We look at cybersecurity and how businesses are rethinking their cyber risk strategy and investments.
In our Forecast 2021 podcast series, we’re focused on preparing you for the year ahead by offering insights to help you better understand and manage some of the opportunities and challenges that your company might face—think policy, technology, and other big picture topics.
Cyber risk is a top priority for businesses; and, considering every business can be vulnerable, targeted, and attacked, businesses are changing their cyber strategy and investing more. But, are those investments in the right areas? This week host Heather Horn sat down with Joseph Nocera, leader of PwC's Cyber & Privacy Innovation Institute, and Harshul Joshi, a PwC cybersecurity, privacy, and forensics principal, to understand cybersecurity risks and the leading practices for limiting exposure and recovering quickly.
- 0:59 - The hallmarks of good cybersecurity. Even the best can be breached, so what’s a company to do? We begin with the fundamentals of baking cybersecurity into every business decision and allocating cyber spend to technologies, processes, and developing talent.
- 7:41 - The 5 levers of security. We discuss leading practices for developing a risk management strategy: identification, prevention, detection, response, and recovery.
- 13:12 - Types of cyber attacks. Cyber attacks come in two flavors:
- 13:51 - External cyber attacks
- 19:21 - Internal cyber attacks
- 22:36 - Addressing the gaps. In addition to information technology considerations, attention also needs to be given to operational technology (OT). We discuss what that means and the cyber risk challenges in OT environments.
- 37:38 - Detection and response. You’ve had an attack, now what? We talk about early warning signals and key considerations post-breach.
- 40:09 - What’s next in cybersecurity. We close with thoughts on the increasing role privacy plays in cybersecurity and the rise of quantum computing.
About our guests
is the leader of PwC's Cyber & Privacy Innovation Institute. Joe’s experiences range from IT auditing to large scale systems implementation. He has extensive experience helping organizations meet regulatory demands and build information security departments, information risk management functions, and effective IT governance functions.
is a PwC cybersecurity, privacy, and forensics principal with more than 17 years of experience in the fields of regulatory compliance, cyber security, governance, risk, internal audit, and privacy. Harshul has a successful track record of working with various C-suite executives, regulatory bodies, and functional stakeholders to implement effective security programs.
About our host
is PwC’s National Office thought leader, responsible for developing our communications strategy and conveying firm positions on accounting and financial reporting matters. She is the engaging host of PwC’s accounting and reporting weekly podcast and quarterly webcast series, as well as periodic webcasts for the power and utilities industry. With nearly 30 years of experience, Heather’s accounting and auditing expertise includes financial instruments and rate-regulated accounting.