This is the Modern Slavery Act statement prepared on behalf of Cybereason Inc. and its subsidiaries (together "Cybereason").
Cybereason regards all forms of slavery and human trafficking as unacceptable and we strive to ensure that it must play no part anywhere within our business. We are committed to ensuring that everyone we deal with is treated with dignity and respect and that the way we conduct our business and our dealings with suppliers reflects our values and deters any form of modern slavery and human trafficking from occurring within our business and the business of any of our suppliers and service providers.
Cybereason expects each of our business partners, suppliers and vendors to share our commitment to respect for human rights and equality of opportunity in the workplace. We expect each such organisation to reflect this in their own employment practices so as to achieve full compliance with all applicable laws and regulations.
Cybereason is the champion for today’s cyber defenders providing future-ready attack protection that unifies security from the endpoint, to the enterprise, to everywhere the battle moves. The Cybereason Defense Platform combines the industry’s top-rated detection and response (EDR and XDR), next-gen anti-virus (NGAV), and proactive threat hunting to deliver context-rich analysis of every element of a Malop™ (malicious operation). The result: defenders can end cyber attacks from endpoints to everywhere. Cybereason is a privately held, international company headquartered in Boston with customers in more than 30 countries.
Cybereason employs over 800 employees worldwide. Our employees are at the heart of our business and so it is essential that all employees and staff are treated fairly. We ensure at all times that our employment practices across the world comply with all minimum local standards.
We also strive to create and foster a diverse and inclusive workplace. We provide equal employment opportunities to all employees and applicants for employment without regard to sex, marriage or civil partnership, gender re-assignment, pregnancy and maternity, race (including racial group, ethnic origin, color, nationality and national origin), disability, sexual orientation, religion or belief, and age.
We are confident that in engaging our staff we comply with all minimum legal requirements applicable in the country of their engagement.
We operate as a "Software as a Service" company, and rely on Cloud Services in the performance of our software. Given this, we have a relatively short and integrated supply chain, and purchase our cloud storage from well-established and reputable global providers.
As part of managing risk, we see importance in building relationships with our suppliers and vendors to ensure that they maintain high standards and have an ethos which reflects our own. In particular, we are committed to ensuring that our suppliers and vendors and other business partners treat their own employees and workers with dignity and respect, in fair and ethical working environments.
We therefore seek to engage our suppliers, vendors and other third-parties business partners in such a way that ensures our commitment under this Statement and our compliance with all applicable laws. Our agreements with suppliers, vendors and other business partners are subject to a thorough review by our procurement and legal teams (as applicable), and for more sensitive engagements, our security team ensures adherence with various security requirements and compliance with applicable laws. We also require all our business partners, including suppliers, complete our due diligence process, ensuring that we have visibility of our supply chain.
We remain constantly vigilant and periodically monitor risks at all levels of our supply chain.
Identifying, assessing, and monitoring any potential areas of risk in relation to our business and supply chains is of vital importance to Cybereason. Therefore, when we work with suppliers and vendors, we consider what type of service is being provided, who it is being obtained from, the length of our relationship with the supplier or vendors, and the location from which it is being supplied. We will continue to identify and manage risks and work with our suppliers and vendors to uphold ethical standards.
We are aware of the importance of taking steps to mitigate against the risks of modern slavery and, to this end, Cybereason's Board has approved the implementation of a specific Anti-Slavery and Human Trafficking Policy. As part of this policy, all stakeholders in the company are required to understand and comply with their respective obligations.
We have also taken steps to encourage staff to raise any concerns that they might have, and we ensure that all our suppliers and vendors are contractually committed to complying with all applicable laws.
Anti-Slavery and Human Trafficking Policy
Cybereason has a zero-tolerance approach to modern slavery in all its forms. This Policy sets out the general rules and principles to which the Company adheres and with which all employees must comply. It applies to all employees, officers, consultants, contractors, temporary employees and directors, wherever located of Cybereason and extends to all business dealings and transactions in all countries in which it or its subsidiaries operate.
This Policy explains the procedures through which the Company maintains its high ethical standards and protects against any form of modern slavery in its business and within the business of its suppliers or service providers.
Any breach of this Policy can result in disciplinary action, up to and including termination of employment. In addition, Cybereason may terminate its relationship with individuals and organizations working with the Company without compensation if they breach this Policy.
Global Business Partner Code of Conduct
Cybereason requires its business partners to comply with the guidance provided in our Global Business Partner Code of Conduct, which is integrated into our standard agreements with those business partners. The Global Business Partner Code of Conduct sets out that Cybereason expects its business partners to share our commitment to human rights and equal opportunity in the workplace and conduct their employment practices in full compliance with all applicable laws and regulations, as well as treating their employees with dignity and respect
Code of Business Conduct and Ethics and Employee Handbook
Cybereason's internal Code of Business Conduct and Ethics and Employee Handbook contain our commitment to equal employment opportunities and diversity. Together, they set out our expectations for how our staff should conduct themselves in an honest, legal and ethical manner. The documents also set out our policy on whistleblowing, to help staff feel supported to raise any concerns (including any concerns about the conduct of those engaged within the supply chain and their use and treatment of staff) and thereby help us achieve the standards we expect.
Any failure to comply with our standards on modern slavery and human trafficking is regarded as a serious disciplinary matter and would be dealt with under the terms of our formal disciplinary procedure.
It is important to us that our employees are aware of the issues surrounding modern slavery and support our values. Our senior executive team is aware of the obligations contained in the Modern Slavery Act and set an example to the rest of the business. As part of compliance program, we will offer training to those involved in the procurement of suppliers and vendors for the business, to ensure that they are aware of the requirements of the Act and can raise any concerns which they might have at the earliest possible opportunity.
Cybereason recognises that compliance with the Modern Slavery Act is an ongoing commitment. We plan to continue to develop our practices and procedures to minimise the risk of slavery and human trafficking occurring anywhere in our business.
This statement is made pursuant to section 54(1) of the UK Modern Slavery Act 2015 and constitutes Cybereason's slavery and human trafficking statement for the financial year ending 31 December 2022.
-Cybereason Inc.