Latest posts from Cyber security updates Join us on LinkedIn PwC UK YouTube channel Subscribe to our RSS feed Join us on Facebook Follow PwC on Twitter

24 March 2017

One size doesn’t fit all: sustainable security isn’t just about following frameworks

By Simon Borwick, Director, PwC Cyber Security & Data Privacy A casual look through many of the articles published on security improvement every week will leave you reeling under a weight of acronyms and abbreviations: the long list of available security frameworks, from NIST 800 to the Cyber Security Essentials....

17 March 2017

Connected Homes - what are the cyber security and data privacy challenges?

By Niko Kalfigkopoulos and William Blackwell – Energy, Utilities & Mining Cyber Security, PwC As energy suppliers delve deeper into Connected Home technology, the cyber security and data privacy risks are becoming increasingly apparent. These risks broadly fall into two categories: risks to systems and risks to data. Risks to...

02 February 2017

Asset-based defence – defending what really matters

By James Hampshire & Simon Borwick Cyber security is, at its core, an exercise in protecting the things that matter. The value of the assets that “matter” to you and an attacker depend on who or what you are (and who and what your attacker is). At one end of...

27 January 2017

How easy would it be for criminals to exploit your organisation using ransomware: what's ahead in 2017?

By Paul Gribbon If 2016 saw a number of seismic changes on the political front, the cyber security arena has continued to evolve, albeit at a slightly slower pace. Last year I suggested that 2015 was the tipping point whereby most people could articulate the impacts of poor cyber security...

06 January 2017

How can organisations use guerrilla marketing to communicate cyber security messages?

By Balal Nadeem What is Guerrilla Marketing? Various studies have shown that the average attention span of a human being without being distracted is just eight seconds. Due to the digital age and the sheer volume of information individuals now have to process, the world of marketing has changed; marketing...

15 December 2016

Have I opened a malicious file? Microsoft Excel vulnerability detection

By Iliyan Velikov During ongoing research into the latest potential threats we discovered a vulnerability in Excel and disclosed it promptly with the software vendor Microsoft. Upon requests we provided additional information to help Microsoft to develop a patch for this (CVE-2016-7262 is reserved for this vulnerability) which was released...

08 December 2016

Quantifying Your Cyber Risk (Part 1 of 3)

By Michael Woods Follow @woodsonsecurity Do you have confidence your residual risk is aligned to your risk appetite and your investment in cyber security is appropriately reducing your loss exposure? Cyber risk is one of the greatest risks facing the financial services industry, as highlighted recently in the Stocktake of...

21 November 2016

MoleRats: there’s more to the naked eye

By Bart Parys Follow @bartblaze There has been some recent news regarding the activities of a Middle Eastern threat group known as MoleRats (or Gaza Hackers Team)[1]. We are releasing this blog which contains indicators to help security professionals in detecting this activity. Please contact us on threatintelligence@uk.pwc.com and we...

21 October 2016

Nudging better security

By Max Klugerman Recently my colleagues Daisy McCartney and Edward Starkie in our Cyber Security Culture Team posted blogs about the important role that culture and employee behaviours play in supporting security objectives and the importance of storytelling in security engagement (click here to read: How to create a security...

14 October 2016

What does a good cyber strategy look like?

By Simon Borwick A good cyber security strategy not only sets out an organisation’s commitment to delivering effective cyber security, but how it is going to deliver it. However, whilst a security programme plan forms part of the strategy, it is not the only component: having a plan is not...