Harries production site in Bolton Hill, Wales
  SIGMAROC ANNUAL REPORT 2023 STRATEGIC REPORT
CIO Systems & Digital Innovation Report
are also vulnerable to cyber threats, although largely beyond our direct control.
To mitigate potential risks, we closely monitor the security of these intricate supply chains. The growing use of machine learning and artificial intelligence further amplifies the sophistication and frequency of fraudulent activities. The emergence of ‘Deepfake’ technology, leveraging machine learning to manipulate audio and visual content, adds to the risk of phishing or fraud attacks impersonating senior executives.
Despite significant investments in enhancing our systems, processes and networks, SigmaRoc acknowledges that achieving complete security is challenging. However, we remain dedicated to collaborating with high quality third- party IT providers to enhance IT safety and inform staff of tactical innovations utilised in cybercrime.
OUR CURRENT DEVELOPMENTS
Geopolitical turmoil has significantly expanded the potential attack surface area due to remote working, thereby increasing the risk of cyber assaults for all businesses. Furthermore, the widespread use of phone and tablet like devices has increased significantly in recent years as being part of the digital transformation of the Group. SigmaRoc has noted a rise in both the frequency and complex of cyberattacks targeting its operations.
Our cybersecurity monitoring systems consistently detect attempts to breach our networks and systems. The increase was most noticeable post the announcement of the war
in Ukraine. During 2022, there was an instance where one of our email servers experienced a substantial series of attacks. However, the protection systems in place were stringent enough for these attacks not to have resulted in any significant breach of our IT infrastructure or caused any notable business disruptions.
The outlook of the Group is that the frequency of cyberattacks, which entail the manipulation of legitimate third-party software to spread malware or gain unauthorised access to systems by impersonating senior management, will rise. Additionally, the Group predicts that ransomware will continue to pose a significant threat to firms in the industry that have become ever more informatised over recent years.
HOW WE MITIGATE RISK
SigmaRoc takes proactive measures to enhance IT security awareness and education among its personnel. Monthly cyber security trainings are conducted to keep staff informed about the latest cyber-threats and ransomware practices.
In line with its decentralized platform structure, SigmaRoc has organized the Group's IT infrastructure similarly to mitigate cyber risks. This includes implementing a layered cybersecurity setup, proactive monitoring, independent penetration testing, off network data backups and data backup restoration tests to validate system security wherever possible.
To safeguard critical systems, the Group implements privileged access management protocols and ensures that