Joint Crisis Center – Cyber Security

Evaluate your cyber-risk profile

Hackers are increasingly turning their attention to critical infrastructure as well as organizations that are important to the economy and society – both in direct relation to the war and with a view to countermeasures against sanctions. 

In this context, the risk of economic espionage and IP theft is also increasing because Russia is economically cut off and therefore will have to develop its own capabilities.

The overall security issues relating to cyber-attacks have not changed due to the war in Ukraine; however, the context and urgency surrounding them have become more compelling. Companies should therefore evaluate their cyber-risk profile and take the potential threats seriously. 

Urgent questions regarding Cyber Security

How high is the risk of a cyber-attack?

  • The cyber-risk profile of every organization is different and therefore has to be considered individually.

Am I prepared for a cyber-attack?

  • It is necessary to develop measures in accordance with your cyber-risk profile in order to improve the underlying protection provided by IT security and thus provide a tailored level of protection. In general, the key components for dealing with cyber-risks include increased awareness, trained employees, IT security measures and emergency planning.

How can I protect my company from a cyber-attack?

  • In general, the key components for dealing with cyber-risks include increased awareness, trained employees, IT security measures and emergency planning.
  • It can also be helpful if companies thoroughly examine internal and publicly available information on security incidents as part of their preparation for emergencies.
  • Responses to cyber security incidents are decisive for how companies withstand such events. The more effective the response is, the greater the probability that damages can be prevented or limited.

Incident response readiness

  • If there is an incident response team in place for the event of a cyber security incident, can this team be contacted quickly in order to prevent damage to the company concerned?

Current challenges

Phishing

  • Malicious documents, links as well as falsified and compromised resources are used in order to gather log-in details and install malware on target networks.
  • Phishing spam could exploit the dangers of social disorder or bombing.

Wipers

  • The use of WhisperGate against Ukrainian organizations was already witnessed in January 2022. The use of a new variant, Hermetic Wiper, was detected in February 2022.
  • Such advanced wipers function more intelligently as ransomware because they are more selective and immediately defragment storage media.

Scan and exploit

  • There is an increased risk of zero-day exploits that take advantage of initial access to target environments. The cyber-conflict could spread and result in collateral damage.
  • Due to the increasing number of leaks relating to the war in Ukraine, more and more standard credentials for systems are being made public.

Being compromised by third parties

  • SolarWinds and NotPetya provide clear examples of the capabilities of threat actors based in Russia to use third parties to achieve their objectives.
  • NotPetya has already been responsible for two electricity outages in Kyiv.

How we can assist you

Cyber security strategy, risk & compliance
We will help you in strategically reducing cyber-risks.

Incident response & threat management
Our cyber-defense approach focuses on the prevention of, detection of and responses to security incidents.

Information governance & privacy
Our information governance solution provides you with a sustainable information strategy.

Emerging technologies and digitalization
We will assist you in fulfilling the security requirements for smart networked applications and infrastructures.

Cyber security & managed privacy services
Our managed services provide trustworthy solutions with transparent cost controls.

Cyber security for IPO and M&A
Our Cyber Deals team will assist you with the important issues relating to cyber security.

Infografik zum Thema „Joint Crisis Center – Cyber Security“ von PwC Deutschland

Are you prepared?

Spear-phishing campaigns & social engineering

Highly customized phishing -emails targeting individuals as well as social engineering are often the cause of security incidents and subsequent attacks on IT. In such contexts, the “human factor” is targeted as a weakness.

Attacks on outsourced functions and IT services

Systems and their data are being relocated from internal company data centers to cloud services and mobile devices. The outsourcing of functions and IT services is nevertheless resulting in new types of risks.

Attacks on high-tech systems and economic espionage

Germany is home to numerous high-tech systems as well as corporations with global operations and is a key player both within the EU and globally.

Attacks on IT (general)

The damages here result directly from outages in various systems as well as from the time spent recovering (RTO) using backups and from excessively long intervals between backups (RPO).

Ransomware & APT (specific)

A ransomware attack encrypts important data with the objective of blackmailing the target into paying ransom in order to have the data restored. In contrast to this, advanced persistent threats (APT) focus on gathering information.

Follow us

Contact us

Grant Waterfall

Grant Waterfall

Partner, Cyber Security & Privacy Leader, PwC Germany

Dr. Alexander Köppen

Dr. Alexander Köppen

Partner, Cyber Security & Privacy Strategy, Risk and Compliance, PwC Germany

Tel: +49 1512 9608-114

Moritz Anders

Moritz Anders

Partner, PwC Germany

Derk Fischer

Derk Fischer

Partner, Cyber Security & Privacy, PwC Germany

Tel: +49 170 79 46 797

Lorenz Kuhlee

Lorenz Kuhlee

Director, PwC Germany

André Glenzer

André Glenzer

Partner, Cyber Security & Privacy, PwC Germany

Tel: +49 160 94470376

Jörg Asma

Jörg Asma

Partner, Cyber Security & Privacy, PwC Germany

Tel: +49 221 2084-103

Dr. Silvia Knittl

Dr. Silvia Knittl

Director, Cyber Security & Privacy, PwC Germany

Tel: +49 1511 5480524

Aleksei Resetko

Aleksei Resetko

CISA, CISSP, Partner Cyber Security & Privacy, PwC Germany

Tel: +49 1511 1653831

Joachim Mohs

Joachim Mohs

Global Industrial Manufacturing und Automotive Cyber Security & Privacy Leader, Partner, PwC Germany

Tel: +49 40 6378-1838

Sven Schreyer

Sven Schreyer

Director, PwC Germany

Tel: +49 1512 8493188

Carsten Crantz

Carsten Crantz

Director, PwC Germany

Dr. Oliver  Hanka

Dr. Oliver Hanka

Partner, Cyber Security & Privacy, PwC Germany

Tel: +49 160 5105836

Dr. Jan-Peter Ohrtmann

Dr. Jan-Peter Ohrtmann

Partner, PwC Germany

Tel: +49 211 981-2572

Manuel Seiferth

Manuel Seiferth

Partner, Cyber Security & Privacy Strategy, Risk and Compliance, PwC Germany

Tel: +49 160 536-3800

Hide