PwC DARC Digital (Cloud) Resiliency Service

The global threat landscape, including cyber-attacks and geopolitical tensions, underscores the critical need for robust resiliency strategies. Cyber-attacks have a significant financial impact, prompting substantial investments in cyber and resiliency measures focused on regulatory compliance and new technologies. The increasing complexity and vulnerabilities of technology, drives global and regional regulations such as DORA, NIS2, and the AI Act in the EU, necessitating new resiliency frameworks, processes and standards.

Answering to these challenges PwC defined Digital Resiliency as the ability of technology to continuously support the company business strategy and objectives. New definition of resiliency proposed by PwC includes four pillars: cybersecurity, agile architecture, proactive risk management, and cost excellence allowing jointly to leverage technology for the company's competitive advantage. PwC Digital Resiliency Center defines its role as supporting clients to transform resiliency strategies from reactive to proactive, embedding frameworks and processes within organizations. This involves continuous monitoring, predictive resiliency techniques, and consistent risk management. PwC promotes designing with resiliency in mind and staying ahead of cybersecurity and risk management best practices.

The PwC DARC Resiliency Standard, a comprehensive ready-to-use framework of standardized digital resiliency assurance processes & tools applicable on Organizational level (assurance of organizational operational resiliency processes) or Platform / Workload level (assurance of individual application / database / ML model / AI model operational resiliency). Organizational assessments focus on strategic and compliance aspects, while platform and workload assessments address specific technical or process gaps.

PwC DARC Resiliency standard covers 4 pillars: D - Defence - Cybersecurity A - Architecture & Engineering R - Risk and Continuity Management for ICT C - Cost Management for ICT - FinOps

The PwC DARC Resiliency Standard consists of over 1,000 best practices, covers defense architecture, risk and continuity management, and cost efficiency. It combines numerous PwC accelerators for cybersecurity, technology, data, cloud, tech risk, regulatory compliance, and FinOps, including assessment methods, tools, templates, frameworks, and best practices. The backbone of the framework is technology-agnostic however it consists of Cloud-specific extensions for Microsoft Azure, GCP & AWS Clouds, therefore it can be used in on-prem, hybrid and Cloud technology environments.

PwC DARC Resiliency standard can be used for stand-alone project delivery (e.g. Digital Resiliency Baselining on Organizational level, Cloud Landing Zone resiliency assessment. Application resiliency assessment) or as a framework for recurring / managed service (e.g. periodical Organizational digital resiliency re-assessments, Regular digital resiliency assessment of Platforms and Workloads (applications, databases ML models, AI models) providing continuous monitoring and deployment practices for improving of digital resiliency. This approach ensures clients maintain resilient technology and data infrastructures, with regulatory compliance as a beneficial outcome.

PwC's Digital Resiliency Center assists clients in building secure and resilient technology and data infrastructures. It addresses digital transformation challenges by emphasizing the strategic importance of resiliency, adopting new cloud and AI capabilities, and evolving IT operating models. PwC's Digital Resiliency Center conducts project based or continuous resilience assessments at organizational, platform, and workload levels, resulting in a prioritized resiliency backlog. This approach ensures clients maintain resilient technology and data infrastructures, with regulatory compliance as a beneficial outcome.

PwC DARC assurance processes are performed based on the framework by the dedicated, trained crew consisting of Experts in the areas of:

• Cybersecurity
• Architecture
• Engineering
• Infrastructure
• Cloud
• Technology Risk Management
• FinOps
• Regulatory

PwC recommendations guide clients to rationalize their solution portfolio to increase the effectiveness of usage of currently possessed cybersecurity tools and bundle licenses. Microsoft's services, like Microsoft Defender suite (for Endpoint, for Identity, Cloud etc.), Sentinel, Entra ID, Pureview, KeyVault, Bastion and many more, are a perfect fit for this vision. They are usually ready to use in bundle licences like E3/E5 which are commonly possessed by the clients so as a first step, PwC advises to use them to increase the cybersecurity readiness for potential migrations of the client's workloads to Microsoft Azure.

More information on the website: https://www.pwc.pl/en/services/digital-resilience-center.html