Global Information Security Council (GISC)

The council was established in October 2021 to address the increasing importance of cybersecurity as a business risk and the heightened level of cybersecurity threats. A Global IT Security Assessment was recently completed and it evaluates the cybersecurity maturity of our businesses across the world. The result of this assessment allowed us to: Identify best practices, close security gaps, define areas of priority, and develop a long-term strategic security roadmap. The council will define security standards, controls, and overall governance including identification and tracking of existing threats and incidents. Its operational management activities include the discovery and remediation of vulnerabilities, strengthening of technical solutions, and response to security incidents. Finally, improving cybersecurity culture and behaviors through user awareness initiatives, training, or other campaigns. Considering the current council structure and the security footprint in the regions, the council will work parallel streams. The first stream relates to global initiatives, where opportunities were identified in terms of standardization or global coordination and the second includes specific regional initiatives based on the security maturity profile and prioritization efforts to mitigate potential risks.

NSHD Global Information Security Structure