From risk to resilience: How Schneider Electric builds a human firewall

Phishing and social engineering campaigns pose some of the most significant threats to critical infrastructure, as noted in a recent study that found 80% of the organizations surveyed were victimized by an email security breach within a 12-month period. These campaigns are becoming increasingly effective as cyber attackers evolve into experts in the understanding and psychological manipulation of human behavior. 

In fact, a recent social engineering campaign, first discovered in August 2025, is being called one of the most advanced types of these campaigns yet. Attackers pose as business professionals that connect with manufacturing and other supply-chain critical industries through public “Contact Us” forms. The attackers then engage in email exchanges for weeks before they send a seemingly trusted zip file that is actually a malicious file that becomes a gateway into the victims’ companies.   

Empowering people to minimize human risk 

Cybersecurity is embedded in Schneider Electric’s culture, and we believe our employees play a key role in securing our company. In fact, as noted in our Cybersecurity and Data Protection Posture paper, our first pillar for building trust and resilience within our organization is minimizing human risk.    

As part of this commitment, we launched a comprehensive cybersecurity human risk management (HRM) program several years ago, aiming to empower employees to be risk-aware and confidently make secure decisions in their daily work and personal life. Our ongoing efforts are based on several key pillars that include a strong communication strategy as a transversal and essential part of the program. The pillars include:   

• Training: We ensure that every employee has the required education to understand and integrate secure behaviors in their day-to-day life.   
• Awareness: We treat awareness as a continuous journey, not a one-time event. Through sustained campaigns, real-world scenarios, and timely reminders delivered throughout the year, we keep cybersecurity relevant and top of mind. 
• Change management and user experience: To ensure that security is an enabler and not a barrier, we continuously monitor and improve how people interact with tools and processes. We also keep them informed and supported with timely resources whenever changes happen in the organization.  

Building cyber resilience through a layered approach

While these pillars are a good foundation for our HRM program, bringing it to life in a complex and global organization is not an easy task. It’s a shared responsibility built on visible commitment and collective action.   

Our leadership teams support our efforts and lead by example, modeling secure behaviors and reinforcing the importance of cybersecurity in everyday decisions. We also encourage employees to take responsibility for secure behavior through an adaptive framework that operates across multiple layers of programs. This ensures that every employee receives the right level of guidance and resources tailored to their context.  

• Global program: All Schneider Electric employees, connected and non-connected, receive foundational cybersecurity guidelines and mandatory training to ensure secure behavior in the workplace and beyond.   
• Regional programs: Additional cybersecurity awareness is tailored to regional needs, based on behavior trends and other local needs such as communication preferences.  
• Role-based programs: Targeted awareness and training are delivered to high-risk populations, including top management, finance, and customer-facing employees. These programs are based on their job roles and responsibilities and address specific cybersecurity risks.  
• Individuals: Based on employees’ individual cybersecurity behaviors, tailored awareness initiatives, such as pop-up reminders and personalized recommendations, guide them to correct potential risky actions and reinforce secure practices.  

HRM use case: Our role-based layered approach in finance

In addition to being part of our global and regional programs, we created a specific program for Schneider Electric’s finance department which showcases the multilayered approach described above. This program focuses on embedding cybersecurity awareness into our finance operations through components such as:    

• Personalized onboarding experience: New finance employees receive a cybersecurity welcome kit filled with practical resources, incident examples, and good practices as they relate to finance. We also illustrate real-world risks and demonstrate how small actions can prevent security events and help stop cyberattacks.  
• Cybersecurity embedded in events: We integrate good cybersecurity practices in global events, such as town halls or other large meetings, so that these practices become our employees’ by-default behavior. These touchpoints reflect that cybersecurity is embedded in finance’s day-to-day operations and is visibly prioritized at every level of the finance organization.   
• Awareness and training-specific material: We combine different communication formats to help reach all kinds of employees. For instance, our podcast series features finance experts and cybersecurity professionals who help make cybersecurity relatable and actionable as they discuss topics like social engineering, data classification, remote work, and impersonation.  
• Targeted phishing simulations: In addition to our company-wide phishing awareness efforts, we create phishing simulations that mimic realistic attack scenarios on finance departments. These campaigns are carefully tracked to measure engagement and effectiveness. 
• Tone from the top: Finance executives actively support and amplify cybersecurity messaging across the organization. One recent example is a lighthearted deepfake video featuring our Chief Financial Officer that we created to raise awareness in a fun and memorable way. It’s a creative reminder that our leadership teams don’t just endorse secure behavior, they model it and make it relatable.  

Fulfilling our commitment to cybersecurity as a business imperative

Schneider Electric’s Trust Charter, which is our code of conduct, states that cybersecurity is an essential business imperative for our company, our ecosystem, and the industry at large. It also states that we promote a culture where cybersecurity is everyone’s responsibility—and we are fulfilling this commitment through our HRM program.    

By combining training, behavior change, communication, and user experience, our HRM program fosters a culture of secure digital citizenship where cybersecurity is not just an IT issue, but a topic in which everyone has a role to play across the company. It is an essential part of our cybersecurity posture while increasing trust with our customers, and other stakeholders in our offerings.