Our responsibility

High ethics, environmental awareness and responsible business characterise every aspect of Cybercom’s business and operations. We are committed to being net positive by 2030 and fossil
free by 2045. A code of conduct governs how we behave towards others and each other.

Internally, Cybercom has made good progress in the environmental area. But the biggest difference we can make is to help clients implement solutions to reduce their negative environmental impact and increase their positive impact.

Our ambition is to attain net positive impact by 2030, meaning that Cybercom’s solutions and client assignments will have more positive impacts when they are used than they require in development. They should thus add more social or environmental benefit when they are used than the finite resources they require in production.

By 2045, we will be fossil free in our own operations, meaning that Cybercom’s business travel must be fossil free and our offices heated using renewable energy. Our purchases will be limited to products that are fossil-free in usage and production.

Environmental aspects are included in Cybercom’s Code of Business Ethics and Conduct. The company’s negative environmental impact will be reduced, the business will act according to the precautionary principle and contribute through technological progress. As a complement to the Code of Business Ethics and Conduct, Cybercom has an environmental policy oriented towards sustainable business.

Cybercom has an environmental management system. The Swedish part of the system is certified under ISO 14001. The environmental programme is based on the company’s environmental policy, environmental targets and action plans.

Each office adjusts the general environmental targets and action plans to their specific circumstances. LED lighting and time-controlled lighting are being installed where possible and sorting and recycling waste are standard operating procedure at all offices.

As a service company, Cybercom does not have much direct environmental impact, but is committed to reducing emissions from business travel and commuting, for example. The various IT solutions employees use for communication with clients and internally are helping us succeed in these initiatives. This has not only reduced travel, it has helped streamline collaboration.

Employees and clients are informed about how Cybercom’s offices can be reached by public transport. In another example, all offices have showers and dressing rooms to make it easier for people to run or cycle to work.

Cybercom has identified business travel as the most material key figure where the company can have the most impact. Travel is measured, regulated and monitored. Business travel has been reduced and we travel more often by train, as opposed to flying. Cybercom has almost no company cars. During 2019, Cybercom sourced and awarded a contract to a new travel provider to provide better opportunities to measure and monitor business travel.

High ethics must characterise every aspect of Cybercom’s business and operations. Cybercom’s Code of Business Ethics and Conduct guides employee conduct and business ethics are a standing item on the executive team’s agenda. Cybercom respects human rights. Respect for the individual’s privacy and dignity is fundamental to all relationships, both within Cybercom and with clients, partners and other external stakeholders.

Naturally, Cybercom has particular responsibility for its own employees. All sustainability-related principles and positions are specified in the company’s Code of Business Ethics and Conduct, which governs how employees are meant to act.

All employees complete web-based training sessions aimed at preventing corruption. The training is based on our Code of Business Ethics and Conduct and contains various possible dilemmas on which employees must take a position.

We also implemented a whistle-blower channel in 2019 for anonymous reporting of violations of the Cybercom Code of Business Ethics and Conduct. Reports are dealt with by an external party. There were no cases of corrupt conduct or discrimination reported during the year.

Work related to information security and data protection involves ensuring the confidentiality, accuracy and accessibility of all information assets. Information management must always be carried out with respect for and protection of personal privacy.

Cybercom works systematically with information security based on the company’s information security and data protection policy. The work is aimed at protecting the company against intentional and unintentional threats and complying with applicable laws, regulations and the requirements and the expectations of employees and clients.

Defining the right level of security involves establishing acceptable risk exposure, performing an analysis and describing on that basis the organisational and technical security measures required.

When GDPR went into full effect in 2018, Cybercom implemented a new security organisation and new policies and instructions to ensure compliance and raise the level of protection. Skills transfer and the exchange of experience among our internal security organisation and our IT secure business area were reinforced during the year and are creating added value for Cybercom and our clients. Cybercom had no cases of loss of client data in 2019.

All Cybercom suppliers must sign our Supplier’s Code of Conduct, which aligns with the Cybercom Code of Business Ethics and Conduct in all material respects, including environmental guidelines. We have replaced our own data centres with cloud service providers to cover our own needs and in our business, which has dramatically reduced our emissions.

We are coordinating other purchases for offices and employees by concentrating them to fewer suppliers to ensure good environmental effects. Products must be made with the least possible environmental impact. This includes the manufacturing process, choice of materials, transport and working conditions. We rely on the supplier’s disclosures concerning environmental impact and work environment. We do not perform our own audits of suppliers. We also seek to select products that are sustainable over time in that, for example, all or part of the product can be reused.