Do the right people have the right access?

We spend so much time protecting our businesses from external threats, we often forget one of our greatest threats – insiders. As the number of internal and third party breaches continues to cause concern across organisations, the importance of managing who has access to what – to balance security with employee access to your systems - is critical. From May 2018, the General Data Protection Regulation (GDPR) will put customers and staff in control of their personal data, empowering them to choose how businesses and their third parties use their data. Where personal data is not treated correctly, individuals will have increased rights and can, in some instances, claim compensation. Regulators across the EU will have unprecedented power to enforce the legislation and impose hefty fines in instances of non-compliance.

Never before has preventing data loss been so important - your access governance plays an important part in your cyber security defences.

Service areas

Access governance

AccessAble is a cloud based solution which allows organisations to more easily manage user accounts and the rights they possess. AccessAble allows for anomalies to be easily identified, breaches flagged – all powered by a secure PwC cloud based server to protect your firm’s integrity.

Learn more

View more

IdAM strategy

We can help your organisation create a safer environment to operate by performing Identity and Access Maturity Assessments; Access Governance Strategy; Access Governance as a Service; Consumer Identity Strategy; IdAM Design and Implementation; Insider risk management.

View more

Privileged access management

In the world of cyber security, “privileged access accounts” are hot property for criminals. Privileged user accounts provide elevated access rights to critical systems and sensitive data; they are pervasive throughout the organisation and can include applications, systems or individual user accounts. These accounts are a powerful lure to malefactors because elevated access can enable them to gain a foothold on a corporate system and then stealthily move throughout the network to compromise other systems within the breached environment. Successful management of these privileged accounts (also known as administrative accounts) allow organisations like yours to keep their most sensitive data safe.

View more

Consumer identity management

Consumer identity management allows you to control your consumers’ digital persona when they engage with you as a provider, through whatever channel. The consumer (user of products and services) and provider (deliverer/maker of products and services) relationship is a delicate one, which needs trust to ensure that the right amount of personal characteristics or preferences are shared, used for an agreed and transparent purpose and support a positive consumer experience. Consumers will have different requirements for the means by which they wish to engage with providers, depending on the context. These need to be built into consumer/provider interactions and a mutuality of benefits needs to be built through a willing buyer/willing seller digital exchange.

View more


Responding to a cyber-attack and fostering cyber resilience within your organisation

At the recent InfoSecurity Europe conference held at Olympia, London, we were asked to facilitate a live incident response scenario to a cyber-attack. We asked leading subject matter experts to join us on stage and play the roles of senior management who are most likely to be involved in handling an organisation’s response to an attack.

Start adding items to your reading lists:
Save this item to:
This item has been saved to your reading list.

Contact us

Richard Horne
Cyber Security Partner, PwC United Kingdom

Richard Mardling
Identity & Access Management - Director, PwC United Kingdom
Tel: +44 (0)77 1158 9047