Strategy & Transformation

In order to succeed, the security and privacy of an organisation require a strong strategy that supports the organisation’s goals and strengthens its customer confidence. In addition to goals, the strategy consists of those abilities that are needed as the basis of your organisation’s security and privacy programme.

A good strategy also takes into consideration any actions needed for integrating security and privacy into the organisation’s operation and supply chain. A well-designed strategy allows successful change and development of operations.

Cybersecurity: Strategy for an evolved ecosystem

PwC partners David Burg, Michael Compton, and Adam Gutstein share their experiences on moving security beyond four walls and into the extended ecosystem.

loading-player

Playback of this video is not currently available

Designing and updating security and privacy strategies

We help organisations identify the keys to their success. What do security and privacy mean for us specifically? What are our goals? How should we organise ourselves? What abilities do we already have and where do we need to develop? How does our strategy respond to various future scenarios? How do we measure success? These questions, among others, create a basis for a company’s security and privacy strategy. Our experts will create a clear path for your organisation to help survive the challenges of the operating environment.

Completion of change projects and evaluations of development projects

We will assist you when your organisation’s management and administration of security and privacy are in need of holistic development. In our work, we consider the goals and basic tasks of organisations and the principles guiding their operation. With these things in mind, we will identify the current state of the organisation’s security and privacy and the necessary development targets, design the contents of development projects for organisations and help them integrate developments into their operation.

Is your organisation’s security and privacy development project appropriate? Are we doing the right things and are we doing them right? We assist organisations in the evaluation of existing security and privacy projects. We report on the evaluation clearly and with quality to make it as effortless as possible for the company to make decisions about any corrections.

Continuous development of security and privacy awareness and culture

Efficient security and privacy management takes into consideration not only the technology and processes but also the people. Even the best management system or technical solution will not be enough if the organisation is not committed to abiding by the management system. Staff need to know how to act safely in their everyday work, and management needs to understand what kinds of consequences inadequate security practices may have for the company’s reputation and valuation, for example.

We help organisations develop their safety culture and to design, implement and measure their development programme.

Management of threat intelligence and new technologies

Continuous and effective maintenance of a security and privacy management system consists of several elements. One of these elements is the management of threat intelligence. We help organisations understand the current state of Cyber security from the attacker’s perspective. Our service brings organisations understanding related to the strengths and weaknesses most crucial for Cyber security. By utilising this information, organisations will be able to adjust their security measures and controls to match the current situation.

We also help organisations understand the risks and opportunities related to the adoption of new technologies. How does the adoption of cloud services endanger or improve the organisation’s security and privacy? Which things should be considered regarding the security of IoT devices? What about the adoption of blockchain, robotics or artificial intelligence? We support organisations in ensuring the secure utilisation of new technologies.

Security and privacy measurement and reporting

In an increasing number of organisations, the management, board and the most important stakeholders want to know how the organisation’s security and privacy are managed and is the management system operating efficiently. Requirements related to security and privacy and the accountability stipulated in privacy legislation require an ability to report on the overall state of the organisation’s security and privacy to management and customers. We help our customers create cyber and privacy metrics framework and a holistic set of KPI’s and to identify the capabilities needed for implementing measurement and reporting. We also offer support in the completion of processes and their adoption.

 

Contact us

Jani Arnell

Jani Arnell

Director, Cybersecurity & Privacy Leader, PwC Finland

Tel: +358 (0)20 787 8844

Jörgen Jansson

Jörgen Jansson

Security and Privacy, PwC Finland

Tel: +358 (0)50 590 0662

Stay connected