Are you confident in your defences?

We understand that your organisation is complex and that building and maturing a defensive capability can be a daunting task.  To ensure that you are taking the right steps to stay ahead of threats, we can work with you to ethically hack and test your systems in real world attack scenarios, support you in understanding the threats against your organisation, help you develop the capability to detect and catch cyber attackers and prepare you for incidents and crises as they arise.

Service Areas

Ethical Hacking Services

Staying ahead of the curve at a time when threat techniques are constantly evolving requires much more than the occasional, intermittent, compliance-focused security assessment.

  • Vulnerability Assessment

Identify and evaluate security vulnerabilities and establish the best risk mitigation strategies through a vulnerability assessment. During this type of assessment vulnerabilities identified are not exploited.

  • Penetration Testing

Determine the business risk and potential impact of attacks on your organization through a penetration testing security assessment. Our approach involves modeling the techniques used by real-world attackers to identify vulnerabilities, exploit them securely, understand their potential impact on your business, and recommend improvements to reduce your exposure.

 

  • Red Team Operations

Mobilize your entire detection and response structure and enhance organizational resilience through a red team operation. A security assessment that consists of a realistic unrestricted attack scenario in your environment. Our team of highly skilled Offensive Security Certified Experts and Professionals closely mimics real attacker tactics, techniques and procedures, in a stealthy manner to accomplish a set of jointly agreed upon objectives.

  • Purple Team Operations

Enhance your overall detection capability through a purple team operation. Our team of highly skilled Offensive Security Certified Experts and Professionals work alongside our Incident Detection Experts to determine the threat groups most active in your industry and design attack scenarios emulating their tactics in your environment in order to assist you develop detection rules to capture those behaviors.

PwC Cyprus Cyberlab

At the heart of PwC’s Cybersecurity team lies the PwC Cyprus Cyberlab, a dedicated environment used for performing our various cyber assessments, dissecting the latest trends in cybersecurity and performing research and development. Our CyberLab professionals are:

  • Conducting Penetration Testing exercises to assess organisational exposure to threats and vulnerabilities and understand your current security posture
  • Performing Phishing Campaigns measuring the awareness of employees when it comes to maliciously crafted, targeted emails.
  • Performing Red Teaming exercises simulating advanced multi-layered attacks against people, processes and technology, to highlight risks posed by advanced threats
  • Researching attacker tactics, techniques and procedures to remain at the cutting edge and adapt our attack style to reflect the latest attacker behaviour and inform attack scenarios 
  • Developing custom-made tools to perform advanced attack simulations and proof-of-concept attacks as part of incident readiness and Red Teaming assessments

Incident Detection Services

Illuminating the real threats and defending your organisation against attacks that have bypassed your traditional controls, requires a solid attack detection capability that continually matures and improves

  • Incident Detection Capability & Maturity Development

Uncover the known unknowns through a series of workshops designed to assist you develop and mature your incident detection capability. We deliver a holistic review of your data sources, visibility, detection coverage and detection profile to develop your detection maturity.

  • Detection Use-Case Development Workshops

Make the most out of your logs through a series of workshops designed to assist you formulate a use-case development framework. We provide you with the methodologies that will enable you to make the most out of your existing data sources while assessing the quality of your developed use-cases.

  • Cyber Threat Modelling

Identify the real-world threats you face and analyze how they would navigate your infrastructure to achieve their objectives. Understanding and targeting control deficiencies helps identify areas of reliance to your detection capability and helps prioritise your detection efforts.

  • Threat Hunting Workshops

Expose your defenders to Threat Hunting approaches to attack detection, offering them inspiration, tools and techniques they can apply to proactively and iteratively review your estate for attacks you haven’t been alerted to.

Incident Response Readiness

Preparing for the inevitable requires building confidence in your ability to manage risks and respond to incidents and crises as they arise at both strategic and tactical levels.

  • Executive Incident Response Exercise 

Rehearse the strategic decision-making elements of incident response through a scenario-driven, tabletop incident response exercise designed for your leadership.

  • Executive Incident Response Assessment. 

Exercise your leaderships’ incident response and identify gaps in your Incident Management and Response Framework through an Executive Incident Readiness Assessment.

  • First Responders Readiness Exercise. 

Your IT-staff are on the frontlines defending your systems and responding to attacks. Enable them to rehearse the tactical decision making elements of incident response through a scenario-driven, tabletop incident response exercise designed for them.

  • First Responders / Readiness Assessment. 

Exercise your IT staff incident response and expose gaps of your Incident Management and Response Framework and Playbooks through a scenario-driven, tabletop incident response exercise.

  • Advanced Attack Technical Simulation. 

Mobilize your entire detection and response structure through a scenario-driven, technical simulation of a cyber attack on your network. Such simulations are also known as ‘Red Team’ operations. During a Red Team Operation our team tries to achieve predefined objectives, through the use of social engineering, spear-phishing and other advanced attacker tactics of exploitation.

Contact us

Vassilios Vrachimis

Partner, Head of Consulting, Chief Digital Officer, In charge of Government & Public Services & Health, PwC Cyprus

Tel: +357-22555128

Minos Georgakis

Director, Advisory, PwC Cyprus

Tel: +357-22555545

Follow us