Threat and vulnerability management
Print-friendly version
Email to a colleague

How to stay ahead of today’s complex security threats*

Companies can no longer afford to take a reactive stance to security threats. By appropriately securing IT infrastructure and assets, organizations can reduce the likelihood of a business interruption from a security-related event, limit the impact of unanticipated events and demonstrate compliance with regulatory and business requirements, such as FSA, DPA, Basel, ISO 17799, HIPAA and GLBA.

If this is your situation

  • You need an integrated threat and vulnerability management solution to better monitor, report on and respond to complex security threats and vulnerabilities, as well as meet regulatory requirements.
  • You need to protect both your own information assets and those you are custodian of, such as sensitive customer data.
  • You want a real-time, integrated snapshot of your security posture.
  • You want to correlate events from data emerging from multiple security touch points.
  • You need support from a comprehensive inventory of known threat exposures.
  • You need to reduce the cost of ownership of your threat and vulnerability management system.

How PricewaterhouseCoopers can help you

PricewaterhouseCoopers (PwC) Advisory professionals have in-depth experience helping companies reduce risk exposure, protect information assets and limit the impact of security-related events on business activity. To increase the effectiveness of an organization’s threat and vulnerability management, PwC Advisory professionals advocate a “security dashboard” approach that integrates prevention, detection and correction technologies.

Services we provide include the following:

  • Threat detection
    • Monitor intrusions by deploying processes and tools that identify attacks
    • Evaluate exposure to malicious programs, and implement processes and tools to enhance the detection of incoming threats
    • Identify and remove unauthorized hardware, software or configuration changes installed within the "trusted zone"
    • Implement processes on applications, systems and networks that monitor system audit trails for the often subtle signs of attack that perimeter defenses often do not detect

  • Vulnerability detection
    • Develop processes that continually review selected assets for conformity with internal security standards to help maintain asset risk exposure within a prescribed range
    • Assess the vulnerabilities of the asset environment by looking beyond a single system

  • Threat & vulnerability remediation
    • Deploy security solutions to detect threats or vulnerabilities
    • Build and deploy systems designed to mitigate identified threats
    • Develop and implement processes and systems that secure or repair existing system components
    • Develop and test a comprehensive set of planned reactive activities that are initiated in the event of an incident to minimize associated damage and assist in recovery operations
Contacts
Andrew Toner
Partner
Tel: +1 (646) 471 8327
Of further interest
Related services
Related challenges

Privacy Legal About site provider Email Webmaster Site map RSS
© 2007-2008 PricewaterhouseCoopers. All rights reserved. PricewaterhouseCoopers refers to the network of member firms of PricewaterhouseCoopers International Limited, each of which is a separate and independent legal entity.
Accessibility information Skip navigation Countries online