The Challenge

Table of Contents
Company Overview
Your Challenge
2. Research and background information
Background Information
PwC’s Cyber Security Teams
Recent news
3. Pitch Planning
Questions to consider
Presentation structure

Company Overview

Fledgling social media platform, ‘Chatter’ launched in September 2017. Its main users are 13-21 year olds. Users can:
● Share photos and post status updates
● Send messages via a private chat
● Play games with other users, and make in-app purchases
Their head office is in Birmingham, and they employ 30 people. All staff members have a staff pass to enter the building, and have a company iPhone and laptop. All staff have received an email outlining the best practice for cyber security but this was not read by everyone and staff have not undertaken any mandatory training.

Recently, Chatter had a minor cyber security threat. They are therefore looking to improve their cyber security and are looking for a cyber security specialist to help. PwC are in competition with other firms to be selected by Chatter to help them. You are part of the PwC Cyber Team who will have to pitch our proposal to Chatter for how we could resolve their cyber security threats.

In your teams, you will have to prepare a pitch to Chatter that outlines:
1. Chatter’s cyber risks – which one of these do you think Chatter should focus on first?
2. Which team you think Chatter needs to help them improve their Cyber Security and why.

“For companies, successful cyber attacks could result in material fines, legal actions, operational outages, and adverse impact on stakeholders. Individuals need to be confident that vast amounts of personal data submitted to organisations is safe and that the digital services on which they increasingly depend are reliable.”

Dr Richard Horne, PwC Specialist Partner for Cyber Security


Successful Rate

Curabitur ac leo nunc. Vestibulum et mauris vel ante finibus.


Marketing Firm

Curabitur ac leo nunc. Vestibulum et mauris vel ante finibus.



Curabitur ac leo nunc. Vestibulum et mauris vel ante finibus.

“The theme is always up to date with the changes of wordpress, following everything that’s happening. I’ve never had anything break with the update. Overall, the best theme I’ve tried.”

Andrew Karter Client
Sandy Schadler

Marketing Consultant Expert

Team working

Research and Background Information

Chatter’s recent cyber security incident A staff member left their laptop on the train while commuting home. The laptop was picked up by someone and they were able to gain access to it. Fortunately, the member of staff had reported it missing and the laptop was remotely wiped. Chatter cannot be sure if any data was accessed before the laptop was remotely wiped. Important Government Regulations
GDPR – General Data Protection Regulation. As of Spring 2018, changes to GDPR came into force, designed to better protect consumer and
personal data. Any organisation holding data must:

  • Gain consent from the consumer to process their data
  • Anonymise the data collected to protect privacy
  • Provide data breach notifications
  • Safely handle the transfer of data across borders. Transferring data outside Europe. The GDPR imposes restrictions on the transfer of personal data outside the European Union,to third-party countries or international organisations, to ensure that the level of protection of individuals afforded by the GDPR is not undermined.
  • Require certain companies to appoint a data protection officer to oversee GDPR compliance

PwC’s Cyber Security Teams

We help organisations from all sectors operate securely in the digital world. Our expertise enables clients to resist, detect and respond to cyber-attacks. Our Core Advisory team, works globally to support clients across the public, private and financial sectors, helping them to understand and reduce their cyber risks.

Some of the services offered to clients include:
● Assessing and measuring their exposure to cyber security risk
● Developing a strategy and vision for tackling cyber security
● Designing and implementing the secure IT systems a client needs to be secure
● Designing and putting in place security training and awareness programmes
● Gaining experience of security operations and incident response

Ethical Hackers
The ethical hacking team will work within the boundaries defined to legally penetrate the company with their permission. This exercise is designed to help companies understand their technical security weaknesses, to provide specific recommendations to clients to help them keep hackers out.
● Ethical hacking to expose vulnerabilities in client IT systems
● Identifying and monitoring malicious activity on client networks
● Actively tracking and disrupting cyber threat actors and seeking out new ones
● Investigating networks which attackers have compromised and removing threat actors.

Crisis Team

Cyber crisis team help companies prepare for, respond to and recover from a cyber-security crisis. A crisis may include events that prevent the business from operating.This team works with their people, to define these plans or understand what work has already been done to prepare for these types of events. The team also facilitate exercises to help companies test their approach, helping the team to practise for real events and can turn up to help you ‘steady the ship’ when under attack.


Cyber Threat Team

This team tracks and gathers information on cyber threats across the globe that could target the industry or type of company. The team uses various methods to gain a well-rounded view of the company’s threat landscape, and can help them to understand those that could be motivated to attack the company.

Sales Chart
Marketing Project


Nulla consectetur maximus turpis a egestas. Mauris efficitur, ante non bibendum eleifend, diam massa varius ex, non vestibulum risus metus in eros. Proin eu urna vitae ex feugiat interdum. Nunc vel auctor nisi.

Superdrug has advised its online customers to change their passwords

A spokeswoman said: “The hacker shared a number of details with us to try to prove he had customer information – we were then able to verify they were Superdrug customers from their email and log-in.”…
…Superdrug is the latest high street retailer to report a data breach. Last month Dixons Carphone said personal data belonging to 10 million customers may have been accessed illegally last year, nearly 10 times as many as the firm initially thought. The electronics retailer had estimated the attack – one of the biggest-ever data breaches – involved 1.2m personal records when it first reported the breach in June.

Web Link to the full article:

Fraudsters exploited my angry tweet’ By Kevin Peachey. 28 November 2018

A bank customer was tricked into transferring money by fraudsters who pretended to be responding to his angry Twitter post about poor service. Writer Mike Tinmouth was furious with the process and time taken to open a business account with Barclays. He expressed his
frustration in a public tweet – which was seized on by fraudsters who posed as the bank in an attempt to trick him out of £8,000. Fraud experts say con-artists are becoming skilled at impersonation…
… [In the Twitter post] he even posted an email that he received from the bank which he felt was unprofessional and had to confirm was genuine. The bank urged him to delete this public post. All this information, together with some personal details that were already available about him online, was enough for fraudsters to mimic the bank and appear to know details of the case.
Soon after the Twitter exchange, he received another email apologising for the poor service and offering to deal with his case. This time the message was from a fraudster posing as his bank.

Web Link to the full article:

“Cyber security: are the techniques of protecting computers, networks, programs and data from unauthorized access or attacks that are aimed for exploitation (such as to access or destroy sensitive data or steal money).”
“Individual cyber security risk: the individual users’ personal protection. For example, sharing and tagging pictures is a personal cyber risk for an individual as they are revealing personal information.”
“Business level cyber security risk: concerned with the risks to things the business has responsibility for i.e. their assets. For example, businesses should ensure the security of the personal data they collect, how they store it, who has access to it and who/how they share it.”

Melissa Dean Client
Lenna Emmer

Cyber Security Consultant Expert Case Study Source

Let’s Make Things Happen

Marketing Consultant Expert

Richard Madsen

Marketing Consultant Expert
(555) 802-1234
Thank you for your message. It has been sent.
There was an error trying to send your message. Please try again later.

By submitting my data I agree to be contacted