Cybersecurity and Privacy

Issue and challenges

Risk and Reputation

• Increase in sophisticated attacks because the value of data is now recognized
• Increased risk of organized crime, “hactivism”, and cyber-terrorism
• Increased media attention, and therefore brand risk, related to cyber attacks
• Increased attention for security and privacy at Board and Audit Committee levels
• Growing concern by consumers and regulators related to privacy 

Adoption of new technologies

• Mobile devices contain troves of sensitive business information and are often not well-controlled
• Organizations are becoming socially aware and active
• The boom of Big Data is colliding with increased concerns and awareness over privacy
• Speed to market in the  Internet of Things realm can have unintended and expensive  security and privacy consequences 

Organizational Change

• Mergers and acquisitions are on the rise
• Hyper-connected, borderless technology and business environments are increasing
• There is a rise in off-shoring models and increased reliance on third-parties to drive cost efficiencies
• Many organizations experience difficulty finding and retaining highly skilled security and privacy resources

Regulatory Compliance

• Implemented privacy rules and regulations in the Philippines and increased complexity of global privacy and regulatory mandates
• Increased need for integrated privacy and security to facilitate compliance with multiple regulatory requirements
• Regulators are imposing substantial fines and penalties for non-compliance

How we can help

Security and Privacy Strategy

• Cybersecurity and privacy strategy, maturity assessments and roadmap development
• Information technology, security, compliance, and privacy risk and maturity assessments

Data Privacy Programs

• Design, build and implement Privacy  Office capabilities
• Cross-industry privacy  program development
• Cross Border and global privacy management

Information & Technology Risk 

• Cloud computing/social media strategy and risk/security/privacy assessments
• Mobile computing and BYOD strategy assessments
• Identity and Access Management risk and control assessments

Regulatory & Policy Compliance Assessment

• Regulatory compliance readiness assessments such as PCI-DSS, Data Privacy Act, BSP Circular 808
• Framework-based technology risk assessments: ISO 27001/2, COBIT, NIST Cybersecurity Framework

Technical Security Review

• Third party security and risk management
• Technical security and diagnostic reviews
• Penetration testing and vulnerability assessments 

Security Analytics

• Centralized cloud-based architecture
• Google Cloud Platform
• Scalable real-time analytics
• Threat Intelligence Fusion Center (TIFC)
• Dedicated Threat Intelligence Research Team
• PwC Advanced Security Operation Centers (ASOCs)
• Incident & workflow management

Value delivered and benefits realized

Strategic Approach

• Insights into the design and effectiveness of your cybersecurity and privacy program 
• Security and privacy program alignment with business goals, objectives, and priorities

Defensible Security and Privacy Posture

• Enhanced understanding of cyber threat landscape and ability to prevent, detect, and respond 
• Improved privacy consideration  to prevent missteps among consumers and regulators

Proactive & Improved Risk Management

• Strategies and controls for introduction  (and opportunities and threats) of emerging technologies
• Better insights and control over the handling of data by third party vendors
• Continuous threat monitoring and information sharing

Greater Confidence

• Increased shareholder value
• Stronger assurance for Boards and Audit Committees