Cybersecurity monitoring and assessments1
We have a mature cybersecurity program internal review strategy. In addition to the annual assessment of the program and its components, robust vulnerability assessment processes are in place, as well as penetration testing, red teaming, tabletop exercises and phishing drills conducted by internal and external teams. Results are continuously measured and assessed for possible improvements.
We contract reputable third parties to conduct annual external assessments of the cybersecurity program and its components. In 2021, these independent assessments included CoalFire and Trace3. Similarly, governmental agencies and their contracted agents conduct regular reviews in jurisdictions where we operate. Furthermore, insurance agents, clients and other market participants continually assess our security posture for their own needs. There were no material2 incidents related to data and cybersecurity breaches across our global operations in 2021.