English (UK) 
简体中文 
Français 
Deutsch 
Italiano 
Português do Brasil 
Español 
Introduction
LiquidQube is committed to maintaining a secure and resilient digital environment to protect our systems, data, and operations. This Cybersecurity Policy outlines the principles and practices we follow to safeguard against cyber threats, ensure compliance with applicable legal and regulatory requirements, and uphold the trust of our customers, employees, and partners.
This policy is aligned with internationally recognised cybersecurity standards and best practices, ensuring a robust approach to identifying, mitigating, and managing security risks.
Scope
This policy applies to all employees, contractors, suppliers, partners, and stakeholders who interact with LiquidQube’s systems, data, and digital infrastructure. It governs all aspects of cybersecurity, including the use, management, and protection of information systems, software, hardware, and data.
Objectives
The objectives of this policy are to:
Protect LiquidQube’s digital assets and sensitive information from unauthorised access, disclosure, alteration, or destruction.
Establish clear roles and responsibilities for cybersecurity within the organisation.
Promote awareness and accountability for cybersecurity among all employees and stakeholders.
Ensure compliance with applicable cybersecurity laws, regulations, and standards.
Provide a framework for responding to and recovering from cybersecurity incidents.
Key Principles
Risk Management
Conduct regular risk assessments to identify, evaluate, and mitigate cybersecurity risks.
Implement risk-based controls to address identified vulnerabilities.
Access Control
Restrict access to systems and data based on the principle of least privilege.
Enforce strong authentication measures, including multi-factor authentication (MFA), where applicable.
Regularly review and update user access rights.
Data Protection
Encrypt sensitive data at rest and in transit.
Ensure secure storage and transmission of personal and business data.
Implement data loss prevention (DLP) measures to protect against accidental or malicious data breaches.
System and Network Security
Maintain a secure network architecture with firewalls, intrusion detection/prevention systems (IDS/IPS), and segmentation.
Regularly update and patch software, hardware, and applications to address security vulnerabilities.
Conduct penetration testing and vulnerability scans periodically.
Endpoint Security
Deploy endpoint protection solutions, including antivirus, anti-malware, and endpoint detection and response (EDR) tools.
Ensure secure configurations for all devices, including laptops, desktops, and mobile devices.
Awareness and Training
Provide regular cybersecurity training and awareness programmes for all employees and contractors.
Educate users on recognising and responding to phishing, social engineering, and other cyber threats.
Incident Response and Recovery
Maintain an Incident Response Plan (IRP) to detect, respond to, and recover from cybersecurity incidents.
Conduct regular incident response simulations to ensure preparedness.
Ensure timely reporting and escalation of cybersecurity incidents to relevant stakeholders.
Third-Party and Supply Chain Security
Conduct due diligence on third-party vendors and partners to ensure they meet LiquidQube’s cybersecurity requirements.
Include cybersecurity clauses in contracts with suppliers and partners to ensure accountability.
Monitoring and Logging
Implement continuous monitoring of systems, networks, and applications for suspicious activity.
Maintain comprehensive logs of system activities to support forensic investigations and compliance requirements.
Compliance
Ensure adherence to applicable cybersecurity laws, regulations, and standards in all regions where LiquidQube operates.
Responsibilities
Leadership
Ensure the implementation and enforcement of this policy across the organisation.
Allocate resources for cybersecurity initiatives, training, and tools.
Employees
Follow security best practices and report any suspicious activity or potential breaches immediately.
Participate in cybersecurity training and adhere to company policies.
IT and Security Teams
Develop, implement, and manage technical controls to safeguard LiquidQube’s systems and data.
Monitor the threat landscape and adjust security measures accordingly.
Respond to and investigate cybersecurity incidents promptly.
Incident Reporting
All employees and stakeholders are required to report any suspected cybersecurity incidents immediately to the IT Security Team at data@liquidqubegroup.com. Examples of incidents include:
Unauthorised access to systems or data.
Malware infections or phishing attempts.
Data breaches or leaks.
Review and Updates
This policy will be reviewed annually or as needed to reflect changes in the threat landscape, technology, or legal and regulatory requirements. Updates will be communicated to all relevant parties.
Contact Information
For questions or concerns regarding this policy, please contact data@liquidqubegroup.com.
