Cyber Security, Data Privacy and Digital Identity
The PwC Cyber Security Team in Romania relies on experts with many years of experience in the role of head of IT security or key specialists in Romania as well as experienced security auditors who have carried out a large number of consulting or assurance projects in the field of security as well as implemented security solutions.
We work closely with our CEE teams, while globally we rely on one of the largest practices of security in the world, employing over 3,500 highly qualified professionals in the field of information security, with over 1,200 in Europe.
We view cyber security through a series of interconnected lenses. This rounded approach is designed to provide you with confidence: in your people, technology and connections, how you manage risk, set priorities and respond to an incident or during a crisis.
Our capabilities are focused on the Cyber Security domains included in the PwC Cyber Security framework. Each domain is comprised of capabilities that are used in the way we deliver our assignments.
Industry and sector aligned solutions
- Strategy, governance, and management
- Threat, intelligence & vulnerability management
- Security architecture and services
- Emerging trends and innovation
- Information and privacy protection
- Risk and compliance management
- Incident and crisis management
- Identity and access management
Strategy, governance, and management
Strategy through execution
Rethink risk and compliance to drive strategy, capabilities and performance:
- Security strategy and roadmap
Governance and organizational effectiveness
Organizational structure, roles, and responsibilities
Human capital management
Program management and performance metrics
Culture and awareness
Policy, standards, and guidance
Financial and knowledge management
- Enterprise change management integration
Threat, intelligence & vulnerability management
Address threats and weaknesses
Anticipate changes in the risk landscape through situational awareness of the internal and external factors impacting the business ecosystem:
Strategic threat and adversary evaluation
Threat modelling and impact evaluation
Public-private information sharing
Threat intelligence collection and analysis
Insider threat management
Threat detection
Security information and event monitoring
Logging, monitoring, analysis, and detection
Vulnerability identification and evaluation
Vulnerability management
Security architecture and services
Security by design
Create sustainable security solutions to provide foundational capabilities and operational discipline:
Enterprise security architecture
Reference security solution architectures
Security development lifecycle
Configuration management
Services catalogue and portfolio management
Security solution blueprint and integration services
Solution consulting and advisory services
Emerging trends and innovation
Adapt to the future
Assess risk of the new technology adoption and dynamically changing business models:
Threat landscape
Industry and sector trends
Business model changes
Global and emerging markets risk
Governmental and industry regulations
Emerging and disruptive technology
Security and control solution innovation
Information and privacy protection
Safeguard critical assets
Identify, prioritize, and protect sensitive or high-value business assets:
Information asset inventory, classification, and management
Critical asset (crown jewels) identification and prioritization
Information and asset lifecycle management
Data protection technologies and methods
Notice, choice, and consent
Risk and compliance management
Manage risk and regulations
Efficiently and effectively identify, evaluate, and manage risk to the evolving regulatory requirements:
Security risk management and reporting
Enterprise risk management and governance, risk, and compliance integration
External/internal compliance management and reporting
Operational/ organizational resilience integration (including business continuity and disaster recovery)
Third-party and vendor risk management
Information risk management
Incident and crisis management
Anticipate and respond to security crises
Plan, detect, investigate, and react timely and thoroughly to security incidents, breaches and compromises:
Enterprise crisis management integration
Incident and breach preparedness, identification, triage, containment, and response
Forensic analysis and investigations
Countermeasure design and deployment
Remediation planning and prioritization
Reporting, notification, and disclosure management
Identity and access management
Enable secure access
Provide integrated and secure processes, services, and infrastructure to enable appropriate controls over access to critical systems and assets:
Identity and access strategy and governance
User account management and provisioning
Certification and access reporting
Privileged access management
Single sign-on and federation (federation and integration)
Adaptive authentication
Identity attributes, stores, and services
Identity behaviour baselining and monitoring
Global Digital Trust Insights Survey 2026
Cybersecurity is entering uncharted waters. A rapidly shifting world order and threat environment ― powered by recent, exponential leaps in technology ― is putting cyber strategies to the test.
PwC’s 2026 Global Digital Trust Insights survey of 3,887 business and tech executives across 72 countries reveals how leaders are handling this era of uncertainty, where they’re falling short, and what they might do differently to better meet the challenge.
Contact us
