Until now, each Orange subsidiary managed the security of its own digital work environment. But with growing regulatory requirements such as the European NIS2 (Network and Information Security 2) directive, a more unified and structured cybersecurity framework became essential.
To bring Group-wide threat monitoring under one roof, we turned to Orange Cyberdefense, whose teams have spent the past decade building detection and response services for cyberattacks across multiple sectors.
Their expertise and speed are well established. According to the Security Navigator Report 2025, Orange Cyberdefense teams resolve more than 27 percent of confirmed cybersecurity incidents within the first hour.
Every workstation used by Orange employees is now covered.
The Global SOC solution developed for the Group enables more coordinated and effective incident response. It provides automated threat detection and centralized alert handling for all 140,000 fixed and mobile devices used by employees across 16 countries and 35 subsidiaries. The solution is designed specifically for large organizations operating multiple entities worldwide.
Endpoint protection for PCs and professional mobile devices is built on next-generation detection and response tools (EDR), automated updates, and a unified workflow. This setup enables automated actions, including isolating devices around the clock in response to critical alerts, and blocking computers or mobile phones when a severe attack is detected.
“This consolidated view of security across all our subsidiaries, countries and divisions is crucial because it helps us optimize and standardize our response to attacks targeting our IT systems and the Group’s operations,” explains Jean-Marie Mélé, Group Chief Information Security Officer at the start of the project and now Head of Risk Analysis and Audits. He stresses the need for consistent perimeter defenses to avoid any gaps attackers could exploit.
Orange Cyberdefense teams met the challenge in under a year.
With the Global SOC, every incident is handled the same way, regardless of an employee’s location or role.
All workstation-related security alerts are monitored and resolved within a single platform and workflow, improving response times whenever a confirmed security incident occurs.
This approach significantly strengthens the Group’s resilience and helps ensure business continuity in any situation. With better protection for workstations, information systems and infrastructure, our customers also benefit from more reliable services.
The Global SOC also supports Orange’s compliance with the General Data Protection Regulation (GDPR), protecting sensitive data belonging to both the Group and its customers.
The Global SOC will play a key role in aligning the Group with the European NIS2 directive by enabling fast, centralized detection and response to incidents.
The Global SOC strengthens integrated cybersecurity as a strategic pillar for the Group. It also connects with other major initiatives, including sovereign cloud, network resilience and internal awareness programs.
This strategic focus is reinforced by our acquisitions of Swiss cybersecurity specialist SCRT, Telsys, and most recently ensec, as well as our involvement in sector-wide partnerships.
With cyber threats continuing to increase, securing 140,000 workstations is a challenge that requires constant vigilance. Orange Cyberdefense’s commitment not only protects every fixed and mobile device used by Group employees but also helps shape best practices across the industry.
The Global SOC service will continue to evolve as threats evolve. Those enhancements will also benefit Orange Cyberdefense’s external customers.
