicate risk to your board and audit committees.
Establish and measure Key Risk Indicators (KRIs) aligned with enterprise risk management objectives.

Security culture and board reporting

Cyber behaviour and decision making

Do you want to raise your employees’ awareness of information security risks?
Are your employees aware of phishing emails and its impact to the organisation?
Do your employees know that the information they put on the Internet or Social Media could be potentially used against them or their organisation?
Did it occur that one of your employees accidentally caused a major security breach?
Do you want to train your employees so that they are able to detect phishing attacks?

ISO standard programme delivery and support

ISMS 27001 implementation
ISO 22301 implementation

Information Security Management System (ISMS) - ISO 27001 implementation

How to align your internal security practice and framework against security best practices (ISO27001, ISO27002)?
How to establish a security framework by implementing an Information Security Management System (ISMS)?

Safeguard your own and your customer’s valuable data and intellectual property rights.
Mitigate the risk of large financial penalties and comply with business, legal, contractual and regulatory obligations.
Support a continuous cycle of improvement throughout your organisation.
Differentiate your organisation in the market as ISO 27001 compliant.

Cyber risk quantification

What are your top cyber risks and how much exposure do they represent?
What is the actual financial impact to the business if these cyber risks were to occur?
How are financial impacts, arising from cyber risks, aligned to your organisation's risk appetite?
How effective are your investments in risk reduction (return on security investments)?
How are cyber risks communicated to the executives and board, so they clearly understand risk impact, ownership and governance?

Enhance the role of Boards and the CEO in cyber risk oversight.
Enables youto evolve beyond compliance to strategic risk management.
Quantify your risks, which will turn information into actionable insights.
Align your stakeholders - Technicians, risk managers, executives and directors are on the same page about cyber risk.
Measure the effectiveness of existing controls, justify your investment and remediate the risk according to your appetite.

Third party risk management

Your Challenges:

Are you fully aware of your third parties’ security practices, and are you comfortable with the level of information security they provide?
Are you currently in the process of selecting a new service provider? Do you believe that information security is a key consideration?
Are you facing difficulties in assessing the security maturity of your third parties?
Was a recent security incident imputed to one of your third parties?

How can we help?

A web-platform that will enable you to centrally manage security assessments of your third parties.
Tailored questionnaires based on leading practices and international standards to assess your third parties.
Support in processing questionnaires from third parties to determine their maturity level.
Onsite, remote, or self-assessments of your third parties as deemed appropriate.

Regulatory compliance services

Your Challenges:

Are you able to demonstrate compliance with regulatory requirements (central banks guidelines, PCI DSS, SWIFT) ?
Are there correct governance and controls in place to maintain compliance?
Have you planned to attest your level of compliance against mandatory regulatory controls?

How can we help you?

Perform an assessment to identify and define the scope of regulatory compliance.
Compare what you have in place against regulatory control requirements and identify areas of compliance and non-compliance.
Develop corrective actions to support internal teams in remediation activities.
Prepare to demonstrate compliance to regulatory requirements and to maintain it on an ongoing basis.

While you are here, browse our other related services

6 results

28/02/20

Managed Security Services

Do you have the capabilities needed to hunt for and rapidly contain cyber threats? Read more on how Managed Cybersecurity services can help you.

28/02/20

Incident and Threat Management

We help our clients manage cybersecurity incidents and threats using a proven process to identify loopholes and help you build confidence. Read more

28/02/20

Privacy and consumer protection

Build confidence in your customer by improving their data privacy across your platforms. Click here to see how we can help.

20/04/18

General Data Protection Regulations

On 25 May 2018, the GDPR comes into force, revolutionising the way that personal data are used and handled. Controllers and processors of personal data in Mauritius have a short amount of time to get ready. PwC can help.

Contact us

Jean-Pierre Young, ACA, CIA

Chief Innovation Officer, PwC Mauritius

Tel: +230 404 5028

Vikas Sharma

Regional Consulting & Risk Services (C&RS) Leader, PwC Mauritius

Tel: +230 404 5015

Follow PwC Mauritius

Services Assurance Consulting & Risk Deals Tax Seychelles Desk Management Consulting India Desk PwC Expat Services

About Us PwC Centre Our History Global Mobility Programme Human Right Statement Global third party code of conduct Local Challenges Our code of conduct Our Alumni Programme Global Tax Code of Conduct

Careers Current opportunities Experienced Careers Graduate Recruitment Internships at PwC The PwC Experience

Press and Insights Our Press Room Research and Insights Tax Insights and Alerts

Events and Trainings Our Events Our Training Courses Budget 2023 - 2024

© 2022 - 2025 PwC. At PwC, our purpose is to build trust in society and solve important problems. We’re a network of firms in 158 countries with over 250,000 people who are committed to delivering quality in assurance, advisory and tax services. Find out more and tell us what matters to you by visiting us at www.pwc.com. PwC refers to the PwC network and/or one or more of its member firms, each of which is a separate legal entity. Please see www.pwc.com/structure for further details. © 2018 PwC. All rights reserved

We help organisations build an effective security governance

Discover our areas of focus

Cyber resilience

Maturity assessment and security roadmap development

Your Challenges:

How can we help you?

Key benefits:

Security culture and board reporting

Cyber behaviour and decision making

ISO standard programme delivery and support

Information Security Management System (ISMS) - ISO 27001 implementation

Cyber risk quantification

Third party risk management

Your Challenges:

Regulatory compliance services

Your Challenges:

While you are here, browse our other related services

Managed Security Services

Incident and Threat Management

Privacy and consumer protection

General Data Protection Regulations

Browse our related services

Related content

COVID-19 | PwC Mauritius

Contact us