PwC: Successfully managing threat and vulnerability in an unprecedented risk landscape
“Our two new service offerings will help our clients have a more robust cyber environment, protecting them from significant reputational and financial damage,” says Leonard McAuliffe, Partner, Cybersecurity Practice, PwC.
In a modern business landscape where cyber breaches are an everyday occurrence, commercial security has never been more important.
In PwC’s 2025 Irish CEO survey, over eight out of ten business leaders stated that their organisation is exposed to key threats such as cyber attacks, technological disruption, macro-economic volatility and geopolitical risks.
Understanding these threats and their impacts on organisations and the third parties businesses rely on is critical. In response to client demand, PwC has launched a Threat & Vulnerability Management Service and the expansion of its Third Party Risk Management Service. These developments form part of the continued expansion of PwC’s Managed Services Practice and following the success of the firm’s Cork based National Cyber Managed Services Centre, launched in May 2024.
“These new service offerings are driven by client demand, an unprecedented risk landscape, regulatory and compliance complexity and unabating cyber breaches,” said Féilim Harvey, PwC Managed Services Leader and Partner. “Over four out of ten Irish CEOs confirmed that they will invest in business process transformation over the next three years. Ambitious companies face many obstacles as they strive to achieve their transformation and growth goals — most notably, getting the balance right between the pressures of looking after the day-to-day business and achieving long-term strategic targets.
“Availing of PwC’s Managed Services solutions frees up resources and headspace to focus on long-term growth strategy, enabling success and fuelling ambition.”
By partnering with PwC Managed Services, business leaders can be confident that their organisation stays relevant and competitive in a rapidly changing market, both now and in the long term. Utilising the firm’s human-led, tech-powered approach and industry expertise, PwC can help business grow and succeed. With the growing set of risks, uncertainties and disruption, ambitious companies are looking to spend more time on their core growth strategies.
This is where PwC’s Managed Services comes in, supporting clients to focus on their core competencies, while helping them drive productivity and profitability.
“Cyber breaches are almost an everyday occurrence, driven in part by GenerativeAI,” explains Leonard McAuliffe, Partner, Cybersecurity Practice, PwC.
“Over 80% of respondents to PwC's 2025 GenAI Business Leaders survey respondents agreed that GenAI will likely increase cybersecurity risk in the next 12 months. Our two new service offerings will go a long way towards helping our clients have a more robust cyber environment while operating more safely with third parties. In turn, clients can focus on their core business in the knowledge that they are protected from potential significant reputational and financial damage.”
As companies become increasingly reliant on, and interconnected with, third parties, end-to-end risk is further intensified. PwC’s enhanced Third Party Risk Management offering protects companies from third-party risk, providing a broad range of risk management solutions right across the wider business operations: regulatory, financial, strategic and system risk.
PwC research identified that third-party breaches are the number one cybersecurity threat concerning Irish organisations. This enhanced offering builds on the already successful and established Third Party Risk Management services provided by the PwC National Managed Services Centre in Cork.
Threat & Vulnerability Management is a security offering helping organisations identify, assess and manage security vulnerabilities and threats across their organisations. Along with support from its Alliances, PwC uses industry leading technology to identify security weaknesses to ensure its clients’ businesses remain secure.
PwC's offering is versatile and can seamlessly complement and enhance existing in-house security operations to reduce overheads and boost efficiencies. The emerging regulatory environment has never been so complex, with key regulations such as the Digital Operational Resilience Act (DORA) and the European Network and Information Security Directive (NIS2 Directive) requiring organisations to be far more vigilant of the cyber risks arising from their supply chains.
In today’s business world, supply chains have become more complex with increased interdependencies, including shared data, technology and platforms. Malicious actors seek to exploit the chain’s weakest link to infiltrate large organisations and high-profile brands. As a result, managing the cyber risk of third parties has never been more important.
“Today, security operations are grappling with numerous challenges, including the sheer volume of data generated, a shortage of skilled professionals and increasingly complex threat landscapes,” says Leonard McAuliffe.
“Traditional security approaches, which often rely on rule-based systems and manual processes, struggle to keep pace with these demands. AI is revolutionising security operations by enhancing threat detection and response in real-time, often before they manifest into full-blown breaches. As cyber threats continue to grow in scale and complexity, embracing AI and GenAI in security strategies is not just advisable but essential.”
PwC’s Managed Services Practice allows businesses to focus on their core growth strategies while offering comprehensive support for critical business activities in areas such as operations, regulation and compliance, risk management, financial and strategic risk, innovative technology integration and systemic risk.
PwC’s Cyber Managed Services Centre offers expert oversight and rigorous processes to protect businesses against evolving threats and increasing regulatory requirements. Clients benefit from industry-leading technologies, best practices and skilled cybersecurity resources without the need to recruit, saving both time and money.
“There is also cost certainty for our clients with solutions that can scale up and scale down. The result is increased operational efficiency for our clients, reduced risks, and more time to focus on their core business activities.”
