Securing customer-facing interactions with The Cyber Badge program

This audio was created using Microsoft Azure Speech Services

Securing customer-facing interactions with The Cyber Badge program

At Schneider Electric, cultivating trust in the digital ecosystem goes beyond technology – it’s a vital strategic imperative for all stakeholders and the broader industry. Our Trust Charter is a Code of Conduct that elevates cybersecurity to a foundational pillar. Given the direct interactions our Customer Facing Population (CFP) has with customer infrastructure, it is important they do not become risk vectors.

To ensure the best possible delivery of our product and to uphold the continuity of our customers’ businesses, we rely on highly skilled experts. These experts, which include Field Service Representatives, technicians, both on-site and remote support teams, specialize in commissioning and software integration.

We acknowledge that these roles introduce new business risks, including cybersecurity threats such as the introduction of malware into customer infrastructure, data breaches, and the creation of network vulnerabilities.

Meeting customer expectations through the certification of consistent and sound security measures

Following the growing digitalization of our products, CFPs have seen their tasks become increasingly diversified, mostly requiring knowledge of firmware and IT.  The Cyber Badge was created to mitigate the potential risks stemming from service representatives’ digital practices and equipment.

The Cyber Badge is a proprietary Schneider Electric certification that a CFP must obtain (and maintain) to be in direct contact with customers. In order to obtain the Cyber Badge, CFPs must first undergo training on secure operation principles consistent with industry-leading cybersecurity standards, such as the ISA/IEC 62443-2-4 and the ISO/IEC 27000-series. The training contained within this certification also provides them with the knowledge needed to help detect and report cybersecurity incidents. However, the Cyber Badge is not only a training program. The Cyber Badge also demonstrates that CFPs possess up-to-date equipment and software to carry out their work on a customer site, mitigating risks stemming not only from their behavior, but also from the tools they possess.

Creating an enforceable mechanism to protect customers, placing security above revenue generation

As highlighted earlier, acquiring and maintaining the Cyber Badge certification is a fundamental requirement for direct customer interaction.  Our Cyber Badge policy states that any CFP without a valid Cyber Badge certificate is restricted from interacting with customers, whether on-site or remotely. To ensure compliance, their immediate managers are promptly notified to encourage the affected CFP to swiftly regain compliance.

Schneider Electric’s commitment to cybersecurity takes center stage in our choice to limit customer interactions for non-compliant CFPs, despite their role in generating revenue for the company.

If a CFP remains non-compliant with the Cyber Badge principles, they face a “lockout” from their Schneider Electric issued laptop. This decisive action, backed by our leadership and lines of business, serves to mitigate the risk of unsecured equipment being utilized within customers’ IT, OT systems and infrastructure. More information on this policy and its enforcement can be found in our Cyber Badge Principles.

Empowering customers to demand the best from their service representatives

In addition to providing CFPs with the demeanor and tools they need to ensure the safest interaction with our customers, the Cyber Badge also provides customers with added visibility and ownership of how Schneider Electric interacts with their infrastructure.

Similar to how electrical accreditation should be required before any interaction with a high voltage device, the ambition of the Cyber Badge is to provide proof that interaction with IT devices has gone through a similarly certifiable process. Customers are encouraged to demand the Cyber Badge of their Schneider Electric contacts. The certification serves as a hallmark of dedication to cybersecurity hygiene, providing customers with the assurance that they are engaging with a reputable and responsible service representative.

Fostering heightened cybersecurity throughout the industry

By spearheading an industry-first certification for customer interaction, we are catalyzing a shift towards enhanced cybersecurity at the interface between the customers and service providers.

Providing businesses with a recognizable Cyber Badge empowers them to prioritize digital security throughout their interactions with Schneider Electric, setting a new benchmark for cyber resilience and cultivating a safer, more secure digital environment for all. Join us in leading this transformative journey towards elevated industry cybersecurity. Together, let’s pave the way for a future where robust cybersecurity is not just an option, but a fundamental standard.

In a rapidly evolving digital landscape, initiatives such as the Cyber Badge exemplify a proactive approach to securing customer-facing interactions and safeguarding the integrity of their environment. The Cyber Badge provides reassurance and visibility across the supply chain, empowering customers to demand the highest standards from their service providers. As cybersecurity takes center stage across the ICS industry, the Cyber Badge stands as a testament to Schneider Electric’s commitment to prioritizing security above all, ensuring trust, reliability, and peace of mind for our customers and the communities they serve.

About the author

Author Profile

Amaury Amblard-Ladurantie, DCR Digital Risk Leader

A seasoned cybersecurity leader and CISO, Amaury joined Schneider Electric to focus on building cybersecurity standards for customer-facing activities. With a strong passion for digital transformation, he’s dedicated to setting the standard for customer trust in today’s digital age.

Tags: , ,

Add a comment

All fields are required.

This site uses Akismet to reduce spam. Learn how your comment data is processed.