Cybersecurity

An intelligent approach to digitization

Worried about cyberattacks? We’ll tackle your cyber anxieties!
Let’s build a secure digital society together.

Digital Operational Resilience Act (DORA)

The Digital Operational Resilience Act (DORA) is a new European framework for effective and all-inclusive management of digital risks in financial markets and applies to more than 22,000 financial entities and ICT service providers within the EU.​

More on DORA

Global Digital Trust Insights 2024

In its 26th year, PwC’s Global Digital Trust Insights is the longest-running annual survey on cybersecurity trends. It’s also the largest survey in the cybersecurity industry, reflecting the views of over 3,800 senior security, technology and business executives.

The reinvention and innovation that businesses are doing today connect more digital experiences using the latest tech tools. Cybersecurity should be right there at the epicentre, hence the theme of our 2024 survey. We have a C-suite playbook for those who dare to break cyber-as-usual.

Read the results here

Ransomware: Four issues to prepare for

Ransomware attacks make headlines again and again. Unfortunately, the reality is even grimmer. Most victims never appear in the media because they quietly give in and pay up. The threat is increasing because the hackers' methods are becoming more effective and their ransom demands are getting higher.

More on Ransomware (German)

PwC rated by Forrester as one of Europe’s leading cybersecurity consulting providers

“PwC surpasses its peers with platforms and board-relevant services”

The Forrester Wave™: European Cybersecurity Consulting Providers, Q4 2021

>> Find out more (DE)

Forrester Wave - European Cybersecurity Consulting Providers

Cybersecurity workshops: How would you respond to a threat?

Experience a cyber threat “live” and up-close together with your team

Game of Threats

A strategy simulation based on the real world: In this simulation we challenge business leaders and teams to make quick, highly effective decisions and test their readiness in the event of a cyberattack.

Contact us

Virtual Reality Cyber-Experience

Put your VR glasses on and you’ll find yourself in the middle of a crisis.

Your organisation is under attack and you need to decide what to do – quickly. Step into the role of the CEO, CFO or CISO. Can you cope with the pressure and take the right decision?

Contact us

We support you to protect your company against digital threats in the best possible way. To ensure the effectiveness of your cybersecurity, our experts evaluate your degree of readiness. We work together with you to create a risk-based plan of action and prepare effective defence measures to make sure your company is armed in the event of a cyberattack.

Cybersecurity is more than just technology and processes. We help our clients to make changes in security behaviours through security awareness. We help your staff to achieve the paradigm shift and make cybersecurity the DNA of all business processes.

Our services

Information security

Information security is an ongoing management process. For sustained, long-term information security, all parts of the company need to contribute – from employees and the information security officer through to management.

Our experts can support you with:

  • Status analysis of your information security

  • Security risk analyses to determine level of threats and required protection, as well as a risk-oriented package of measures (in accordance with ISO 27002, BSI baseline protection etc.)

  • Derivation of measures to secure IT infrastructure in accordance with company-specific needs and the required level of protection

  • Preparing or adapting security policies

  • All information processes will be optimally integrated into all parts of the company and business processes.

  • Certification of security and proper IT processes and ISMS in accordance with ISO 27001 or industry-specific certification such as TISAX.

Contact us:
Georg Beham        Peter Kleebauer

Privacy / Data protection

Companies face many challenges related to data protection. With our comprehensive portfolio of services, we support companies to design and implement control mechanisms within existing processes and control systems (e.g. ICS), as well as to implement all-round data protection management systems. In doing so, we refer to standardised control benchmarks and the data protection standards of data protection authorities.

Our experts can support you in the following areas:

  • strategy, governance and accountability

  • data processing and rights of the data subject

  • internal policies and related data protection processes

  • risk management and compliance

  • information lifecycle management

  • crisis management and data protection breaches

  • risk management in relation to third parties

  • data security (see also information security)

Contact us:
Georg Beham        Peter Kleebauer

Managed security services

Through the digitalisation of business processes, IT environments are becoming more complex. In parallel with increasing digitalisation, the risk of cyberattacks is growing, which increases the level of security required. In this way, companies are confronted with an increasing HR workload (building and increasing know-how), infrastructure and technical measures (protection measures, log management etc.), as well as security operation processes (false positive triage and incident response).

As a partner who understands technology and business, PwC provides managed security services (MSS) to companies, helping them to improve IT security and cut costs. Our clients profit from the international, multi-industry expertise of around 350 cyber experts within the PwC network in six European countries (Austria, Belgium, Germany, the Netherlands, Switzerland, Turkey).

Contact us:
Georg Beham        Philipp Mattes-Draxler

OT/ICS Security

OT security is essential to protect critical infrastructures and industrial processes from cyberattacks. Targeted implementation of OT security measures ensures the availability and integrity of OT systems and minimizes financial losses, production downtime and potential risks to people and the environment.

Our PwC OT security team supports you in the following areas, for example

  • Implementation of OT security hygiene assessments to determine your OT security maturity and derive an OT security roadmap
  • Establishment and operation of an OT Security Operation Center
  • Development of customized OT security guidelines and processes based on international standards such as IEC 62443-2-1
  • Conducting threat and risk analyses for your OT environment to identify vulnerabilities and threats
  • Derivation of measures to secure your OT environment in accordance with company-specific requirement profiles and protection needs.
  • Development of a robust and secure OT network architecture in accordance with international standards and good practices such as IEC 62443 and NIST 800-82.
  • Support with the selection. Implementation and operation of OT security solutions to detect anomalies and threats in your production facilities.
  • Support in the design, implementation and operation of risk-based vulnerability management for your OT systems
  • Support for your company in the event of security incidents

Learn more

Contact:

Wolfgang Gröller        Gerald Ortner

Technical security

PwC supports you during the entire lifecycle from early recognition and resolution of IT security threats to checks of applications and IT systems for vulnerabilities.

  • Are your systems and applications sufficiently protected against attacks (penetration testing / red team testing)?

  • Were threats considered and risks minimised when developing/introducing new IT systems (threat analysis / secure architecture / secure coding)?

  • Are your employees aware of the current threat level, and do they recognise threats early and report them via the appropriate channels (security awareness training / simulation phishing / social engineering)?

  • Has a simulation of a realistic attack been carried out to check your processes, staff, and protection measures (red team testing)?

We would be glad to support you to select the required services and prepare an individual proposal for you.

Contact us:
Georg Beham        Markus Sojer

Business continuity management

Maintaining or restoring critical business activities after an incident is of major importance for the resilience of a company. Significant disruptions of operations caused by major incidents or outages frequently cause financial and reputational damage. With an effective business continuity management (BCM) system, you can restore important services in a timely manner and avoid lasting damage.

BCM systems need to be based on organisational strategies, structures, and priorities, but should also be sustainable and adjust to changes. Our business continuity specialists help companies to establish a reliable and efficient BCM programme. In this way, BCM becomes an integral part of your company.

Learn more

Contact us:
Georg Beham
Michael Pummer

Digital identity

Digital identities are core components of digital services, which represent important information about individuals, data and devices. PwC supports you during the entire lifecycle from planning through to the implementation of Identity and Access Management (IAM) and Privileged Access Management (PAM) solutions.

Our experts can support you in the following tasks:

  • survey and analysis of the current situation

  • design and planning of IAM/PAM strategies

  • preparing of policies and controls

  • preparation and verification of role and authorisation concepts

  • advice on the selection of software providers and services

  • implementation and go-live of IAM/PAM solutions

  • identification of rights and roles within the company

  • implementation of network scans to recognise vulnerabilities and anomalies in relation to privileged accounts

 

  • quality assurance for IAM/PAM programmes

More on Digital Identity

 

Contact us:
Georg Beham       Florian Brunner

Cybersecurity workshops

How would you respond to a threat? Our experts offer you the opportunity to experience a cyber threat “live” and up-close together with your team.

Cybersecurity workshops:

  • Phishing simulation

  • Game of Threats

  • Virtual reality cyber experience

Contact us:

Contact us

Georg Beham

Georg Beham

Partner, PwC Austria

Tel: +43 732 611750