Cybersecurity

We are much more than just auditors!

From strategy to implementation

We help develop strategy, respond to risk, boost resilience to cyber threats and attacks, and thus ensure the protection of valuable company assets and maintain operating continuity of critical business processes.

We provide a wide range of cybersecurity and data protection services that will help you assess, build, and manage your cybersecurity readiness and resilience, and your incident response capabilities.

We are best known as financial auditors, but we also provide accounting, financial, legal, assurance and advisory services, as well as risk management and strategy development services. We draw on this experience when building comprehensive cybersecurity and data protection services. Our many years of experience allow us to provide comprehensive services aimed at ensuring cutting-edge cyber protection and resilience according to our clients’ requirements.

 

Main areas

The Cybersecurity Act (Slovak Act No. 69/2018 Coll., as amended)

What we do:

  • Compliance audit (compliance with the Cybersecurity Act) performed by certified cybersecurity auditors in accordance with the Cybersecurity Act

  • Preparation for an audit and consultancy on how to improve the level of compliance with the Cybersecurity Act requirements

Assessment of cybersecurity status

What we do:

  • Assessment of procedural, organizational, and technical cybersecurity precautions

  • Assessments carried out in accordance with international security standards and norms (NIST, ISO27k) and best practice

  • Preparation for certification audits (ISO/IEC 27001)

TISAX

What we do:

  • Certification audit of automotive suppliers

  • Preparation for a certification audit and consultancy on how to achieve compliance with TISAX certification requirements

Cybersecurity Awareness

What we do:

  • Provide a comprehensive programme for company employees to continually maintain and raise their cybersecurity awareness

  • Regular phishing campaigns

  • Periodic training courses for employees

  • Phishing campaigns linked to short teaching lessons in the event of incorrect responses to phishing

  • Various engaging training materials (videos, games, series, etc.)

  • Training courses as a service or a comprehensive platform

Industrial security (operational technology)

What we do:

  • Consultancy on the implementation of security measures (organizational and technical) as regards operational technology

  • Assessment of the current cybersecurity status of industrial operational technology

  • Assessment using technical means

  • Penetration tests of organizational and technical security systems

Penetration testing

What we do:

  • Penetration testing of IT systems carried out by highly experienced, qualified, and certified experts across the CEE

  • Penetration testing by the PwC network – an established dedicated Centre of Excellence for the performance and provision of penetration testing services

  • Comprehensive services including the analysis and assessment of the tested applications’ source codes

Red-teaming

What we do:

  • Use a unique method of assessing a company’s cybersecurity and resilience against various attack practices, methods, and known techniques of attackers

  • Assessment of security (including physical security) and logical approaches, also using social engineering methods

  • Security and resilience assessment as a programme within internal audit

  • Use hacker tools and techniques to assess a company’s security and resilience status

Outsourcing the cybersecurity manager function

What we do:

  • Outsource the cybersecurity manager role while meeting the knowledge standards defined in the Slovak Cybersecurity Act

  • Cybersecurity manager role provided by a team of certified specialists with a focus on the various specific areas of cybersecurity

  • Variable job description according to requirements

  • Dynamic allocation of the most suitable specialist (person), taking the requirements and actions to be provided into account

  • Working-time equivalent by agreement and according to customer requirements (e.g.: 1 FTE, 0.5 FTE, 0.3 FTE, etc.)

Business continuity management (BCM)

What we do:

  • Assistance and professional advice on setting BMC-related processes and technical issues

  • Assistance with the development of a disaster recovery plan

  • Assistance with, and professional supervision of, tests of disaster recovery plans

  • Revision or preparation and adjustment of internal regulations, methodologies, and auxiliary tools related to BCM

  • More about BCM

Cloud

Our Cloud Security Assessment service provides a comprehensive assessment of your cloud infrastructure to ensure robust protection against potential threats. Recognizing the shared responsibility model, we focus on the customer's role in securing the cloud environment.

We begin with a thorough review of your cloud environment to identify vulnerabilities and potential risks. This includes reviewing your current security policies, configurations, and access controls to ensure they are aligned with best practices and compliance standards.

We also perform a detailed analysis of your network security, data protection measures, and identity management systems to identify any weaknesses. Our experts carefully review your incident response and recovery processes.

Our assessments are guided by established security frameworks and best practices from leading cloud providers.

The assessment culminates in a detailed report with actionable recommendations to improve your cloud security posture, protect your data, and maintain regulatory compliance. This ensures the confidentiality, integrity, and availability of your critical information assets.

Contact us

Štefan Čupil

Štefan Čupil

Partner, Risk Assurance Leader, PwC Slovakia

Tel: +421 911 964 212

Adrian  Bagala

Adrian Bagala

Senior manager, PwC Slovakia

Tel: +421 903 909 186

Marko Valo

Marko Valo

Senior Consultant, PwC Slovakia

Tel: +421 948 700 744

Follow us

Required fields are marked with an asterisk(*)

Your personal data is processed in accordance with our Privacy Statement, you can click there for more information.

Hide