{"id":131995,"date":"2023-10-26T09:00:00","date_gmt":"2023-10-26T16:00:00","guid":{"rendered":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/?p=131995"},"modified":"2025-01-15T06:19:01","modified_gmt":"2025-01-15T14:19:01","slug":"an-integrated-incident-response-solution-with-microsoft-and-pwc","status":"publish","type":"post","link":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2023\/10\/26\/an-integrated-incident-response-solution-with-microsoft-and-pwc\/","title":{"rendered":"An integrated incident response solution with Microsoft and PwC"},"content":{"rendered":"\n

Today Microsoft Incident Response<\/a> is excited to announce a new collaboration with PwC to expand our joint incident response and recovery capability. In this global alliance, Microsoft begins the initial containment and investigation, bringing a deep understanding of a company\u2019s infrastructure to help evict the bad actors faster and more effectively. PwC can then work on securely rebuilding and restoring mission-critical systems, while helping clients manage the broader incident, including incident reporting, crisis management, and a recovery strategy. <\/p>\n\n\n\n

Together, we work with the company to help remediate and update business processes and systems to better prevent or detect. We collectively share our world-class threat intelligence and knowledge between Microsoft and PwC to help solve wide-ranging and complex problems that arise during and after a breach.<\/p>\n\n\n\n

\u201cThis type of industry collaboration is key to addressing the volume, complexity, and severity of breaches we see today. It will take all of us working together to stop nation-actors from attacking organizations and governments around the world,\u201d said Kelly Bissell, Corporate Vice President, Microsoft Security Solutions. \u201cFor example, Microsoft security researchers have seen a 130.4 percent increase in organizations that have encountered ransomware over the last year. Microsoft Threat Intelligence is tracking more than 300 unique threat actors, including 160 nation-state actors, 50 ransomware groups, and hundreds of others.1<\/sup>\u201d <\/p>\n\n\n\n

PwC and Microsoft formed this collaboration because they both have a long history of helping customers with incident response globally, offering both remote and boots-on-the-ground support. By combining our forces, we bring distinct areas of specialty to a broader range of customers.<\/p>\n\n\n\n

\n\t\n
\n\t\n\t\t
\n\t\t\t<\/iframe>\n\t\t<\/div>\n\t<\/div>\n\t<\/figure>\n\n<\/div>\n\n\n\n

How Microsoft Incident Response and PwC collaborate<\/h2>\n\n\n\n

When a customer experiences a crisis and engages Microsoft Incident Response<\/a> and PwC, both teams can immediately mobilize. We typically start helping the customer remotely straight away and, when needed, can have people in their offices within 24 to 48 hours, parlaying their large global footprint so we can be at wherever the issue is quicker.<\/p>\n\n\n\n

The Incident Response team focuses on evicting the bad actor, determining root cause analysis, and getting the customer\u2019s core technology back up and running. Our extensive relationships with government agencies and organizations around the world can help stop the damage and bring criminals to justice. We can help find the bad guys so customers can start their recovery journey. <\/p>\n\n\n\n

Meanwhile, PwC focuses on the broader incident response, like executing contingency plans\u2014or helping companies navigate through the situation quicker, updating business processes, and identifying control failures to design a prioritized and measurable recovery strategy. They can work closely with C-suite and the board of directors to help address their needs. For example, the chief financial officer should understand the cost implications due to fines or fees. The legal counsel should engage the right law firm to help during the response and recovery. And the board and public relations team should figure out the appropriate thing to say to the media and customers. PwC can stay with customers to provide guidance throughout this very abridged sample recovery journey with the goal of helping the company emerge stronger.<\/p>\n\n\n\n

Why Microsoft Incident Response and PwC are better together<\/h2>\n\n\n\n

\u201cTime is often the enemy in any breach. The incident response collaboration between Microsoft and PwC means our customers have a team that can help support them from discovery through recovery. With a global footprint and history of recovery, remediation, and transformation experience, we can assist customers with the speed, agility and broad knowledge needed to provide a level of confidence and professional services during a potentially chaotic period,\u201d said Sean Joyce, Global Cybersecurity and Privacy Leader, PwC.<\/p>\n\n\n\n

The collective lessons learned from Microsoft and PwC’s incident response collaboration are interwoven into the fabric of how Microsoft’s solutions operate and how the two companies’ teams can help customers contain, isolate, eradicate, and emerge from an incident. This collaboration is better together because it combines the strength of both organizations: Microsoft’s deep understanding of technology and PwC’s industry-leading knowledge in business and risk management.<\/p>\n\n\n\n

Here are some specific examples of how the collaboration can benefit customers:<\/p>\n\n\n\n