Given recent high profile events in both the private and public sector, information and cyber security has never been higher on the board agenda. Reputation, trust and brand value can all be seriously affected by information loss and theft.
Recent events have often erroneously been attributed to technology issues, and while technology is one of the key components to better information and cyber security, equal attention needs to be paid to people & organisation, culture and processes.
Are you prepared?
In addition to the loss of consumer and citizen trust, loss and reputation and brand erosion, the Information Commissioners Office (ICO) has also recently been granted enhanced powers, with legislation giving the ICO the power to impose substantial fines on offenders to the Data Protection Act. Additionally, in the financial services sector, the Financial Services Authority (FSA) is clamping down and gaining more power to penalise businesses and organisations for both individual and systematic failures.
PwC brings a multi-disciplinary approach to information and cyber security, addressing the key components of strategy, people, process, technology and compliance. We recognise that the 'one-size-fits all' approach does not work, as it fails to take account of an organisation's strengths and weaknesses, and what makes sense in both the short and long term.
One thing we are clear about from our experience is how 'tone at the top' will have a dramatic impact on the rest of an organisation, and we have considerable experience working with organisations to ensure this tone is effectively translated, articulated and measured at the front-line.
Our global network has more than 30 years experience, with over 200 information security professionals in our Information & Cyber Security UK network, and 3,500 globally in 153 countries. PwC’s approach to Information Security blends business insight with a broader view of risk. We help clients to exploit opportunities by understanding their business drivers, threats and building in appropriate security enablers. To do this we draw upon specialists in Strategy, Governance & Compliance, Technical Assurance, Threat and Vulnerability Management, Business Continuity & Crisis Management, Forensics and Legal often blending this with wider business skills from across PwC for maximum client value. PwC has gained an international reputation for its technical expertise and strong security skills in strategy, design, implementation and assessment services, and as such, was recognised as a leader in the Information Security And IT Risk Consulting field by Forrester Wave in 2009.
Are you playing the game?