The Cybersecurity Act (Slovak Act No. 69/2018 Coll., as amended)
What we do:
- Compliance audit (compliance with the Cybersecurity Act) performed by certified cybersecurity auditors in accordance with the Cybersecurity Act
- Preparation for an audit and consultancy on how to improve the level of compliance with the Cybersecurity Act requirements
Assessment of cybersecurity status
What we do:
- Assessment of procedural, organizational, and technical cybersecurity precautions
- Assessments carried out in accordance with international security standards and norms (NIST, ISO27k) and best practice
- Preparation for certification audits (ISO/IEC 27001)
TISAX
What we do:
- Certification audit of automotive suppliers
- Preparation for a certification audit and consultancy on how to achieve compliance with TISAX certification requirements
Cybersecurity Awareness
What we do:
- Provide a comprehensive programme for company employees to continually maintain and raise their cybersecurity awareness
- Regular phishing campaigns
- Periodic training courses for employees
- Phishing campaigns linked to short teaching lessons in the event of incorrect responses to phishing
- Various engaging training materials (videos, games, series, etc.)
- Training courses as a service or a comprehensive platform
Industrial security (operational technology)
What we do:
- Consultancy on the implementation of security measures (organizational and technical) as regards operational technology
- Assessment of the current cybersecurity status of industrial operational technology
- Assessment using technical means
- Penetration tests of organizational and technical security systems
Penetration testing
What we do:
- Penetration testing of IT systems carried out by highly experienced, qualified, and certified experts across the CEE
- Penetration testing by the PwC network – an established dedicated Centre of Excellence for the performance and provision of penetration testing services
- Comprehensive services including the analysis and assessment of the tested applications’ source codes
Red-teaming
What we do:
- Use a unique method of assessing a company’s cybersecurity and resilience against various attack practices, methods, and known techniques of attackers
- Assessment of security (including physical security) and logical approaches, also using social engineering methods
- Security and resilience assessment as a programme within internal audit
- Use hacker tools and techniques to assess a company’s security and resilience status
Outsourcing the cybersecurity manager function
What we do:
- Outsource the cybersecurity manager role while meeting the knowledge standards defined in the Slovak Cybersecurity Act
- Cybersecurity manager role provided by a team of certified specialists with a focus on the various specific areas of cybersecurity
- Variable job description according to requirements
- Dynamic allocation of the most suitable specialist (person), taking the requirements and actions to be provided into account
- Working-time equivalent by agreement and according to customer requirements (e.g.: 1 FTE, 0.5 FTE, 0.3 FTE, etc.)
Business continuity management (BCM)
What we do:
- Assistance and professional advice on setting BMC-related processes and technical issues
- Assistance with the development of a disaster recovery plan
- Assistance with, and professional supervision of, tests of disaster recovery plans
- Revision or preparation and adjustment of internal regulations, methodologies, and auxiliary tools related to BCM
- More about BCM
