SERMA Group has achieved a score of 950 out of 1000 in the CyberVadis assessment, confirming the strength and maturity of its cybersecurity management system.
This result places SERMA among the highest-rated companies in the benchmark, marking a two-point improvement compared to the previous year.
What is CyberVadis?
CyberVadis is an international cybersecurity assessment platform that evaluates, using a standardized methodology, the level of control and compliance of companies in the field of information security.
The evaluations are based on recognized standards (ISO 27001, NIST, GDPR, etc.) and cover a broad range of controls: access management, data protection, third-party security, business continuity, incident management, and regulatory compliance.
Each assessed company receives an overall score out of 1000 points, along with a detailed report by domains and security functions.
A global score reflecting SERMA’s robust cybersecurity framework
With 950 points, SERMA Group demonstrates the performance and rigor of its cybersecurity practices.
The 2025 assessment was based on the analysis of 212 security controls across all domains covered by CyberVadis. Among them, only 3% were reported as not implemented. The report also identified 187 strengths and 25 areas for improvement, highlighting the Group’s maturity and commitment to continuous improvement.
SERMA significantly outperforms the average scores of companies assessed by CyberVadis across all key domains.
Assessment domains:
- Data confidentiality: 990 (average: 700)
- Data protection: 935 (average: 663)
- Business continuity: 989 (average: 647)
- Third-party security management: 918 (average: 567)
Operational functions:
- Identify: 997 (average: 688)
- Protect: 926 (average: 630)
- Detect: 1000 (average: 637)
- Respond: 969 (average: 648)
External recognition of SERMA’s cybersecurity excellence
This new assessment reaffirms the reliability and resilience of SERMA Group’s Information Security Management System (ISMS).
It demonstrates SERMA’s ongoing commitment to ensuring the protection of its clients’, partners’, and employees’ data, while maintaining business continuity and trust across all its operations.
