Threat detection and response – Cyber Managed Services

Confidently prepare, identify, respond to, investigate and remediate threats

The challenge: Relentless attacks on your security operations against malware variants requires constant vigilance. This creates a burden for CISOs and their teams to identify and prevent these new threats.

There are many obstacles your organization faces when trying to mitigate these issues: skill shortages, manual data correlation, chasing false positives and lengthy investigations.

To manage these threats, there are many variables to consider, including visibility, flexibility, analytics, prioritization, contextual data and cost.

Our solution

Our ability to rapidly scale as your business evolves will help reimagine and transform your cyber operations and reduce cyber risk exposure with confidence.

  • Extensive knowledge and experience in managed security services to bring the relevant insights and actionable recommendations
  • Ability to avoid potential issues and roadblocks by leveraging lessons learned on previous engagements
  • Relevant perspectives, specialized advice on leading practices from our deep industry knowledge
  • An optimal mix of onshore-offshore resources to establish maximum client coverage with an emphasis on knowledge transfer
  • A phase-driven structure with around-the-clock efficiency gains goes beyond the typical mix of onshore and offshore
  • Proven approach that brings enhanced security automation, and standardized and streamlined processes
  • Numerous deployment accelerators, reducing ramp-up time and providing a rapid and effective transition to an operational steady state

What success looks like for you

A secure, reliable environment

Evolving practices to provide a secure environment, recognize risks, and proactively mitigate them.

Increased automation

Our model takes security detection a step further through ongoing use cases to help respond to threats faster and reduce the overall manual workload.

Enhanced threat detection

Expanding the threat detection and monitoring coverage to operational technology environments.

Quality and committed outcomes

Our hybrid delivery model — with embedded leadership, SMEs and operations excellence — will promote quality and facilitate effective governance and communications.

Gain critical insights with our superior monitoring capabilities

Our key performance indicator (KPI) framework includes a variety of real-time dashboards that provide the visibility required to know the current state of the security operations.

  • Your teams will be able to measure the performance of our services through the KPI monitoring dashboards.
  • Dashboards highlight areas of improvement for the program, as well as cite notable incidents and how they were handled with lessons learned.
  • Dashboards are available by role: executive leadership, SOC leadership, and SOC engineers and analysts.

Operations dashboard

Value: A dashboard that drives day-to-day operations and provides a real-time snapshot of current status.

Key KPIs monitored:

  • Total open tickets
  • Number of attacks by MITRE tactics
  • Top targets within the organization
  • Use case coverage against MITRE

SLA dashboard

Value: A monthly/quarterly overview that drives accountability and provides insights into threats to identify potential risks or improvements.

Key KPIs monitored:

  • SLA metric
  • Alert/case closure rate
  • Monthly trends

Platform and use case dashboard

Value: An overview that provides insight into the organization’s health and detection capabilities.

Key KPIs monitored:

  • Technology uptime and configurations
  • Technology coverages (e.g., log sources onboarded vs. awaiting)
  • Use case management status




Contact us

Douglas Li

Director, Cybersecurity, Privacy & Forensics, PwC US

Mike Debalski

Director, Cyber Managed Services, PwC US

Follow us

Required fields are marked with an asterisk(*)

By submitting your email address, you acknowledge that you have read the Privacy Statement and that you consent to our processing data in accordance with the Privacy Statement (including international transfers). If you change your mind at any time about wishing to receive the information from us, you can send us an email message using the Contact Us page.