Latest posts from Cyber security updates Join us on LinkedIn PwC UK YouTube channel Subscribe to our RSS feed Join us on Facebook Follow PwC on Twitter

02 February 2017

Asset-based defence – defending what really matters

By James Hampshire & Simon Borwick Cyber security is, at its core, an exercise in protecting the things that matter. The value of the assets that “matter” to you and an attacker depend on who or what you are (and who and what your attacker is). At one end of...

27 January 2017

How easy would it be for criminals to exploit your organisation using ransomware: what's ahead in 2017?

By Paul Gribbon If 2016 saw a number of seismic changes on the political front, the cyber security arena has continued to evolve, albeit at a slightly slower pace. Last year I suggested that 2015 was the tipping point whereby most people could articulate the impacts of poor cyber security...

06 January 2017

How can organisations use guerrilla marketing to communicate cyber security messages?

By Balal Nadeem What is Guerrilla Marketing? Various studies have shown that the average attention span of a human being without being distracted is just eight seconds. Due to the digital age and the sheer volume of information individuals now have to process, the world of marketing has changed; marketing...

15 December 2016

Have I opened a malicious file? Microsoft Excel vulnerability detection

By Iliyan Velikov During ongoing research into the latest potential threats we discovered a vulnerability in Excel and disclosed it promptly with the software vendor Microsoft. Upon requests we provided additional information to help Microsoft to develop a patch for this (CVE-2016-7262 is reserved for this vulnerability) which was released...

08 December 2016

Quantifying Your Cyber Risk (Part 1 of 3)

By Michael Woods Follow @woodsonsecurity Do you have confidence your residual risk is aligned to your risk appetite and your investment in cyber security is appropriately reducing your loss exposure? Cyber risk is one of the greatest risks facing the financial services industry, as highlighted recently in the Stocktake of...

21 November 2016

MoleRats: there’s more to the naked eye

By Bart Parys Follow @bartblaze There has been some recent news regarding the activities of a Middle Eastern threat group known as MoleRats (or Gaza Hackers Team)[1]. We are releasing this blog which contains indicators to help security professionals in detecting this activity. Please contact us on threatintelligence@uk.pwc.com and we...

21 October 2016

Nudging better security

By Max Klugerman Recently my colleagues Daisy McCartney and Edward Starkie in our Cyber Security Culture Team posted blogs about the important role that culture and employee behaviours play in supporting security objectives and the importance of storytelling in security engagement (click here to read: How to create a security...

14 October 2016

What does a good cyber strategy look like?

By Simon Borwick A good cyber security strategy not only sets out an organisation’s commitment to delivering effective cyber security, but how it is going to deliver it. However, whilst a security programme plan forms part of the strategy, it is not the only component: having a plan is not...

23 September 2016

Rethinking identity management

By Richard Mardling The world of enterprise identity management for the past 20 years has focused on the automation of the joiner-mover-leaver process (provisioning), driven primarily by a need to demonstrate operational efficiency. Very little attention has been paid to compliance and risk as they traditionally have been far more...

16 September 2016

How to use storytelling to create a culture of cyber security engagement

By Edward Starkie From storytelling traditions to the latest video games, there is no denying that the humble story has found ways to evolve and engage with different generations. However, it seems that the art of storytelling has not made its way into the IT security profession and as a...