We offer a comprehensive security awareness program, empowering our organization to enhance our security measures. With security awareness trainings, our team becomes adept at recognizing and preventing cyber threats, ensuring robust protection for sensitive data and safeguarding against potential breaches.
Following the requirements of the ISO27001 standard and the GDPR, we established a global information security program. The program covers the following dimensions:
- Security awareness training: Company employees are informed about basic information security requirements and responsibilities. Each employee must undergo the security training relevant to the assigned role, once upon employment and then on a regular basis.
- Training on protecting personal identifiable information (PII): Data protection training for employees is conducted on a regular basis to ensure an appropriate knowledge and awareness regarding handling of PII data.
- Secure code trainings for developers: These trainings help identify and analyze potential issues or vulnerabilities, allowing the developers to fix their work before it is released into the production environment. Trainings aim to ensure that code is safe, reliable, and compliant. For details about the security development within SDLC, refer to the corresponding article.
- Phishing simulation campaigns: Regular phishing simulations aim to access effectiveness of security trainings and the ability of employees to recognize and respond to phishing attacks.
- Security awareness news: The news are published monthly and cover all relevant information on security topics. The information is offered in six languages: English, German, French, Spanish, Italian, and Chinese.