The digital transformation that Unica is undergoing both internally and externally entails new risks. The digital risk management method is specified in the Information Security Management System (ISMS), and ratified by the Board of Directors with the information security policy statement. In recent years, there have been major investments in the ICTinfrastructure that Unica uses for its business operations. These investments helped Unica launch hundreds of working-from-home environments at lightning speed during the Covid-19 crisis. These are managed remotely according to the high security standards laid down in the ISMS.
In addition to technical measures, user behaviour can pose a risk of incidents. At the start of the Covid-19 crisis, a great deal of attention was given to the provision of relevant information to users, including extra tips on information security and raised awareness regarding emails from unknown senders. A survey on information security is also held periodically, providing insights in the degree of employee knowledge and awareness. To reduce the risks of breaches, two-factor authentication is used for Unica’s ICT services. To limit the risks of cybersecurity incidents during operations, Unica Group has taken out central cybersecurity insurance that provides financial and operational support if Unica suffers a cybersecurity incident that causes damage to clients.