Managing Information and Cybersecurity Risk
SunSource’s enterprise risk management program prioritizes cybersecurity and invests in protecting our systems and data for our associates, customers, partners and investors. We design our IT systems and operational procedures utilizing the best practices and principles outlined by the National Institute of Standards and Technology (NIST 800-171 Cybersecurity Framework). We are also in the process of completing our Cybersecurity Maturity Model Certification (CMMC).
The data we collect during normal business activities to help us fulfill customer orders, provide team member benefits and better serve our stakeholders is protected from unauthorized access, usage or disclosure. We require annual training for associates who process sensitive information. More details regarding our data collection, usage, sharing and storage practices are available via our Privacy Policy.
Data Privacy:
- NIST CYBERSECURITY FRAMEWORK
- EXTERNAL THREAT MONITORING
- 24X7 SECURITY OPERATIONS CENTER
- MANDATORY CYBERSECURITY TRAINING & PHISHING TESTING FOR ASSOCIATES
- VULNERABILITY MANAGEMENT & PENETRATION TESTING
- INCIDENT RESPONSE TESTING
Cybersecurity Training
Because we live in an unprecedented digital age where technology changes fast, we have identified cyber threats as one of the primary risks to our business. Using external threat detection services and real-time 24x7 monitoring, we can detect and contain potential threats before they escalate. One of the most important protections against these threats is our people. As a result, we have established a comprehensive cybersecurity training program to raise associate awareness and improve our ability to detect and mitigate phishing schemes. Our program includes mandatory phishing training, as well as regular mock phishing exercises to ensure our associates can recognize and report these real-world threats.
%20(1).png)
%20(1).png)
%20(1).png)