We get that you are worried about cyber security

All businesses are under attack. Today, the sheer volume and concentration of data, coupled with an ever increasing dependency on IT, increases your exposure to cyber attacks. 

But, cyber security isn't just about technology. It involves people, information, systems, processes, culture and physical surroundings. It's about a secure environment where your business can leverage technology and remain resilient in the event of an attack. The impact could be significant disruption, loss of earnings, reputational damage and potential fines. All of these are critical when you're competing in a crowded business landscape.

Private businesses are particularly attractive to hackers. While you grow and expand your business, your basic cyber defences may not be adequate and one simple oversight can make you a target for cyber criminals.

97% of organisations are currently addressing cyber security breaches; 46% of UK businesses identified cyber security breaches or attacks in the last year

But, how do I know if my business is vulnerable to cyber attack?

The answer is that every business will have some vulnerability and you might have already had a breach and may not know about it. Keeping ahead of the hackers is impossible but with some proactive work and support you can significantly reduce the likelihood of your businesses suffering a cyber attack.

We know that some of the key questions private businesses have on cyber security are:

  • How do I better protect my business?
  • Would I be able to handle a cyber attack?
  • How can I use investment in security as a sales tool?
  • Is my business being targeted by cyber criminals?

So, how can we help?

We’ve created a cyber security assessment service that helps you begin to answer these questions and is tailored for private businesses. Managing cyber risk effectively isn’t just a technology issue, it’s a combination of people, process and technology. We will help you understand your cyber vulnerabilities by looking at all three aspects.

How does it work

We combine an assessment of your technical cyber risks with user education and a review to assess the people and process risks. This provides an end to end assessment of cyber security. Our work also provides you with an industry recognised cyber rating for your business that you can share with key stakeholders. The four aspects of the service are outlined below:


PwC cyber security assessment for private businesses: External security perspective - Simulated phishing attack - Broader cyber assessment - Cyber rating and benchmark

We will conduct a technical assessment of your internet-facing IT systems such as websites and IP addresses, using industry-leading tools to help identify any vulnerabilities with these.

We will conduct a phishing attack on your employees, using two phishing scenarios, and record the success rate. This will help identify where training and support with education and awareness is required. 

We will conduct a cyber security assessment of people and processes in line with good practice standards and use this to help identify any broader cyber risks at your business. We will also use a self assessment to inform this process and do validation questioning.

We will provide you with an independent and internationally recognised cyber rating for your organisation that can be shared with third parties. We will also conduct a cyber benchmarking exercise.

Contact us

Asam Malik
Director (Cyber Security) , PwC United Kingdom
Tel: 07932 012997

Colin Slater
Regional - Cyber Security Lead Partner, PwC United Kingdom
Tel: +44 (0) 7711 589065

Follow us