Our objectives
- Foster a culture of cybersecurity among all employees.
- Anticipate risks.
- Implement a zero-trust network architecture strategy (never trust, always verify) in line with our digital transformation roadmap.
- Follow all GDPR directives and ensure data protection.
2023 achievements
We made several enhancements to cybersecurity at Sonoco Metal Packaging EMEA in 2023 and progressed along our digital transformation roadmap. • We rolled out a secure remote desk protocol (RDP) for all third-party access via a fully managed seamless RDP and Secure Shell (SSH) service, providing access without exposure. • The transition of our systems to SD-Wan is 97% complete, in support of our Zero-Trust Network Architecture.
• We strengthened multi-factor authentification (MFA) by establishing additional security steps to gain access to privileged and user accounts, including numbermatching (instead of just an approval notification).
• Business Continuity Management (BCM) and incident response plans across our business (supply chain, cybersecurity, facilities management, and others) were made more robust, in partnership with our insurance providers.
• We strengthened our platform hardening by deploying attack surface reduction and ransomware protection. This works alongside our managed detection and response (MDR) platform by analysing in real-time each script or service call.
• Measures were taken to continue to improve our Email security. The volume of phishing and spam emails received by our hygiene platform are significantly below the industry average.
• We have increased our monitoring and alerting capabilities by developing deep visibility into our platforms. The log types we ingest and work on include EDR, M365, and Firewall & Email.
• We improved our Privileged Account Security by reducing the overall number of privileged roles assigned by favoring the use of service specific roles.