Data and information related to the production of flavors and fragrances are the cornerstones of doing business and must be protected. This is achieved on the one hand via technical measures and on the other hand through the employees and their secure behavior. Training courses and an active security culture are therefore crucial for successful information security and the “human firewall.”

With simple and effective information security, Givaudan aims to empower its employees to behave securely at work and in their private lives, thereby minimizing security risks for the company. The two- month Dos and Don'ts campaign, conducted with TreeSolution Security Awareness, was part of Givaudan's ongoing process to protect its confidential data.

The aim of the "Dos and Don'ts" campaign was to train all employees in information security in order to protect the company through secure behavior and to reduce the risks of data loss.

In addition to the campaign, employees were also surveyed using the Security Awareness Radar® to determine the status of the security culture in the company. The campaign offered the possibility to remind employees of the survey and to motivate them to take part.

10 "Dos and Don'ts" rules were defined, corresponding to the rules which were considered important for the daily interactions of the employees. These 10 tips were selected from five subject areas:

• Information security in the office and at home
• Use of the Internet
• Working on the go
• Dealing with passwords
• Secure communication

Each of the Dos and Don'ts was illustrated with a cartoon and supported in terms of content with risks and tips on how to behave. Additional information and key figures were made available on the intranet site.

Through the "Dos and Don'ts" campaign, Givaudan was able to successfully sensitize its employees to information security issues and empower them to contribute to the protection of company information through their secure behavior. This significantly reduced the risk of a successful attack.

The survey with the Security Awareness Radar® provided information about the security awareness of the employees, in the different departments and regions as well as the employee levels. This information enables the planning and implementation of subsequent and targeted measures.

The employees were enthusiastic about the topics and the modern way they were presented. The cartoons in particular were well received, as they presented the risks in a simple and entertaining way, which made them easier to remember.

“This is just a short email to compliment your work on the IT security emails. The cartoon is really well done and easy to understand -well done! “
Marketing Manager

“The information security awareness campaign was mentioned at the board meeting, and everyone said they loved it. The format chosen stood out and made a real difference. It will inspire us for our future awareness work.”
Jef Guerne
CISO, Givaudan AG

The results of the Security Awareness Radar® survey enable Givaudan to provide training on the required topics exactly where it is needed. The evaluation can be carried out for employee segments, departments, and regions. In this way, a security- conscious corporate culture can be promoted in a targeted manner.

By repeating the survey, it can be determined whether the measures implemented were successful, which topics need new or further training, and which target group requires renewed attention. As a result, information security is further consolidated in the corporate culture.