Cybersecurity is an essential pillar of Klabin’s strategy. Our commitment is to ensure the protection of the Company’s operations and information, promoting a secure and resilient digital environment for employees, partners, customers, and shareholders.

 

To support this commitment, Klabin follows ISO27001, Marco Civil da Internet, LGPD, GDPR, CISP, NIST, and IEC-62443 as guiding standards and best practice references. This choice ensures the confidentiality, integrity, availability, and authenticity of information, in addition to providing an integrated view of administrative and industrial environments.

 

Klabin’s cybersecurity work is guided by four pillars:

 

• Confidentiality: only authorized people have access to information;
• Availability: information accessible whenever needed, by duly authorized users;
• Integrity: data altered only by authorized means;
• Authenticity: confirmation of the origin of information, ensuring its truthfulness.

 

The governance of this topic is carried out by a multidisciplinary committee involving the areas of Risk, Internal Controls, Internal Audit, Information Technology, Industrial Automation, and business areas. This structure ensures an integrated and strategic view of cyber risks, promoting preventive, corrective, and educational actions.

 

Klabin also adopts an approach to third-party management in the context of cybersecurity and privacy, ensuring that all suppliers and partners are aligned with its internal policies and regulatory compliance. In addition, the Information Security area acts proactively to protect the company’s systems through continuous improvement initiatives, such as:

 

• Use of layered technologies for risk mitigation;
• Continuous monitoring and incident response;
• Compliance of industrial systems with manufacturers’ recommendations;
• Execution and testing of business continuity plans;
• Evaluation of security requirements with suppliers and partners;
• Awareness of employees and third parties;
• Support for secure software and technology project development;
• Responsible adoption of new technologies, including artificial intelligence;
• Compliance with internal policies and controls.