Cybersecurity & Privacy

Balancing security and opportunity to move forward boldly

Data analytics

Focus on cybersecurity and privacy to achieve your goals

As companies pivot toward a digital business model, exponentially more data is generated and shared among organizations, partners and customers. This digital information has become the lifeblood of the interconnected business ecosystem and is increasingly valuable to organizations—and to skilled threat actors. Business digitization also has exposed companies to new digital vulnerabilities, making effective cybersecurity and privacy more important than ever.

PwC offers services that address challenges which relate to cybersecurity and privacy threats, organizational changes, and regulatory requirements for organizations.

Key issues

Increased risk of organized crime, hacktivism, and cyber-terrorism

As organizations switch to digitization of information, the digital landscape becomes a new attack vector for crime, activism, and terrorism. Critical information that pass through the cyber landscape provide malicious actors a trove of valuable data which they can obtain illegally and use for their own purposes.

Network Security

Web Application Security

Systems Security

Increased media attention that leads to brand risk, related to cyber attacks

As organizations widely use web and mobile applications to spread information and promote their organizations, this has become an attack vector used by malicious actors focusing on defacement, man-in-the-middle attacks, or stealing of customer information which may lead to reputational damages to the organization.

Web Application Security

Mobile Application Security

Systems Security

 

Hyper-connected, borderless technology and business environments

Interconnection of devices and the internet made it easy for organizations to reach out to their customers and its employees, but this setup presents security concerns in the network of the organization. Malicious actors can use vulnerabilities in these areas to gain unauthorized access and obtain company and customer information.

Network Security

Web Application Security

Mobile Application Security

Difficulty finding and retaining highly-skilled security resources

As cyber attacks become more complex, fewer talents and resources are able to cope up with these newer threats. Organizations put in constant effort to strengthen their cybersecurity defenses, policies, and practices by relying on knowledgeable personnel who knows how cyber attacks work.

ISO Lead Auditor Secondment

Cybersecurity Professional Secondment

Security Awareness Trainings

Increased number and complexity of privacy and regulatory mandates

Governments want organizations to comply with strict regulatory requirements to protect customer Personal Identifiable Information (PII) from malicious actors the cause data leakage and breaches.

Vulnerability Assessment and Penetration Testing

Security Awareness Trainings

Imposing of fines and penalties for non-compliance

Connected with governments imposing regulatory requirements to organizations, they impose heavy fines and penalties to those who do not comply with these regulations. Organizations are required to protect customer information not only for the resilience of the organization, but also as required by the law.

Vulnerability Assessment and Penetration Testing

Security Awareness Trainings

Increased need for privacy and security for compliance with regulatory requirements

Organizations need to address both the resiliency of the business to cyber attacks whilst addressing the regulatory requirements of the government on organizations. This addresses both the operational and compliance aspects of cybersecurity resilience.

Vulnerability Assessment and Penetration Testing

Security Awareness Trainings

How we can help

Vulnerability Assessment and Penetration Testing (VAPT)

Perform black-box to gray-box Vulnerability Assessments on the client network, web application, mobile application, wireless LAN connection, VoIP devices, servers and workstations, whichever covers the requirements of the organization, to identify weaknesses and subsequently perform Penetration Testing to check if publicly-available and advanced exploits can be used on these vulnerabilities to obtain, perform unauthorized transactions, or exfiltrate critical data from the organization. Report these weaknesses and exploits to client management and work with the IT department to remediate and retest these observations.

Learn more



Social Engineering

Perform campaigns or simulations which assess the social engineering awareness of an organization’s employees by testing how will the employees react in case a social engineering attack is conducted to them. This scope also includes the assessment of implemented security hygiene in the organization, tolerance to unauthorized physical intrusion, and conducting security awareness trainings as required or requested by the organization for their employees.

Data Privacy Services

Perform data privacy services which include system and DPO Registration, Privacy Compliance Advisory, Privacy Impact Assessment, Privacy Assessment , Development of PIMS Manual and Policies, Data Privacy Awareness Training, and Staff Augmentation to ensure a comprehensive process of safeguarding personal information, maintaining regulatory compliance and mitigating privacy risks associated with data handling.

Learn more

Contact us

Maria Rosell S. Gomez

Maria Rosell S. Gomez

Risk Assurance Leader, PwC Philippines

Tel: +63 (2) 8845 2728

Mark Anthony P. Almodovar

Mark Anthony P. Almodovar

Risk Assurance Executive Director, PwC Philippines

Tel: +63 (2) 8845 2728

Eugene Jerome V. Tan

Eugene Jerome V. Tan

Risk Assurance Director, PwC Philippines

Tel: +63 (2) 8845 2728

John Luke Chua

John Luke Chua

Risk Assurance Assistant Manager, PwC Philippines

Tel: +63 (2) 8845 2728

Marvin Guerrero

Marvin Guerrero

Risk Assurance Assistant Manager, PwC Philippines

Tel: +63 (2) 8845 2728

Required fields are marked with an asterisk(*)

By submitting your email address, you acknowledge that you have read the Privacy Statement and that you consent to our processing data in accordance with the Privacy Statement (including international transfers). If you change your mind at any time about wishing to receive the information from us, you can send us an email message using the Contact Us page.

Hide