We are much more than just auditors!
From strategy to implementation
We help develop strategy, respond to risk, boost resilience to cyber threats and attacks, and thus ensure the protection of valuable company assets and maintain operating continuity of critical business processes.
We provide a wide range of cybersecurity and data protection services that will help you assess, build, and manage your cybersecurity readiness and resilience, and your incident response capabilities.
We are best known as financial auditors, but we also provide accounting, financial, legal, assurance and advisory services, as well as risk management and strategy development services. We draw on this experience when building comprehensive cybersecurity and data protection services. Our many years of experience allow us to provide comprehensive services aimed at ensuring cutting-edge cyber protection and resilience according to our clients’ requirements.
DORA
Why it is relevant to you
NIS2 Directive and Cybersecurity Act
Main areas
- The Cybersecurity Act (Slovak Act No. 69/2018 Coll., as amended)
- Assessment of cybersecurity status
- TISAX
- Cybersecurity Awareness
- Industrial security (operational technology)
- Penetration testing
- Red-teaming
- Outsourcing the cybersecurity manager function
- Business continuity management (BCM)
- Cloud
The Cybersecurity Act (Slovak Act No. 69/2018 Coll., as amended)
What we do:
Compliance audit (compliance with the Cybersecurity Act) performed by certified cybersecurity auditors in accordance with the Cybersecurity Act
Preparation for an audit and consultancy on how to improve the level of compliance with the Cybersecurity Act requirements
Assessment of cybersecurity status
What we do:
Assessment of procedural, organizational, and technical cybersecurity precautions
Assessments carried out in accordance with international security standards and norms (NIST, ISO27k) and best practice
Preparation for certification audits (ISO/IEC 27001)
TISAX
What we do:
Certification audit of automotive suppliers
Preparation for a certification audit and consultancy on how to achieve compliance with TISAX certification requirements
Cybersecurity Awareness
What we do:
Provide a comprehensive programme for company employees to continually maintain and raise their cybersecurity awareness
Regular phishing campaigns
Periodic training courses for employees
Phishing campaigns linked to short teaching lessons in the event of incorrect responses to phishing
Various engaging training materials (videos, games, series, etc.)
Training courses as a service or a comprehensive platform
Industrial security (operational technology)
What we do:
Consultancy on the implementation of security measures (organizational and technical) as regards operational technology
Assessment of the current cybersecurity status of industrial operational technology
Assessment using technical means
Penetration tests of organizational and technical security systems
Penetration testing
What we do:
Penetration testing of IT systems carried out by highly experienced, qualified, and certified experts across the CEE
Penetration testing by the PwC network – an established dedicated Centre of Excellence for the performance and provision of penetration testing services
Comprehensive services including the analysis and assessment of the tested applications’ source codes
Red-teaming
What we do:
Use a unique method of assessing a company’s cybersecurity and resilience against various attack practices, methods, and known techniques of attackers
Assessment of security (including physical security) and logical approaches, also using social engineering methods
Security and resilience assessment as a programme within internal audit
Use hacker tools and techniques to assess a company’s security and resilience status
Outsourcing the cybersecurity manager function
What we do:
Outsource the cybersecurity manager role while meeting the knowledge standards defined in the Slovak Cybersecurity Act
Cybersecurity manager role provided by a team of certified specialists with a focus on the various specific areas of cybersecurity
Variable job description according to requirements
Dynamic allocation of the most suitable specialist (person), taking the requirements and actions to be provided into account
Working-time equivalent by agreement and according to customer requirements (e.g.: 1 FTE, 0.5 FTE, 0.3 FTE, etc.)
Business continuity management (BCM)
What we do:
Assistance and professional advice on setting BMC-related processes and technical issues
Assistance with the development of a disaster recovery plan
Assistance with, and professional supervision of, tests of disaster recovery plans
Revision or preparation and adjustment of internal regulations, methodologies, and auxiliary tools related to BCM
- More about BCM
Cloud
Our Cloud Security Assessment service provides a comprehensive assessment of your cloud infrastructure to ensure robust protection against potential threats. Recognizing the shared responsibility model, we focus on the customer's role in securing the cloud environment.
We begin with a thorough review of your cloud environment to identify vulnerabilities and potential risks. This includes reviewing your current security policies, configurations, and access controls to ensure they are aligned with best practices and compliance standards.
We also perform a detailed analysis of your network security, data protection measures, and identity management systems to identify any weaknesses. Our experts carefully review your incident response and recovery processes.
Our assessments are guided by established security frameworks and best practices from leading cloud providers.
The assessment culminates in a detailed report with actionable recommendations to improve your cloud security posture, protect your data, and maintain regulatory compliance. This ensures the confidentiality, integrity, and availability of your critical information assets.
