Cyber Threat Intelligence

Do you have the intelligence needed to inform your cyber security operations and strategy? 

For many organisations, security can feel like a game that is almost impossible to win. The rules have changed and opponents are patient, well funded and increasingly sophisticated in the tools and techniques they have at their disposal.

To add further strain, security and IT teams are often relying on multiple disparate intelligence technologies and consuming huge volumes of raw data feeds, distorting their visibility of the critical threats targeting their organisation.

It is important that organisations work directly with a threat intelligence partner that has the in house skills, resources and expertise needed to provide both technical and strategic support at each stage of their threat intelligence journey.

How can we help?

Our threat intelligence portfolio includes a range of services to cater for organisations at various stages of their threat intelligence maturity - whether they are developing an in house threat intelligence function, supplementing their existing function with threat data feeds or outsourcing the entire collection, analysis and distribution of threat intelligence.

Key benefits:

  • Make informed risk based decisions - based on a strategic outlook on the threat landscape for specific sectors, geographies and markets.
  • Provide timely technical details on new and innovative attacks - allowing you to understand your threat profile and hunt for evidence of compromise on your network.
  • Direct access to our threat intelligence team - to help you develop and design appropriate mitigations for new threats, and support you and your in house security team when it matters most.
  • In depth global visibility of threat landscape - intelligence derived through research conducted by our in house experts, and informed by our global incident response services and both open and closed sources.

What’s included?

Threat intelligence subscription

Access to a range of tactical and strategic reporting to help you make informed risk based decisions, as well as high confidence threat data to feed directly into your security operations.

Threat intelligence reporting:

  • Technical reporting on new targeted attack campaigns.
  • Strategic reporting on a regional, sector and threat actor basis.

Threat intelligence data:

  • High confidence feed of single value indicators associated with targeted attacks.
  • Contextualised with relationships to threat actors, reports and other indicators.
  • Accurate network IDS and disk detection signatures.
  • Formats supported include Suricata, OpenIOC and YARA.

View more

Threat intelligence monitoring

Continuous bespoke, focused research which augments our subscription services:

  • Dark web forum monitoring - ongoing keyword based monitoring of a wide variety of dark web and closed cyber crime forums for discussion of, or indications of targeting your sector and organisation. 
  • Credential leakage monitoring - keyword based searches of credential dumps obtained from open source paste sites, data dumps, botnet command and control servers etc., so that action can be taken to prevent usage against your organisation.
  • Domain monitoring - keyword monitoring for new domains infringing your brand, new subdomains from unrelated domains, and a wide variety of typosquatting and other permutations.
  • Open source and social media monitoring - we monitor public forums, mainstream media and social content for negative news or sentiment and discussion of your brand to identify potential issues, escalating high priority findings to you.
  • Corporate digital estate monitoring - continuous discovery and monitoring of corporate sites to understand and minimise external attack surface. This includes reports on specific vulnerabilities, defacement monitoring and rogue site content. 

View more

Directed research & assessments

  • Bespoke research – reporting on threat actors, campaigns, malware or malicious indicators of interest.
  • Ad hoc analysis – e.g. malware and spear phishing email analysis, including IDS and host based signature development.
  • Analysis support – when required, we can provide second and third line intelligence support to assist with complex triage and incident response investigations.

View more

Consulting services

Services which enhance your ability to consume, apply or produce intelligence:

  • Maturity assessment - analysis of current threat intelligence capability, measured against best practice and standards.
  • Threat intelligence programme development – our team has years of experience in developing intelligence capabilities. We offer services which can assist you in the creation or enhancement of your own threat intelligence capability, by combining our technical expertise with practical and actionable business strategy.
  • Threat modelling – mapping relevant threat actor intent and capability to IT environments.

View more

Why PwC?

  • In depth global visibility of the threat landscape - threat intelligence gleaned in over 40 countries worldwide from our own incident response engagements.
  • We understand your business environment - our research goes beyond purely technical data and includes strategic intelligence, tailored towards informing business decisions and higher level security strategy. 
  • Informed and unique intelligence - all of the intelligence derived through research conducted by our in house experts, informed by our global incident response services and both open and closed sources. 
  • Subject matter experts - our technical research team comprises a blend of expert malware, intrusion and cyber intelligence analysts working alongside geopolitical and strategic research analysts. Our team members have diverse language skills including Mandarin, Cantonese, Arabic and Russian.

Find out how we can help your organisation

Submit your details below and we'll contact you to arrange a conversation

By submitting your information, you acknowledge that we may send you material relevant to your interests.
Please see our privacy statement for details of why and how we use personal data and your rights (including your right to object and to stop receiving marketing communications from us). To stop receiving marketing communications from us, click on the unsubscribe link in the relevant email received from us or send an email to unsubscribe@uk.pwc.com.

Contact us

Kris McConkey

Cyber Threat Operations Lead Partner, PwC United Kingdom

Tel: +44 (0)7725 707360