Worldline - 2019 Universal Registration Document
D
EXTRA-FINANCIAL STATEMENT OF PERFORMANCE Building customer trust with reliable, secured, innovative and sustainable solutions
Worldline Security Strategy Worldline Security Strategy is a high level vision on how Worldline addresses cyber threats. This global framework is implemented at each managerial unit level through customized cybersecurity programs. The objective of Worldline Security Strategy is to provide a common taxonomy and methodology to:
Describe its current cybersecurity posture
Describe its target state to align with industry best practices
Identify and prioritize opportunities for improvement
Assess progress toward the target state
Communicate among all stakeholders about cybersecurity risk management
This Security Strategy is based on the NIST (National Institute of Standards and Technology) Cybersecurity Framework. It is organized in five main functions that are defined below. All these functions form an operational culture and address the dynamic cybersecurity risk.
Identify
Protect
Detect
Respond
Recover
Develop a cybersecurity risk management that enables Worldline to cover all its systems, assets, data and capabilities dimensions and prioritize its efforts.
Develop and implement the appropriate safeguards to avoid attacks or limit/contain the impact of a potential cybersecurity event.
Develop and implement the appropriate activities to identify the occurrence of a cybersecurity event.
Develop and implement the appropriate activities to take action regarding a detected cybersecurity event and contain its impacts.
Develop and implement the appropriate activities to maintain plans for resilience and to restore any capabilities or services that were impaired due to a cybersecurity event.
As part of the Entreprise Risk Management processes, the Security, Risk, Compliance and Operational Performance department conducts and analyzes regular security risk assessments. This risk analysis enables the Company to prioritize and refine its Security Strategy and the local cybersecurity programs ensuing. Worldline main security objectives Thus, Worldline Group security is focus to achieve the five following commitments:
Core Worldline security principles
Consistency in high standards application
Prevention to avoid attacks
Detection and analysis to address security incidents Consolidate and extend the services related to Security Operation Center (SOC)
Improvement to avoid re-occurrence
Reporting to monitor our performance
Main commitments and actions
Maintain a full coverage of
Train 100% of its employees yearly regarding PCI-DSS
Continue to respond to incidents
Achieve defined Security Key Performance Indicators.
ISO 27001 Security certification across Worldline
consistently with the security policy to understand root causes and avoid re-occurrence
108
Universal Registration Document 2019
Made with FlippingBook Ebook Creator