Cybersecurity and Privacy

IT and PA helps protect the client’s brand and reputation by delivering integrated IT solutions for cybersecurity and data privacy. We provide a comprehensive range of integrated services that help you assess, build, respond and manage your cyber security and data privacy capabilities, and efficiently respond to incidents and crises.


Understanding your capabilities and maturity to help you prioritise your investment

Cyber Governance Review

  • Cyber security diagnostic
  • Board-led Cyber maturity assessment
  • Identity access management assessments
  • Application Penetration Testing
  • Managed Services Contract review
  • BCM program assessment 
  • Business impact analysis and interruption risk assessment

Cyber Risk Assessments and Audits

  • Cyber Risk assessments modelling
  • Cyber war gaming, red teaming & cyber resilience assessments
  • Cyber compromise and breach discovery assessment
  • Cyber threat intelligence assessment
  • Vulnerability Assessment Penetration testing
  • Cyber Incident response maturity assessment
  • PCI readiness assessments

Outsource and Third Party Risk Assessment

  • Third party security risk management, including third party cloud assessments
  • SSAE 16 readiness assessments (for service providers)

Systems and Emerging Technology Focused Security Assessments

  • Robotics and Process Automation Controls Review
  • IoT assessments
  • Blockchain Security and functionality Assessment
  • Cloud security assessments
  • Mobile app security assessments
  • Enterprise application security assessments
  • SCADA/ICS Assessments

Privacy Assessments

  • Data Privacy assessments (based on legal frameworks like HIPPAA, HITRUST/HITECH, GLBA, FFIEC and Indian IT Act)
  • Data leak detection assessments
  • SSAE 16 Assessments (for clients)

Designing and delivering cyber security and privacy risk management programme

IT Governance Framework Development

  • IT Governance, risk and compliance Framework and process Development
  • IT Governance and risk tool implementation

Cyber Risk Governance Framework Development

  • Cyber Risk Management Framework Development (based on frameworks of NIST, CSIRT)
  • Cyber Security Service Management Framework Development
  • Cyber Incident Response & Crisis Management Framework Development
  • Cyber Risk reporting framework development (KPI and dashboards)
  • Cyber risk resilience strategy development
  • Cyber awareness workshops
  • BCM design, development and implementation
  • Disaster Recovery design, development and implementation
  • IT disaster recovery and BCM program alignment and analysis

Data Privacy Framework Development

  • Data privacy framework development (based on legal frameworks like HIPPAA, PCI, HITRUST/HITECH, GLBA, FFIEC and Indian IT Act)
  • Data privacy compliance program development

Outsource/ 3rd Party risk management Framework Development

  • Outsourcing Risk and Vendor risk management  framework development
  • SSAE 16 Compliance program formulation (for companies that outsource work to BPO)
  • SSAE 16 Compliance program formulation (for companies that outsource work to BPO)

Helping you delivery an effective response to cyber incidents

Cyber response and monitoring services

  • Brand Protection and Abuse Detection 
  • Crisis management support and PMO
  • Cyber incident response plan activation support
  • Cyber incident legal advice including privilege

Focus on strategic priorities leveraging on our outsourced security operation services

Managed Services

  • Cyber Security Assessments and VAPT
  • Cyber Security Staff augmentation service
  • Online brand monitoring services
  • Data leakage monitoring
  • Threat intelligence
  • Training & Awareness

Contact us

Manpreet Singh Ahuja

Partner & Leader - Risk Assurance Services, PwC India

Tel: +91 (124) 479 7265

Follow us