Companies recognize the need to accelerate their digitization journey, but often at the expense of cyberdefense functions. With the constant threat of ever-evolving cyber attacks, the need for vigilance is greater than ever before. But let’s face it—it can be hard to keep up with the vast number of technology tools and how they work together to protect against cyber threats.
As a result, enterprises often try to solve tomorrow’s business problems with yesterday’s cyber operating model. Frequently, they’re forced to work with a lack of skilled cloud and cyber resources to help them address changes to current business operations and architecture. At the same time, companies may struggle with technology and processes that haven’t been optimized or adequately integrated into existing architecture. This creates additional challenges as the organization works to address the ever-changing threat landscape.
There’s tremendous opportunity for organizations to quickly and efficiently evolve their cyber operating models and technology using AWS. As an AWS Level 1 Managed Security Service Provider, at PwC, we consider six specific areas around cyber operations in which organizations can reap the benefits of a managed services approach:
Cloud security and compliance: Many organizations have multiple providers along with on-prem infrastructure, resulting in a lack of visibility into changes, potential security events and misconfigurations. PwC and AWS can help secure and harden your AWS and hybrid environments against threats.
Vulnerability management: When there’s a need for high volumes of focused security testing, configuration reviews and vulnerability scanning, it can lead to difficult and inefficient monitoring of cloud systems and applications. This may also result in weak remediation governance and accountability. Alternatively, organizations can use cyber managed services to design, build and operate streamlined processes, obtain near-real time reporting, and automate scans and compliance checks to verify the security state of applications running on your AWS instances.
Threat detection and response: Organizations often experience high-volume events, manual correlation, and increased triage and resolution times—not to mention a lack of bandwidth and skill sets to adequately resolve issues. The opportunity for organizations exists when managed security services are used to develop and streamline processes, and provide continuous monitoring and support for cutting-edge solutions within the company’s AWS environment.
Network security: Too often, businesses suffer from a lack of skills and resources to secure their cloud architecture, which may result in an inability to monitor traffic or recognize and remediate threats or actual incidents. Alternatively, cyber managed security services can help your organization create the cloud network infrastructure necessary to protect your instances against unintended network access as well as network and transport layer attacks.
Host and endpoint security: Organizations may have a wide variety of endpoints deployed across their environment, reducing their ability to rapidly detect and respond to endpoint anomalies. Likewise, they may have a lack of detection and response capabilities on endpoints altogether, resulting in potential theft or misuse of data from a malicious actor (internal or external). Consider instead being able to operationalize host and endpoint security detection and response capabilities. Cyber managed security services can provide those capabilities, in addition to providing real-time monitoring, protection, detection, prevention and response to endpoint events.
Application security: When organizations already have various AWS enterprise applications that are unmonitored, or when they lack the skills to manage the security for those applications, rapid detection and response often goes by the wayside. There’s significant potential for organizations to integrate and manage an AWS Web Application Firewall (WAF) to provide DDoS mitigation and continuous monitoring to detect anomalies.
PwC is well-positioned to help enhance our client’s cyber capabilities over time, while providing them with ongoing cyber review, design, implementation and operations support. As an AWS Level 1 Managed Security Service Provider, we can help accelerate your digital journey using tomorrow’s tools, today.
Principal, Cybersecurity & Privacy, PwC US, PwC US
Managing Director, Cybersecurity, Privacy & Forensics, PwC US