Global Information Security & Compliance Project in the Life Science industry

The existing information security organization comprised responsible experts in the majority of the more than 80 countries. As main internal stakeholders we identified the local responsible IT managers, the local and global information security officers, Global Comms, Internal Comms and User Comms units subordinate to them, division heads and contacts in Compliance and Risk and Legal at corporate level

• Analyzing employee behavior worldwide and identifying significant irregularities. Several workshops with company’s information security experts to assess the information security risks and develop appropriate countermeasures
• Internal campaign on information security (on- and offline at all major locations worldwide) including a worldwide information security day as well as a gamification approach with a specially developed app
• Development, setup, and operation of an intranet presence with extensive material, workshops, and trainings on the most urgent problems (train the trainer)
• Integration of information security aspects into training, all current projects and as an essential part of all new projects
• Regular performance of overt and covert tests (e.g. simulated attacks), combined with trainingn