IT Security and Data Privacy

IT Security

and Data Privacy

Undergoing digital transformation while ensuring safety and privacy

As our digital transformation stimulates new business opportunities ways of working and sustainability wins, robust cybersecurity has become increasingly important. 


This year, our plans to enhance our IT security systems shifted its focus to supporting our employees into accessing secure VPN from the safety of their homes. During the peak of Covid-19 pandemic in March/April, our secure VPN services were expanded across 8 countries from 300 to cover a total of 2,000 users across the globe, allowing them to securely access the applications and systems they need to support the critical business functions and keep our customers at heart.

Over 6,000 employees have been trained this year on cybersecurity best practices covering important topics such as Email Phishing, Malware, Frauds/Scams, Data Privacy, Network and Mobile Security. The training is now part of the Group’s induction program, and all new joiners are required to complete this course using our online training platform Axonify.

In line with our enhancement strategy, our IT team has initiated a project that will be delivered in 2021, which shall implement following mandatory services to keep the Group and our stakeholder’s data safe.

  1. Our Managed Security Incident Management Service monitors for cyber-attacks against our assets 24/7  
  2. Our Vulnerability Management Service proactively checks our e-commerce sites and critical information assets for vulnerabilities and recommends fixes.  

Implement security processes for above services with defined KPIs and SLAs for managing security incidents. 

These measures enable us to reap the economic and sustainability rewards delivered by our digital transformation safe from damaging cyber-attacks and data breaches.


“In an ever more interconnected environment, information and data is subjected to a wide variety of risks. At Chalhoub we are committed to putting in systems and processes in place to protect the technology and information assets we maintain by preventing, detecting and responding to threats, whether internal or external.”

Mohammad Faheem
Senior Tech Security Architect