CHAPTER 3 We advance in sustainable performance
94
The current digital context, marked by the mass use of data and exponentially growing hyperconnectivity, drives the need to assure the confidentiality, integrity and availability of Cepsa s information as a priority goal of our digitalisation strategy.
We have a new 'Cybersecurity Policy' defining the digital systems strategy and an ISO 270019 certified cybersecurity management model based on efficient technology risk management and the deployment of state-of-the-art technology services and solutions. The corporate Cybersecurity area is responsible for evolving the model and for rolling out the 'Strategic Cybersecurity Plan' promo- ted by management. Cybersecurity risk is reviewed and reported half-yearly to the Management Committee, which validates new actions underway and the achievement of planned milestones.
The main management and reporting tool is a cybersecurity dashboard comprising key indicators related to strategy, detection, prevention and response based on existing cybersecurity capabilities.
This year we have published the corporate regulations for industrial environments, which are designed to put in place the strategic framework for technical and legal protection in this area, as well as designing the associated reference architectures based on inter- national standards and best practices in cybersecurity.
Cepsa has obtained the highest rating (A) for its approach to cybersecurity, according to RiskRecon10.
9 Global certification spanning all the company's businesses. 10 A Mastercard company, leader in automated Cyber risk assessment.
PROCESS SAFETY INCIDENTS
2020 2021
Refining
Chemicals
Other
Distribution & Marketing
Exploration & Production
2020 2021
Refining
Chemicals
Other
Distribution & Marketing
Exploration & Production
TIER 1 TIER 2
3.4.4 Cibersecurity
2 32
2 1 2
1
1
1 4
1
