Cybersecurity becoming part of KONE’s DNA

Elevators never rely on digital capabilities alone – there are always independent electrical and mechanical safety features in place which spring into action if there is an indication that an elevator shows signs of abnormal behavior. At KONE, safety is our top priority and we continuously work to prevent and mitigate any possible cybersecurity vulnerabilities. Cybersecurity is more than just about technology and data protection; it also comprises the people behind the solutions and their ways of working. They are the strongest links in ensuring security, and that’s why building a cybersecurity mindset throughout the company is essential.

In this blog our Head of Cybersecurity Awareness and Culture Pauliina Hartikainen introduces how KONE is building a collective cybersecurity mindset and community to ensure cybersecurity is part of KONE’s DNA now and in the future.

As part of KONE’s physical and digital transformation journey, we are constantly growing our cybersecurity team. Learn more about KONE Technology & Innovation and check out our career opportunities.

KONE moves over a billion people around the world every day. And that’s why building a collective cybersecurity mindset is so important.

We believe that cybersecurity should be a natural part of everyone’s daily work, and at KONE both online and offline safety is considered a joint effort. To enable cybersecurity awareness we train our employees and de-mystify cyber terminology through communications, and we even have our own community to discuss and share best practices.

My colleague Vilma Blomberg put it nicely one day when she said that cybersecurity should become part of our DNA. So whether you are a maintenance technician or factory operative or software developer at KONE, it should be part of your way of working. And KONE’s cybersecurity team exists to support and guide the way in how to act in a cyber-safe manner. We act as internal cybersecurity change-agents to raise awareness of cybersecurity best practices. The cybersecurity team gathers insights about customer concerns, and our local/country colleagues receive relevant information from cybersecurity experts to help them in customer dialogue.

So, how do we build a collective cybersecurity mindset? Everything starts with the basics: continuous training on how to avoid phishing, as well as sharing learnings for different roles across KONE, for example.

However, cybersecurity education is not a one-way effort. Building a collaborative community is an example of two-way learning. We kicked off building our Cybersecurity Community with an initiative to empower some of our employees to become Cybersecurity Champions, who safeguard KONE’s everyday actions. This initiative enables two-way learning.

The Cybersecurity Community consists of two different focus groups. The first one comprises experts from our technology teams including software developers and testers. This group has 50+ cybersecurity guild members. And the other group, mentioned above, consists of 120+ Cybersecurity Champions from our local/country teams, who are actively meeting and holding discussions with our customers. People in these groups are not cybersecurity professionals but they have been chosen to drive cybersecurity initiatives and actions forward in their teams. Both groups need skills to talk about cybersecurity that is related to our solutions.

For both focus groups, we organize regular monthly meetings and trainings. We increase their knowledge about either building secure solutions or talking about cybersecurity in our products and solutions. It’s not only one-way training or info sessions, it’s actually a community where we also have the opportunity to discuss these topics with a wider group of people. This bigger community makes us stronger together.

Ramesh Pavaluri from KONE Singapore is one of our Cybersecurity Champions, and he shared his experience as part of the community:

“In my role as Senior Customer Solutions Engineer, I support our sales teams on the projects with digital services, where cybersecurity is an integral part of the requirements. Hence I became a member of the Cybersecurity Community to get the latest happenings at KONE, to hear from the experts, and also to learn about best practices from various global projects.

During my time in the community so far, I have learned how cybersecurity plays a vital role both in my personal and professional life, and how human negligence can cause a lot of harm. I’ve also learned how an individual should play a role to be cyber-safe in their everyday life by using complex passwords, and being aware of scams in social networking, spam emails, etc.

Another benefit is that I’m able to connect with the global community where the cybersecurity experts can answer my queries and cybersecurity-related questions from the various countries. They help me to address the issues and also understand the latest customer cases and happenings at KONE to support their enquiries related to cybersecurity, concerning e.g. new standards and certifications.’’

As my colleague Vilma Blomberg mentioned in a previous blog: “Cybersecurity is an interesting topic in a company like KONE because we are talking about a world where physical and digital meet. There is both IoT and embedded software in our escalators and elevators - so when we talk about cybersecurity we are not just talking about cyber but also about physical safety. This makes our work meaningful and I think everybody on the cybersecurity team shares the same thoughts here at KONE.”

Our passion and mission as the Cybersecurity Community enablers at KONE is to help people hack through the complexity of cybersecurity jargon and enable safe living in this interconnected world.

KONE’s investment in cybersecurity is a part of KONE’s ongoing IT transformation journey. Learn more about KONE Technology & Innovation and check out our career opportunities.