Comprehensive Cybersecurity Strategy: Protecting Data & Ensuring Business Security
Cybersecurity and data protection are critical priorities across the organization, reflected in our interactions with customers and suppliers. Our holistic strategy to safeguard data and business systems from attacks, breaches, or losses combines advanced technologies, policies, procedures, and a 24/7 cybersecurity operations team that monitors for threats and responds immediately.
We require all employees to undergo annual information security awareness training, with additional training for specialized roles. Regular simulations of cyberattacks or malicious activities are conducted to improve awareness and responsiveness. Additionally, third-party penetration and vulnerability testing are performed.
Our security policies are reviewed and updated annually to reflect changes in regulations, emerging threats, and best practices. We assess potential cybersecurity risks through internal and external sources, documenting and prioritizing them in a risk register. These risks are reported to a cross-functional cybersecurity risk committee for validation.
While we emphasize prevention and detection, we also have response and recovery plans, service agreements, and partnerships in place to address any incidents. Our security incident response plan outlines the procedures for timely and accurate reporting of significant cybersecurity events. Cyber liability insurance is also maintained.
To strengthen our ability to prevent, detect, and respond to security threats, we have appointed a Chief Information Security Officer (CISO) and a dedicated team to lead the enterprise-wide information security strategy, policies, standards, and processes. The Audit Committee of our Board of Directors meets quarterly with the CISO, Chief Information and Digital Officer, and other senior leaders to review cybersecurity risks, security system improvements, and assessments of our security program. Wesco has also earned ISO 27001 certification for its Information Security Management System.
Thanks to these robust measures, we did not experience any significant data breaches in 2023. Additionally, we completed the planned three-year integration of Wesco and Anixter's infrastructure and security, achieving significant progress in implementing Zero Trust configurations and data loss prevention strategies.
Click here to know more about Wesco’s 2024 Sustainability Report.
We require all employees to undergo annual information security awareness training, with additional training for specialized roles. Regular simulations of cyberattacks or malicious activities are conducted to improve awareness and responsiveness. Additionally, third-party penetration and vulnerability testing are performed.
Our security policies are reviewed and updated annually to reflect changes in regulations, emerging threats, and best practices. We assess potential cybersecurity risks through internal and external sources, documenting and prioritizing them in a risk register. These risks are reported to a cross-functional cybersecurity risk committee for validation.
While we emphasize prevention and detection, we also have response and recovery plans, service agreements, and partnerships in place to address any incidents. Our security incident response plan outlines the procedures for timely and accurate reporting of significant cybersecurity events. Cyber liability insurance is also maintained.
To strengthen our ability to prevent, detect, and respond to security threats, we have appointed a Chief Information Security Officer (CISO) and a dedicated team to lead the enterprise-wide information security strategy, policies, standards, and processes. The Audit Committee of our Board of Directors meets quarterly with the CISO, Chief Information and Digital Officer, and other senior leaders to review cybersecurity risks, security system improvements, and assessments of our security program. Wesco has also earned ISO 27001 certification for its Information Security Management System.
Thanks to these robust measures, we did not experience any significant data breaches in 2023. Additionally, we completed the planned three-year integration of Wesco and Anixter's infrastructure and security, achieving significant progress in implementing Zero Trust configurations and data loss prevention strategies.
Click here to know more about Wesco’s 2024 Sustainability Report.
Companies