The Extra Mile On Industrial Performance
The Extra Mile On Industrial Performance
ADEX is aware of the risks and threats of cyberattacks today. Fortunately, our systems can operate safely and securely and we are very sensitive with cybersecurity, from the design of our products and services to their operation on real time.
Our decisions for internal Information Systems and for our Technology to external customers are based on the UNE-EN-ISO 27.001 Standard and other industry benchmarks. We are a flexible company and, when necessary, we adapt our commissioning and operating services to be compliant with our customer’s cybersecurity T&Cs.
Thus, as a self commitment, we share the following:
At ADEX and Group companies*, we recognize the necessity of maintaining cyber security from the dual perspectives of creating value and managing risk. We have developed our own Cyber Security Management Declaration (“the Declaration”), and in accordance with the Declaration, we will promote further enhancement of cyber security measures led by our executive management team in order to address increasingly serious and sophisticated cyber threats.
The executive management team will enhance their own understanding of the latest cyber security circumstances and actively engage in management that positions cyber security spending as an investment. In addition, it will take responsibility for cyber security measures while recognizing that cyber security is a critical management issue, confronting realities, addressing risks, and exercising leadership.
We have positioned measures to address cyberattacks as a critical management issue and will promote countermeasures against cyberattacks based on deliberations and validations through executive committees and board meetings to ensure safe and secure services are available to our customers.
We will develop management policies and business continuity plans aimed at prompt recovery from security incidents while prioritizing detection, response, and recovery, in addition to identifying and protecting against risks. The executive management team will take the lead in declaring the company’s commitment to internal and external stakeholders and make every effort to voluntarily disclose recognized risks and measures to deal with them, in corporate reporting.
Specifically, a part-time Security Committee has been created to perform duties in preparation for cyberattacks during normal times and emergencies. Its duties include cyberattack-related information gathering, analysis, procedures, and manual development, in addition to conducting periodic drills and training as well as performing reviews of the contingency plan. Additionally, it discloses measures for enhancing security through disclosure reports and other means.
You can access here our commitment to information security and our information system policy:
We will ensure resources including budget and personnel, establish internal systems, and take necessary human, technical, and physical measures, as well as develop human resources and conduct training required for those at every level, including management, corporate planning staff, technical specialists, and other employees. Moreover, we will strive to manage cyber security throughout domestic and international supply chains, including business partners and outsourcing contractors.
We will strive to manage cyber security across the full spectrum of corporate activities, including the development, design, production, and supply of products, systems, and services.
Specifically, we will take security measures from the time of developing new systems and services to ensure we provide safe and secure services to our customers.
We will collaborate with relevant government agencies, organizations, industry associations, and other bodies to actively share information engage in dialogue, and build human networks, both in Spain, the USA, and internationally. In addition, we will contribute to the reinforcement of cyber security throughout society by raising awareness of measures taken on the basis of such information.
*Applicable Group companies of the Declaration: Adaptive Predictive Expert Control ADEX, S.A. and ADEX Energy Company