In recent years, different companies in various industries have had to adapt to new technologies, realities and threats. To this end, information security plays a key role, since information is considered one of the most important assets of any organization. According to data from FortiGuard Labs, Fortinet's threat analysis and intelligence laboratory, Peru will receive 5,000 million cyber-attack attempts during 2023.
In this regard, from Celepsa we evaluate the strategic objectives of the company to ensure, through information security, the value that we must generate to the business through optimal security controls, to ensure the operations and availability of services, applications and information. Some of the initiatives we have been addressing are the following:
- Information security and cybersecurity policies: Through the development of our regulatory documents, we seek to safeguard the physical and digital information critical to the business, preserving the confidentiality and availability of information assets. As a company of the UNACEM Group, we have corporate policies worked under a comprehensive strategy for its business units.
- Resilience to cybersecurity incidents: Various threats could be present in companies and put cybersecurity at risk. Therefore, we have response manuals and incident use cases, we address mechanisms and actions to address threats that could appear on a daily basis.
- Critical infrastructure protection: In order to implement security and protection parameters, at Celepsa we have backup and restoration controls for information that allow us to guarantee operational continuity in the event of a security incident, thus avoiding and minimizing losses and damages.
- Security in digitization: Nowadays, the transformation of physical documents to formats offers a great number of benefits. However, we must manage and protect digital information, safeguarding security to protect the privacy and intellectual property of the company. Through controls, we ensure that our tools have high levels of security.
- Managing new risks: On our journey to digitizing the energy sector, we know that identifying new risks and scenarios is important. In this journey, cybersecurity helps us manage new risks, ensuring protection against cyberattacks and increasing resilience.
Driving a culture of cybersecurity
While many of the solutions that increase security and cybersecurity at Celepsa are technological, the key point is to manage the people in the organization and contribute to a culture of cybersecurity. Through change management and simulated campaigns and the insertion of security tools in our devices, we train our employees so that they know how to identify phishing, spams, intrusion attempts or cyber fraud, and can take actions to protect the information and access they handle. We also know that it is essential to provide peace of mind in their work under a scheme of constant monitoring and scanning that is transparent to all and, above all, that does not affect productivity.
At Celepsa we recognize the importance of responsible management of our information, implementing concrete actions for our information systems as part of our risk management. Together, we work with innovation and excellence to continue promoting technology and digitalization in the sector.
