Sir, cybersecurity is based on three principles: confidentiality, integrity and availability of data. There is also a compliance aspect. All companies have to be in compliance now. I'm not old, but I'm experienced, and I remember a time when cybersecurity measures, though considered best practices, were only suggestions, not mandatory.
We now have mandatory laws and rules in place. Cascades was one of many companies to establish security policies and standards based on ISO 27001 and 27003. The company set up a governance group and deployed a security policy in accordance with its own standards. The policy is based on system confidentiality, integrity and availability.