Managed Cyber Risk

PwC Managed Cyber Risk (MCR) is a self-service platform that facilitates the measurement and reporting of cyber risks through advanced real-time analysis. It also visualizes progress in cyber risk mitigation and identifies remediation priorities.

Talk to an expert

Your challenge

Measuring and reporting cybersecurity risks transparently and effectively is a complex task. Many organizations struggle to answer the following key questions:

Benefits of Managed Cyber Risk

MCR Core

Self-service risk management

MCR Quant

Return on investment analysis
Risk appetite setting

MCR Architect

Tech stack optimization

MCR Portfolio

Investment prioritization
Benefits realization tracking

MCR Connect

Risk exposure comparison
Real-time risk management

MCR Advisor

Auto assessments
Portfolio optimisation
Root cause analysis
Auto status drafting

Designed for your business needs

Low-code, self-service SAAS platform, designed on the basis of our extensive practical experience, with a low cost of entry.
Provides the information executives need to fulfill their cyber risk management duties.
Acts as an ecosystem orchestrator, accelerating the customer's journey towards real-time, quantified risk decision-making.

How does Managed Cyber Risk work ?

Our approach is based on the principles of pragmatism, flexibility and explicability, incorporating both the scrutiny that cyber-risk brings and the wide diversity of maturity of risk management practices that exist across the industry.


Risk analysis, reporting and orchestration solution, enabling executives and boards of directors to create cyber-risk reports.


Flexible cyber risk model, including cyber risk quantification and integrated threat intelligence, leveraging PwC's global platform that provides strategic and technical information on incidents, threat actors and campaigns.


Optimal management of the platform's advantages, enabling you to measure the impact of the control system for a portfolio of risk management activities.


Customizable pre-loaded content that includes several industry control standards mapped to best practice risk factors (i.e. risks, threats and measures).


Continuous monitoring of controls based on data collection from security posture management platforms, using APIs to calibrate evaluation scores.


Support with free managed services that take care of ongoing risk model adjustment, risk factor assessment, data source integration and report maintenance.ntégration des sources de données et la conservation des rapports.

"PwC designed the Power BI Exec cyber risk dashboards for the bank's supervisory board. This included the introduction of a new approach to measuring cybersecurity risk and the maturity of remediation capabilities in place. This service was managed and hosted by PwC for a year, then brought in-house so that the bank could manage and run the dashboard itself by the end of 2021. In 2022, PwC is helping the bank monitor security measures by threat vector and attack stages to accompany the executive with more detailed threat scenarios - such as ransomware attacks."

Anonymous, german bank

© 2023 PwC. All rights reserved. PwC refers to the PwC network and/or one or more of its member firms, each of which is a separate legal entity.
Please see www.pwc.com/structure for further details.

The PwC Store uses open source software.