23-05-2025
PwC expands cyber defences with new risk management services
PwC Ireland has launched two critical risk management services from its National Cyber Managed Services Centre in Cork, responding to escalating third-party supply chain and cybersecurity threats facing Irish businesses.
The firm unveiled its expanded third-party risk management (TPRM) service, addressing fundamental gaps in how organisations protect themselves against risks arising from supplier vulnerabilities. This offering is complemented by a new threat and vulnerability management (TVM) service, focusing on digital attack prevention.
Urgent need for TPRM
The timing of the TPRM service launch aligns with a pronounced shift in corporate risk management priorities and an urgent market need. With businesses becoming increasingly reliant on external partners, end-to-end risk profiles have intensified substantially. The enhanced TPRM offering provides comprehensive solutions spanning regulatory, financial, strategic and system risks across wider business operations.
According to PwC's 2025 Global Digital Trust Insights, 74% of organisations will prioritise cyber risk mitigation in 2025. This underscores a broader transformation in business risk management approaches, with a particular emphasis on third-party risks.
Regulatory pressures further accentuate the need for robust TPRM. Key legislation including the Digital Operational Resilience Act (DORA) and the European Network and Information Security Directive (NIS2 Directive) demand far greater vigilance regarding supply chain risks. These regulations require organisations to maintain comprehensive oversight of third-party relationships and demonstrate robust security frameworks.
Complementary TVM service
While TPRM addresses supply chain vulnerabilities, the threat and vulnerability management service employs industry-leading technology to identify security weaknesses throughout organisations. The TVM solution can integrate with existing in-house security operations, potentially reducing overheads while boosting operational efficiencies.
Evolving threat landscape
Traditional approaches to supplier risk management and cybersecurity have become increasingly inadequate. With a majority of business leaders identifying exposure to macroeconomic volatility, geopolitical risks, cyber threats, technological disruption and skills shortages in PwC's 2025 CEO Survey, organisations face an unprecedented complexity of interconnected risks.
Artificial intelligence presents additional security challenges. PwC's 2024 GenAI Business Leaders Survey found that 91% of respondents believe Generative AI (GenAI) will likely increase cybersecurity risk. This emerging threat vector requires sophisticated detection and response capabilities beyond traditional security measures.
Strategic imperative
Data from PwC's Global Advisory Thought Leadership Accelerator reveals compelling economic arguments for comprehensive managed services adoption. Businesses that fully embrace managed services as a strategic imperative enjoy a 12.4x performance premium compared to those using such services solely for cost reduction.
This performance differential reflects the fundamental shift required in modern risk management. The old methodologies for managing third-party risks and cybersecurity have become obsolete as new threats emerge alongside rapidly evolving technologies. The complexity of managing these risks within regulated environments continues to escalate.
Irish CEOs recognise this transformation imperative, with 94% expecting AI to be integrated into business processes and workflows in the next three years according to PwC research. However, ambitious companies face significant obstacles balancing day-to-day operations with long-term strategic objectives.
Operational benefits
The managed services model allows businesses to redirect resources towards core growth strategies. By outsourcing critical risk management functions, organisations can achieve better focus on strategic objectives while maintaining comprehensive protection against evolving threats.
PwC's Managed Services practice provides support across multiple critical areas including operations, regulation and compliance, risk management, financial and strategic risk, innovative technology integration and systemic risk. This comprehensive approach enables businesses to address interconnected risks through a single provider relationship.
The Cork-based National Cyber Managed Services Centre serves as the operational hub for these expanded offerings. The facility represents a significant investment in Irish risk management infrastructure and demonstrates PwC's commitment to supporting local businesses facing global threats.
As organisations navigate an increasingly complex risk landscape, the integration of comprehensive managed services appears essential for maintaining competitive advantage. The ability to focus on core business activities while ensuring robust protection against third-party and cyber risks may determine which companies thrive in an uncertain environment.
Féilim Harvey is a Partner at PwC Ireland.
