"We all need to get involved because we are all targets."
Cyber security at Nexans
- Monitor : activities aimed at monitoring information security (risk management, asset management, compliance and regulatory…)
- Protect : activities aimed at protecting Nexans’ assets (data, application, server, etc.)
- Empower : activities aimed at increasing information security awareness
- Intervene and restore : activities aimed at responding to an incident/crisis and restoring normal operations
- Organise : activities aimed at organising the activities of the information security team
Cyber security training at Nexans
Needs identified internally
- Nexans has identified 3 main internal cyber security needs : an explosion in threats to users : phishing, booby-trapped files, pirate sites, President’s fraud, etc.
- Incompatibility of past habits with current risks
- A cyber security team can not fight the battle alone!
Raising awareness
How can we make cyber security a 21st century skill?
- By raising awareness again and again
- By varying the form and content to create support
- By giving meaning to our actions
From the “Keep an eye out” serious game to the co-design of the “Cyber & Me” pathway
- Retain the fun approach of the Serious game
- Put threats into perspective by discovering the world and motivations of hackers
- Better respond to specific uses : travel, sensitive data (financial, commercial, R&D, etc.), system administrators
- Speak to our employees in their native language whenever possible
No company is immune to attack. It is almost self-evident that all our companies face the same attacks and the same bad practices.
The added value of crowdfunding is that it allows us to co-design a new tool, to build a virtually tailor-made course while sharing the costs with other companies.
The Daesign team led the working group using a collaborative platform. A monthly committee meeting was held to fine-tune the poject and decide on the next steps, in particular the feedback expected from the companies.
The Cyber & Me course offers Adaptative Learning, so that employees are targeted according to their level of exposure to risk.
A self-positioning module enables learners to personalise their course even further.
Deployment of the solution within Nexans
Targets trained in 2019 : 85% of IT staff have completed the course.
Deployment methods : 2 options : use Daesign’s SCORM platform or our own. Nexans chose the second solution because they already had the licences and user authentification is automatic.
Deployment schedule : 2020 : all Nexans employees… workers and managers alike, not forgetting the directors! To date, 915 employees have been trained.
A complete communication kit.
«Very interesting content even if a little scary … treated in a sufficiently playful way (various media: videos, quizzes, scenarios …) so as not to get bored.»
About Nexans
Nexans brings energy to life with a wide range of advanced cabling systems, innovative solutions and services. For more than 120 years, Nexans has been providing its customers with state-of-the-art cabling infrastructure for the transmission of energy and data. Today, beyond cables, the Group advises its customers and designs solutions and services that maximise the performance and efficiency of their projects in four main areas of activity : Buildings & Territories (including utilities, emobility), High Voltage & Projects (covering offshore wind farms, subsea interconnections, onshore high voltage), Telecoms & Data (covering data transmission, telcoms networks, hyperscale data centres, LANs) and Industry & Solutions (including renewable energies, transport, oil & gas, automation, etc.).
