|
minute read
Ecopower is a cooperative producer and supplier of renewable energy. Customers, both private and professional, who co-invest in this production, can also consume Ecopower electricity. Ecopower’s activities contribute to a democratic, decentralized and sustainable energy system based on 100% renewable energy for electricity, heating and mobility. By having citizens co-owning wind turbines, solar panels, small water powerplants and a pellet factory and taking democratic control of their own energy production and supply, they drive the awareness of and support for renewable energy in our society.
Situation
Ecopower aims to improve its cybersecurity maturity level. As it is a critical supplier of energy in our society, a high level of cybersecurity is desired for Ecopower and compliance to the new NIS2 Directive is required by law.
Ecopower recognizes the importance of and need for decent awareness training for each employee within its organization to better defend itself and its customers against cyber-attacks. Training employees lowers the probability that an adversary will be able to launch a successful attack, because the most witnessed entry-point still is a human being, tricked to expose information or allow an attacker to enter company premises or systems.
Solution
Sopra Steria offers effective and efficient awareness programs including classroom based interactive sessions, gamified learning, security incident exercises and phishing campaigns.
Sopra Steria also tailors training content towards the customer’s line of business and typical threats, which is an efficient way of training the employees against business-specific supply chain attacks.
Next to the awareness programs, Sopra Steria offers an assessment against best practices towards an efficient and result-driven roadmap, to improve security maturity, cyber resiliency and NIS2 compliance.
By doing this, we help our customers to be ahead of change: raising the awareness bar means making it much harder for attackers to succeed in their malicious attempts.
Result
Ecopower’s employees were instructed and challenged during classroom-based interactive sessions. With specific tailored content, all participants were informed on a variety of methods that can be used in a hacking attempt and the impact of a breach.
Sopra Steria supplied all documentation and facilitated the discussion on how increased awareness or engage in thought-through actions if needed. Sopra Steria also provided insight in the business model of cyber attackers through the use of some real live use cases. This helped setting the context and understanding for a security awareness training program.
The training material and training approach Sopra Steria provided, became a central part of Ecopower’s internal Security Awareness Program. Through regular training, repetition, and practical exercises Ecopower is constantly improving the human awareness as first-line defense for cybersecurity incidents.
“The security awareness capacity we built through this program scored high in a recent independent security audit”
–Dirk Hermans / ICT coordinator
Combined with phishing campaigns, we notice how people are more aware of phishing- and social engineering attempts. This significantly reduces the risk of a security incident or even worse: a security breach.
The cooperation between Sopra Steria and Ecopower is a good example of how productive teaming up with a customer can be: creating synergy that leads to an enhanced cybermaturity of an organization.