Lamda Development is highly aware of information and information systems security issues. The Company, by developing and implementing a structured and repetitive process for the identification, mitigation and prevention of security-related risks, has ensured the effective protection of information and information systems, since in the past years no material external or internal loss or non-availability of data and services has occurred. The key controls in the individual stages of this process include:
1. Development of an integrated framework for the monitoring and control of its information systems, consisting of:
- policies and procedures covering the entire scope of the Group's Information Systems operations;
- a set of control mechanisms;
- a Disaster Recovery Plan;
- continuous updates of software and hardware to meet all needs and requirements; and
- regular internal and external audits designed to verify compliance with the applicable policies and to evaluate the effectiveness and efficiency of the controls in place.
2. Continuous training of staff at all levels through a Cyber Security Awareness Program approved by the National Cyber Security Center, offered via an e-learning platform in cooperation with a specialised firm, aiming at:
- familiarising staff with the applicable security practices;
- raising awareness on how to identify and respond to cyber security and information security risks; and
- Ensuring that all employees recognize the importance of information security and the acceptance of the related responsibilities assigned to them.
3. The insurance coverage of the Group by means of a specialised "Cyber Risks" insurance product, which covers the Company:
- against liability for third-party claims (e.g. business partners, suppliers, regulatory authorities, etc.) arising from financial or moral loss or damage caused by acts or omissions of the Company or by malicious acts of third parties (hacker attacks); and
- from incalculable financial loss from business interruption caused by malware until recovery (profit loss, crisis management and damage recovery costs).