en Seta
<%= Localization.GetString("ChangeLanguage.text", ResolveUrl("~" + PortalSettings.ActiveTab.SkinPath + "App_LocalResources/SkinResources.resx"))%>en<%= Localization.GetString("ChangeLanguage.text", ResolveUrl("~" + PortalSettings.ActiveTab.SkinPath + "App_LocalResources/SkinResources.resx"))%>pt

No significant cyber security breach

In the face of evolving technology and increasing cybercriminal threats, Galp has significantly prioritised cybersecurity to prevent significant breaches, strengthening resilience and embedding a strong cyber culture within its operations.

To achieve our ambition, Galp is focused on the following drivers:

  • Strengthen cyber resilience in our operations
  • Incorporate cyber culture in our DNA

Strengthen data infrastructures in our operations

Our dedicated Red Team has conducted assessments and an annual Cyber Crisis drill, engaging management to ensure preparedness. Substantial investments persist in fortifying Cyber Resilience across our industrial areas, adeptly countering evolving threats in the energy sector.

Galp maintains a 24/7 Cyber Security Incident Response Team (CSIRT) to coordinate incident responses and ensure resilience. We continuously improve our cybersecurity posture by identifying and monitoring lessons learned, and actively engage in threat intelligence exchange with authorities and peers. Our CSIRT team has been recognized in the European CSIRT community (TF-CSIRT) and included in the Forum of Incident Response and Security Teams (FIRST), showcasing our commitment to best practices.

Incorporate Cyber culture in our DNA

In 2023, Galp also defined a new cybersecurity roadmap and began implementing several initiatives aimed at aligning Galp’s Cyber Maturity with the global top quartile for all sectors, being already above the global benchmark.

Galp as a top performer on cybersecurity

As per the evaluation conducted by a Cyber Ratings company, Galp currently stands among the top 5% of companies in the Global Energy Sector concerning its cybersecurity posture, improving its ranking compared to last year.

Additionally, in 2023, several initiatives were launched to raise employee awareness of the cyber threats that have gained weight in the current macro context, as well as public alerts to customers and society in general regarding situations in which cybercriminals have tried to take advantage of Galp’s reputation to carry out cyber fraud attempts. Galp continued to invest in promoting a Cybersecurity culture programme through its “CyberOn” brand. In addition to dozens of awareness-raising contents, campaigns and training – including regular phishing exercises – a new Cyber Gamification platform, “CyberOnYou”, was put in place to explore other security gaps and measure the effectiveness of the awareness-raising and training content being developed through this adaptive learning approach. Also, in line with our goal of incorporating a cyber culture into our DNA, since 2023 we have had compulsory training on Cybersecurity topics.

Strengthening cybersecurity in the ecosystem together with our peers

As a member of the Portuguese Cybersecurity Alliance and a member of its Executive Committee, Galp continues to invest in promoting cooperation between companies and public entities in protecting the digital economy. The Alliance aims to act as a platform for cooperation, aggregating best practices and proactively accelerating their adoption by the market. Galp, in collaboration with our colleagues at the WEF, contributed to the development of a guide to unlocking Cyber Resilience in industrial environments.