Information Security Policy
Information Security Statement
At Cablenet Communication Systems PLC, we’re proud to be one of Cyprus’s leading telecommunications providers. We provide mobile, fixed telephony, internet, TV and enterprise services to thousands of customers, including both individuals and businesses. In providing our services, we recognise our responsibility to manage information that is entrusted to us by our customers, partners, and employees.
We aim to meet our responsibility by identifying and managing risks that may impact the confidentiality, integrity, or availability of information.
We have implemented an Information Security Management System (ISMS), certified to ISO/IEC 27001, that provides a combination of policy-led, technical and operational security initiatives that help us manage those risks.
To demonstrate our commitment to our information security principles, we aim to achieve the following objectives:
- To be recognised as a trusted organisation by our business clients, consumer customers, and partners, by maintaining an internationally accredited ISO 27001 certified Information Security Management System.
- To maintain proactive information security awareness activities across our organisation.
- To maintain compliance with data protection laws, regulatory requirements, and contractual obligations.
- To ensure services are delivered without unnecessary disruptions to our business clients, consumer customers, partners, and internal business processes.
- To ensure we can demonstrate our compliance with customer contractual security requirements and exceed expectations whenever possible.
- To implement and maintain technology safeguards that protect confidential and personal information from unauthorized access, use, or disclosure.
- To protect our knowledge, know-how and intellectual property and that of our partners and business clients from unauthorised use or exploitation.
- To ensure our information security principles propagate throughout our supply chain.
- To enhance our competitive advantage wherever possible through the promotion of our high standards and adopted best practices for information security.
- To continually improve our Information Security Management System and practices.
Security Management
Information assets are identified, assessed for risk, and appropriately protected.
Information security risks are captured and managed in accordance with a formal process.
Information security training is available to all employees, including part time employees and contractors.
Security policies covering IT systems, personnel security, facilities, supply chain assurance, business continuity, and the collection, use, sharing, retention, and disposal of information are implemented and adhered to.
All actual or suspected breaches of information security will be reported to and investigated by the Information Security Team.
Our management system and information security controls are regularly assessed to evaluate effectiveness and ensure compliance.
Management will conduct a review of the Information Security Management System at least annually to determine its effectiveness and drive continual improvement.
Responsibilities
Senior Management assumes overall accountability for information security and is responsible for ensuring that the Information Security Management System meets its intended outcomes.
Senior Management has appointed an Information Security Officer (ISO) who is responsible for the operational management of the Information Security Management System, including reporting on its effectiveness to Senior Management.
An Information Security Committee has been established that oversees the management, maintenance, performance and improvement of management system policies and controls.
Information Asset Owners are appointed with responsibility for identifying and classifying their information assets and addressing associated risks.
Managers at all levels are responsible for ensuring compliance with the Information Security Management System within their areas of responsibility.
All employees, contractors, and relevant partners and suppliers are required to comply with our Information Security Management System. Breaches in compliance are earnestly considered and may lead to disciplinary action or termination of contracts.
Approved by: Ioannis Mavridis
Title: CEO
Date: 17 July 2025 v1