Risk description

Information and cyber risk includes the theft, manipulation, or destruction of information, and the inability to ensure service continuity or to protect confidential, critical, or sensitive information.

Prevention and mitigation actions

Cyber security program

Solvay’s cyber security and confidential information loss-prevention program:

  • Independent assessments, including penetration tests are conducted by external experts
  • Solvay Business Services (SBS) has renewed its ISO 9001: 2015 quality management program for all its activities, and obtained its ISO 27001: 2013 certification – which encompasses cybersecurity for the majority of its information systems activities
  • Training on information systems security policies and best practices has been completed for all SBS information systems professionals
  • End-user security training remains mandatory for all employees. Cybersecurity tips are published regularly to increase employee awareness.

A significant cyberattack could result in the loss of critical business information and/or could negatively impact the company’s operations and results. Therefore the Company will continue to solidify its cyber defenses to manage the evolving cyber threat landscape.

Insurance

Solvay is insured against the potential financial impact of a cyber event with respect to assets, business interruptions, and cases of fraud.

2017 main actions

  • Solvay continues to enhance its overarching cyber security strategy and governance, develop the corporate information security program, and explore other functions/capabilities to enrich the company’s security posture and ability to respond to a cyber-related threat,
  • Certification for all Solvay Business Services (SBS).