Cybersecurity and data protection

Protecting our company, our employees, and our clients.

As a leader in the digital industry, we take seriously our responsibility to create a trusted environment across our entire ecosystem. We believe that a comprehensive and constantly improving cybersecurity and data protection model will foster an increasingly valuable, yet elusive, asset: digital trust.

We are committed to protecting all data entrusted to us and defending our business against cyberattacks. Our cybersecurity and data protection teams enforce data breach and security incident management policies and ensure effective implementation of data, infrastructure, and identity protection obligations. This includes mandatory training programs for colleagues on how to prevent and respond to data breaches and incidents.

300+

sites across 34 countries are ISO 27001-certified

Top 3%

in Cybervadis’s cybersecurity and data protection assessment

500+

cybersecurity and data protection professionals

Committed to protecting data, infrastructure and security

As part of our Environmental, Social and Governance policy, we have set ourselves the objective to:

– Be recognized as a front leader on data protection and cybersecurity

Visit our ESG pages

Our CERT services

Our Computer Emergency Response Team (CERT) collaborates with our Security Operations Center (SOC) teams to establish detection rules and coordinate responses in line with an established framework:

How we operate

Data protection

Our Binding Corporate Rules (BCRs) are the foundation of our data protection program, setting out our commitment to securing personal data and complying with data protection laws. First approved by the European Data Protection Authorities in March 2016, and updated in 2019 to meet the requirements of GDPR, they ensure continuous improvement in data protection processes across our entire organization.

Our Binding Corporate Rules

Cybersecurity

Our board-sponsored cybersecurity strategy, in place since 2014, is focused on: managing internal and external threats; establishing trust mechanisms within our ecosystem and across our organization; and complying with legal requirements and security standards (with ISO 27001 as a baseline).

Our communities

Internal cybersecurity and data protection communities are a critical component of our operating model that work together on protecting our company, employees, and clients. The cybersecurity community includes the Group Cybersecurity Officer and team, and Chief Information Security Officers in all global business lines, business units and countries.

Computer emergency response team

The Computer Emergency Response Team (CERT) is responsible for preventing threats and intervening in security incidents impacting Capgemini. If you have any concerns or want to report an issue, please get in touch using the details below:
– PGP key: 0x2D581804
– Phone number: +33 (0)7 64 54 24 53
– Rfc2350 for CERT-C is located in the file below

Download the file

Protecting our clients

We bring together a business-focused approach, sector-specific expertise, advanced technology, and thousands of skilled professionals to deliver an end-to-end portfolio of cybersecurity services to our clients.