The PwC Cyber Security Team in Bulgaria relies on experts with many years of experience in the role of head of IT security or key specialists in Bulgaria as well as experienced security auditors who have carried out a large number of consulting or assurance projects in the field of security as well as implemented security solutions.
We work closely with our CEE teams in Poland, Czech and Russia, while globally we rely on one of the largest practices of security in the world, employing over 3,500 highly qualified professionals in the field of information security, with over 1,200 in Europe.
We view cyber security through a series of interconnected lenses. This rounded approach is designed to provide you with confidence: in your people, technology and connections, how you manage risk, set priorities and respond to an incident or during a crisis.
Our capabilities are focused on the Cyber Security domains included in the PwC Cyber Security framework. Each domain is comprised of capabilities that are used in the way we deliver our assignments.
64% of global CEOs think that emerging technologies will be sources of disruption and uncertainty for their businesses over the next five years
Rethink risk and compliance to drive strategy, capabilities and performance:
Governance and organizational effectiveness
Organizational structure, roles, and responsibilities
Human capital management
Program management and performance metrics
Culture and awareness
Policy, standards, and guidance
Financial and knowledge management
Anticipate changes in the risk landscape through situational awareness of the internal and external factors impacting the business ecosystem:
Strategic threat and adversary evaluation
Threat modelling and impact evaluation
Public-private information sharing
Threat intelligence collection and analysis
Insider threat management
Security information and event monitoring
Logging, monitoring, analysis, and detection
Vulnerability identification and evaluation
Create sustainable security solutions to provide foundational capabilities and operational discipline:
Enterprise security architecture
Reference security solution architectures
Security development lifecycle
Services catalogue and portfolio management
Security solution blueprint and integration services
Solution consulting and advisory services
Assess risk of the new technology adoption and dynamically changing business models:
Industry and sector trends
Business model changes
Global and emerging markets risk
Governmental and industry regulations
Emerging and disruptive technology
Security and control solution innovation
Identify, prioritize, and protect sensitive or high-value business assets:
Information asset inventory, classification, and management
Critical asset (crown jewels) identification and prioritization
Information and asset lifecycle management
Data protection technologies and methods
Notice, choice, and consent
Efficiently and effectively identify, evaluate, and manage risk to the evolving regulatory requirements:
Security risk management and reporting
Enterprise risk management and governance, risk, and compliance integration
External/internal compliance management and reporting
Operational/ organizational resilience integration (including business continuity and disaster recovery)
Third-party and vendor risk management
Information risk management
Plan, detect, investigate, and react timely and thoroughly to security incidents, breaches and compromises:
Enterprise crisis management integration
Incident and breach preparedness, identification, triage, containment, and response
Forensic analysis and investigations
Countermeasure design and deployment
Remediation planning and prioritization
Reporting, notification, and disclosure management
Provide integrated and secure processes, services, and infrastructure to enable appropriate controls over access to critical systems and assets:
Identity and access strategy and governance
User account management and provisioning
Certification and access reporting
Privileged access management
Single sign-on and federation (federation and integration)
Identity attributes, stores, and services
Identity behaviour baselining and monitoring
The survey reflects the views of over 3,200 business and IT leaders globally and focuses on a variety of topics including cybersecurity strategy and leadership, budget, resilience, the threat landscape, and team development.
A few key findings to highlight:
50% say that they bake cybersecurity and privacy into every business decision.
31% say that their primary aspiration for business transformation initiatives is to modernize their organization with new capabilities.
55% surveyed lack confidence that their cyber spending is allocated towards the most significant risks to the organization.
51% of businesses are making plans to increase their cybersecurity headcount in the next 12 months.