Are you sure that your company is currently not under attack or that you have not been compromised?
Are you looking for an out-of-the-box solution to pro-actively identify indicators of malicious activities, and have a chance to stop attacks at an early stage?
Do you want to gain awareness of your network and system topologies?
What does it include
Our BIA framework provides detailed analysis of your network infrastructure to identify potentially compromised systems;
Our proprietary collection script has been built to fit industry requirements and expectations; it has no impact on production capabilities and does not require any installation.
Key benefits
Prevent your data from being stolen and protect your environment against security breaches.
Incident Management
Your challenges
Are you willing to strengthen your organisation’s ability to detect, respond to and recover from security incidents?
Do you need immediate assistance to respond to a serious incident?
What does it include
Definition of a full incident management framework (policies and procedures) covering the entire incident lifecycle: incident detection, classification, response and recovery;
Definition of incident response playbooks which describe the actions to be taken for each type of common incident;
Assessment of your organisation’s incident response management capabilities;
Assistance in responding to major security incidents;
Assistance in managing public relations (e.g. with the media) and reporting incidents to national authorities (e.g. CNPD);
Specialist training for incident response teams.
Key benefits
Reducing the financial, reputational and legal impact of security incidents.
Forensics
Your challenges
Do you have suspicions of unusual user activity?
Do you need to investigate into the causes of a security incident?
Do you need evidence for the establishment, exercise or defence of legal claims?
What does it include
Forensic analytics and digital investigation into unusual behaviours, etc.;
eDiscovery: review of unstructured and structured data;
Compliance audit and reporting to authorities;
Assistance in conducting interviews with suspects;
Assistance in court / disputes and claims;
Information integrity checks (e.g., modification of security logs).
Key benefits
Experienced technology experts with internationally-renowned certifications (Certified Forensic Examiners/Analysts (SANS FOR508 and FOR500);
Our team relies on certified forensics tools (Cellebrite, etc.);
Our reports can serve as evidence in court.
Crisis management team exercise & training
Your challenges
Deliver the exercise starting by a rapid briefing meeting and longer debriefing meeting with PwC experts.
What does it include
On the day of the event, the Company will be in charge of arranging and coordinating the attendance at the exercise by having appropriate personnel in our PwC Experience Center or their premises;
Upon arrival, the participants will be briefed by our facilitators on the play rules;
Our facilitators will frame the agreed exercises while capturing observations and learning points, which will support the debriefing afterwards. They will also perform an ongoing adjustment should the participants be blocked at some point;
The session will be facilitated by at least 2 PwC experts and will be observed by our communication expert in a separated room. Other experts (e.g. cameraman, producer PwC experience center staff, …) will only be there in shadow.
Key benefits
Facilitation of the exercises including advice and guidance relating to crisis management and business continuity.
Vulnerability management
Your challenges
Are you aware of the vulnerabilities of your information systems and how critical they are?
Are you managing vulnerabilities in compliance with the latest regulations (e.g., CSSF Circular 17/655)?
Have you already assessed the effectiveness of your patch and vulnerability management processes?
Do you want to evaluate your exposure to the latest vulnerabilities?
What does it include
Regular scans of your externally exposed systems and internal infrastructure, performed either remotely or using a stand-alone system;
Remediation actions tailored to your context.
Key benefits
Reduced risk of attacks exploiting known vulnerabilities (e.g. WannyCry);
Standardised level of technical security across the organisation;
Scanned data remains in our Luxembourg-based data centre.
CSIRT (Computer Security Incident Response Team)
Your challenges
Do you know how to react to an IT incident?
Have you recently lost important data or been victim of a leak?
Have you noticed suspicious activity on your network?
Have you been targeted by an advanced cyberattack?
Do you have an emergency recovery plan?
Do you need to conduct a digital investigation?
What does it include?
Organisational
Develop and execute an incident response plan
Coordination and communication
Aligned with business departments whenever fraud is detected
Lessons learned, roadmap, executive workshops
Technical
Identification and triage if required
Containment of the incident perimeter
Information collection
Root-cause analysis
Eradication
List/overview of all actions taken
Forensics
Evidence collection
Malware analysis
Reverse engineering of malicious code
Exhaustive reporting in compliance with legal requirements
Fraud investigation
Key benefits
We help you adapt your structure and procedures and be ready to handle IT incidents
We help you prepare against potential incidents but also provide support in handling an ongoing cyber-crisis
We have the expertise required to investigate technically advanced cyberattacks, to properly handle and document digital evidence and to help your business recover as quickly as possible