?? Exploring Sustainable Performance & Security: An Interview with Christelle Masse, STid’s Director of Sustainable Performance ????

Q: Can you introduce yourself and explain your role at STid?

Christelle: I'm the Director of Sustainable Performance, and I joined STid exactly two years ago! I'm 43, a mother of two, and very passionate about what I do. ????

Q: What are your main responsibilities as the Director of Sustainable Performance?

Christelle: My role focuses on the continuous improvement of our organization and the group's overall performance, with a particular emphasis on integrating our Corporate Social Responsibility (CSR) strategy.

CSR Strategy

Q: Why is it important for companies to integrate a CSR strategy today?

Christelle: At STid, we do it naturally, out of conviction. We believe that our company’s economic performance cannot be separated from social, societal, and environmental performance. Even if it’s not driven by belief, companies will need to adopt CSR because legislation is evolving fast, with new regulations like CSRD and ESPR. ????

Q: What are the main benefits for a company that adopts a CSR approach?

Christelle: First, it strengthens our relationships with stakeholders: employees, clients, and suppliers all see our commitment to sustainable, responsible practices. By setting goals for improvement (through a CSR lens), working together to reduce our environmental impact, and supporting the well-being of our employees, we create a virtuous cycle. This allows our employees to thrive, which benefits our business and contributes to a more sustainable future for everyone. ????

Linking CSR and Security

Q: Do you feel supported internally and externally in STid’s CSR strategy?

Christelle: Absolutely, I’m fortunate to have a leadership team committed to being a CSR model, as shown by the creation of the CSR department in late 2022. The CSR committee members are highly engaged and act as true ambassadors in their teams. By endorsing and spreading key messages, our employees are motivated to contribute! Externally, our partners are also very supportive, although some face time constraints. ???

Q: STid departments might not yet have a built-in CSR mindset. What tools or advice do you have to create this mindset or formalize CSR processes within projects?

Christelle: By incorporating CSR into our processes, we make it automatic and part of everyday tasks and activities. It becomes a natural part of each department’s workflow. ?

Q: External partners sometimes lack awareness of security and CSR regulations, making it challenging to support projects effectively. Can you share an example?

Christelle: We run many projects across departments, yet only a few partners flag CSR-related concerns. While staying informed about regulations isn’t yet a reflex for some professionals, they show interest once we mention it. This is why internal awareness is vital; when our teams understand, they can spread that awareness to their stakeholders. ????

Integrating CSR into Security

Q: How can companies effectively integrate CSR issues into corporate security?

Christelle: As mentioned, CSR should be integrated across all functions. That’s why our IT department is also part of the CSR committee; CSR success requires a holistic approach. A major focus of our CSR strategy is setting an example in facing cyber threats, which means we’ve set objectives and actions to support both CSR and cybersecurity goals. ????

Q: Do you see any regulatory gaps for linking CSR with security?

Christelle: GDPR is an example of regulation, and CyberScore is starting to complement GDPR, so that connection is gradually forming. Cybersecurity is a critical CSR pillar, as it prevents malicious actions and helps people feel secure. Whether it’s protecting sensitive employee or business data, cybersecurity has a positive impact on everyone. Information security is a key lever connecting CSR and digital issues, making it a central, future-focused topic. ?????

Q: You mentioned CyberScore. Could you explain what it is and how it reflects the link between CSR and security?

Christelle: The CyberScore law came into effect on October 1, 2023. This regulation now requires public-facing online platforms to conduct a cybersecurity audit and present results visually, so consumers are informed. This is essential; today, companies must comply with CSR standards and ensure their digital security meets current challenges. The law requires cybersecurity certification for public digital platforms and an obligation to inform consumers about platform security and data protection levels. This transparency reassures users and aligns security with CSR. ????

Q: What risks does a company face if it excludes security in its CSR strategy?

Christelle: Neglecting security as a CSR component overlooks a major action lever, which could have negative economic, social, and environmental impacts and risk losing user trust. ????

In Conclusion

Q: What advice would you give to companies that haven’t yet realized the importance of including CSR and security in their overall strategy?

Christelle: If companies want to sustain their activity, they need to understand that security is essential to overall company performance, which includes economic, social, societal, and environmental performance. CSR issues are linked to overall company performance, which is itself connected to security. Everything is interconnected, so we shouldn’t compartmentalize our work. ????