Because of the scale and number of its international operations, processes and sites, Legrand’s business activity requires multiple and often interconnected information systems that could expose the Group to specific risks related to cybercrime and data security.
The Group's cybersecurity program has seven main aspects:
- a detailed IT risk map;
- an IT systems security policy, based on applicable standards (National Institute of Standards and Technology) and industry best practice;
- systematic integration of security within IT projects through a specific methodology;
- an enhanced, mandatory employee cybersecurity awareness program. In 2020, more than 16,000 users received specific cybersecurity training;
- a structured incident handling process involving a Computer Emergency Response Team (CERT) and a Security Operations Center (SOC);
- a legal, regulatory and standards monitoring system;
- a specific program dedicated to personal data security and processing for Eliot connected objects and the related cloud.
Audits of systems in place, security audits and regular intrusion tests are carried out by Legrand or by companies specializing in cybersecurity.
To report a security issue or privacy requests, please fill in the following form :
Cybersecurity for connected products
Connected products potentially exposes customers to specific risks related to cybercrime and data security. To adress these risks, Legrand implements a specific program dedicated to personal data security and processing for connected devices, cloud and apps.
Legrand guarantees our users an ever more reliable and secure experience while ensuring total personal data confidentiality.