Cyber security

Our commitment to protecting customer information and digital assets.

“In today’s digital world we understand that cyber security is an area of increasing concern for our customers. We can assure you that this is a top priority for Formue management and the Board, and we are committed to ensuring the confidentiality, integrity, and availability of our customers information and digital assets” – Alexander Heiberg, constituted CEO.

Our dedicated information security department is led by the Chief Information Security Officer (CISO), who is responsible for Formue’s security program & strategy. We’ve invested significantly in competent employees and leading cyber security systems to ensure effective protection of customer information and digital assets.

Security is incorporated into all business processes and day-to-day work. We’ve implemented the following security controls to safeguard customer information and digital assets during storage, processing, and transmission: Two-factor authentication, strict password requirements, access management, data encryption, secure document handling processes, AI-powered email filter to protect against sophisticated phishing attacks, backup and recovery testing, business continuity planning, as well as an external managed Security Operations Centre (SOC) for 24/7 security alert monitoring, investigation and incident response.

We closely monitor developments in the cyber threat landscape in order to be at the forefront of new security vulnerabilities and threats.

Our extensive cyber security training and awareness program ensures that employees follow the company’s routines for protecting customer information. Continuous awareness has fostered a security culture that enables our staff to consider security in their daily work and identify and report security weaknesses as quickly as possible. Phishing tests are conducted regularly, as well as annual security training and a security culture survey to identify areas for improvement.

The suppliers we work with are assessed from a security & privacy perspective to ensure that security and GDPR requirements are met to minimize potential risks.

To ensure our security controls and processes work effectively and in line with best practice, Formue undergoes annual audits carried out by independent security specialists. This includes tests that simulate cyber-attacks to identify and address potential weaknesses.

ISO27001 Certification

Our security program is aligned to best practice frameworks. These include NIST cyber security framework and ISO27001 – a globally recognised standard for managing information security.

In 2023 Formue achieved ISO27001 certification which validates our proactive and structured approach to mitigating security risks and reinforces our commitment to protecting our customers information.

image
Contact us