Risk description

Cyber risk includes the inability to ensure service continuity or to protect confidential, critical, or sensitive information.

Prevention and mitigation actions

Cyber security program:

The two Governance bodies leading the security risk management effort also take care of the supervision of the Cyber security program.

  • Independent assessments, including penetration tests are conducted by external experts;
  • Solvay Business Services (SBS) has renewed its ISO 9001: 2015 quality management program for all its activities, and obtained its ISO 27001: 2013 certification – which encompasses cybersecurity for the majority of its information systems activities;
  • Training on information systems security policies and best practices has been completed for all SBS information systems professionals;
  • End-user security training remains mandatory for all employees. Cybersecurity tips are published regularly to increase employee awareness.

A significant cyber-attack could negatively impact the company’s operations and results. Therefore the Company will continue to solidify its cyber defenses to manage the evolving cyber threat landscape.

Insurance

Solvay is insured against the potential financial impact of a cyber event with respect to assets, business interruptions, and cases of fraud.

2018 main actions

Solvay continues to enhance its overarching cyber security strategy and governance, develop the corporate information security program, and explore other functions/capabilities to enrich the company’s security posture and ability to respond to a cyber-related threat.