Can you effectively detect and respond to cyber security threats?

We offer a range of solutions to ensure that your organisation remains one step ahead and can respond effectively in the most challenging of situations. We work closely with a range of organisations on all points across the cyber security threat maturity curve – from those who are just getting started and need forensic readiness assistance, to businesses who are already world-class and are ready to design their own fusion cell.

Service areas

Threat intelligence

Threat intelligence helps organisations to proactively protect themselves against the risk of cyber attacks; our team helps organisations obtain timely insight into threat actors and their capabilities, to inform an effective and intelligent defence.

Threat Intelligence Subscription Services

Our threat intelligence research comprises both technical and strategic reporting. Our subscription services are complemented by Terrain Intelligence, which uses large-scale analytics to collect, contextualise and fuse both structured and unstructured data in order to support threat intelligence collection and analysis.

Threat Profiling

Many organisations struggle to understand which threat actors might target their ‘crown jewels’. We can review your business, geographies and profile in order to understand and document the nature of the cyber threats that you face.

Threat intelligence consulting

We can help you create your own threat intelligence capability, by combining our technical expertise with practical and actionable business strategy.

Threat Modelling

We work to analyse how relevant threats would navigate your infrastructure and we can identify and target control deficiencies.

View more

Threat detection

There is often one common denominator in targeted cyber attacks: digital evidence was present in the environment long before the victim became aware of the issue.

Our experience responding to intrusions around the world shows that targeted threat actors often maintain remote access to an environment for 6-18 months before being detected. Unfettered access can linger on for years and sometimes is never detected.

Artefacts of these active threats can be detected from a number of key sources, for each of which we have developed sophisticated and robust detection, triage and analysis techniques. In doing so we leverage both strategic alliance partners, and our proprietary monitoring technologies.

Using these techniques and technologies we can scan your environment for a range of cyber security threats as a part of a compromise discovery exercise, which we can deliver as either a point in time assessment or as an ongoing managed service.

View more

Incident response

Cyber security incidents have become inevitable; the result of our increasingly interconnected and technology-enabled world. As the increasing frequency of high-profile breaches shows, no organisation is immune. It's important you're prepared - whatever your industry, location or organisation size.

Discover more about our incident response services here.

View more

Crisis management

Our approach to Crisis management is outlined in the three below areas:

  • Prepare - before a crisis happens
  • Respond - rapidly and effectively from day one
  • Recover - get back to business and embrace the new normal

Learn more

View more

Managed detection and response

Our managed detection & response service responds to the growing demand of organisations seeking to improve their cyber threat response capabilities and management of operational risks.

There are a number of technologies that we deploy as part of this service, including but not exclusively limited to Tanium and SonarShock. Tanium is a market-leading endpoint threat detection solution, which we use to hunt for signs of malicious cyber activity. This process involves pushing our proprietary threat intelligence out to hundreds of thousands of endpoints rapidly, as well as pulling back data to analyse for signs of compromise. SonarShock is our proprietary network monitoring appliance, which uses our signature set to identify malicious cyber activity including, for example, targeted attacks. SonarShock also generates a high-quality data feed for our analysts to identify anomalous network activity.

View more

Security operations transformation

Conventional security controls can no longer handle emerging threats. We’ll help ensure your security operations capability is equipped for today, and prepared for tomorrow. Whether this is working with you to build a new capability, or transforming an existing capability, we’ll help ensure that you are effectively able to manage cyber threats in your environment. This might include:

  • Better leveraging and disseminating threat intelligence to realise tangible outcomes
  • Rationalising and integrating your technology stack
  • Supporting proactive and predictive security analytics using big data techniques
  • Providing 24x7 coverage of your environment through the development of a “follow-the-sun” model
  • Exploring labour arbitrage and other staffing opportunities

View more

Insights

How can insurance help bridge the gaps that traditional cyber defence and IT spending can’t?

An expert panel, including a cyber insurance underwriter, security expert and modeller, talked through some of the key steps and considerations that should be taken by companies to put them in the best possible position to understand their own cyber risk profile and how insurance can help them plug the gaps that traditional cyber defence and IT spending can’t.

Start adding items to your reading lists:
or
Save this item to:
This item has been saved to your reading list.

Responding to a cyber-attack and fostering cyber resilience within your organisation

At the recent InfoSecurity Europe conference held at Olympia, London, we were asked to facilitate a live incident response scenario to a cyber-attack. We asked leading subject matter experts to join us on stage and play the roles of senior management who are most likely to be involved in handling an organisation’s response to an attack.

Start adding items to your reading lists:
or
Save this item to:
This item has been saved to your reading list.

Contact us

Kris McConkey
Threat Detection & Response - Lead Partner, PwC United Kingdom
Tel: +44 (0)20 7804 2471
Email

Oliver Smith
Threat Detection & Response - Director, PwC United Kingdom
Tel: +44 (0)20 7212 6758
Email