Incident and threat management

Breach Indicator Assessment

Your challenges
  • Are you sure that your company is currently not under attack or that you have not been compromised?
  • Are you looking for an out-of-the-box solution to pro-actively identify indicators of malicious activities, and have a chance to stop attacks at an early stage?
  • Do you want to gain awareness of your network and system topologies?
What does it include
  • Our BIA framework provides detailed analysis of your network infrastructure to identify potentially compromised systems;
  • Our proprietary collection script has been built to fit industry requirements and expectations; it has no impact on production capabilities and does not require any installation.
Key benefits
  • Prevent your data from being stolen and protect your environment against security breaches.

Incident Management

Your challenges
  • Are you willing to strengthen your organisation’s ability to detect, respond to and recover from security incidents?
  • Do you need immediate assistance to respond to a serious incident?
What does it include
  • Definition of a full incident management framework (policies and procedures) covering the entire incident lifecycle: incident detection, classification, response and recovery;
  • Definition of incident response playbooks which describe the actions to be taken for each type of common incident;
  • Assessment of your organisation’s incident response management capabilities;
  • Assistance in responding to major security incidents;
  • Assistance in managing public relations (e.g. with the media) and reporting incidents to national authorities (e.g. CNPD);
  • Specialist training for incident response teams.
Key benefits
  • Reducing the financial, reputational and legal impact of security incidents.

Forensics

Your challenges
  • Do you have suspicions of unusual user activity?
  • Do you need to investigate into the causes of a security incident?
  • Do you need evidence for the establishment, exercise or defence of legal claims?
What does it include
  • Forensic analytics and digital investigation into unusual behaviours, etc.;
  • eDiscovery: review of unstructured and structured data;
  • Compliance audit and reporting to authorities;
  • Assistance in conducting interviews with suspects;
  • Assistance in court / disputes and claims;
  • Information integrity checks (e.g., modification of security logs).
Key benefits
  • Experienced technology experts with internationally-renowned certifications (Certified Forensic Examiners/Analysts (SANS FOR508 and FOR500);
  • Our team relies on certified forensics tools (Cellebrite, etc.);
  • Our reports can serve as evidence in court.

Crisis management team exercise & training

Your challenges
  • Deliver the exercise starting by a rapid briefing meeting and longer debriefing meeting with PwC experts.
What does it include
  • On the day of the event, the Company will be in charge of arranging and coordinating the attendance at the exercise by having appropriate personnel in our PwC Experience Center or their premises;
  • Upon arrival, the participants will be briefed by our facilitators on the play rules;
  • Our facilitators will frame the agreed exercises while capturing observations and learning points, which will support the debriefing afterwards. They will also perform an ongoing adjustment should the participants be blocked at some point;
  • The session will be facilitated by at least 2 PwC experts and will be observed by our communication expert in a separated room. Other experts (e.g. cameraman, producer PwC experience center staff, …) will only be there in shadow.
Key benefits
  • Facilitation of the exercises including advice and guidance relating to crisis management and business continuity.

Vulnerability management

Your challenges
  • Are you aware of the vulnerabilities of your information systems and how critical they are?
  • Are you managing vulnerabilities in compliance with the latest regulations (e.g., CSSF Circular 17/655)?
  • Have you already assessed the effectiveness of your patch and vulnerability management processes?
  • Do you want to evaluate your exposure to the latest vulnerabilities?
What does it include
  • Regular scans of your externally exposed systems and internal infrastructure, performed either remotely or using a stand-alone system;
  • Remediation actions tailored to your context.
Key benefits
  • Reduced risk of attacks exploiting known vulnerabilities (e.g. WannyCry);
  • Standardised level of technical security across the organisation;
  • Scanned data remains in our Luxembourg-based data centre.

Contact us

Koen Maris

Cybersecurity Leader, PwC Luxembourg

Tel: +352 49 48 48 2096

Frédéric Vonner

Privacy Leader, PwC Luxembourg

Tel: +352 49 48 48 4173

Follow us