Building digital trust as a differentiator Feb 2014

What will happen in the next 5 years Implications • More clients demand for assurance in security and regulatory compliance • Single (and simple) security review is no longer adequate. The expectation will be for security to be considered during design (workshops) and be predefined (compliance criteria) • Have to increase performance while managing cost – reduce retrofitting, do it right the first time PwC Implications specifically for security assurance • Grow in the use of third party assurance, e.g. SSAE reports • More detailed and in-depth reviews, e.g. source code reviews. • More regulatory compliance reviews, e.g. PDPA and EA 25

Building digital trust as a differentiator Feb 2014 | Page 25