15 Life Is On | Schneider Electric www.se.com 2021 Trust Report 6 Digital trust and security 6.1 Cybersecurity context and stakes Hyperconnectivity brings the promise of improved efficiency, productivity, and safety, but, at the same time creates new sources of risks. At Schneider Electric, we take this threat very seriously. Our commitment to Life is On begins with giving businesses and citizens trust in the New Electric World. Doing so requires that we not only help our customers to defend against these threats through our products and services, but also maintain a strong cybersecurity posture to avoid becoming a risk to them. That is why cybersecurity and data protection are integral to Schneider Electric’s business strategy and digital transformation journey and is at the core of our Trust Charter. At all levels of the Group, clear expectations for both individual and collective behaviors are defined in a cybersecurity “Trust pillar.” In addition to corporate commitment, our executives play a crucial role in making cybersecurity a core tenet of our business and corporate culture through the sponsorship of the Executive Committee and oversight from the Board of Directors. Our vision as a digital leader in energy management and industrial automation is to raise the bar with our ecosystem. We seek to embark partners, customers, and suppliers in our security posture. This approach can be summarized in four steps: 1 Taking a risk-informed approach. 2 Managing cyber risks in depth to protect our customers, our operations, and our critical infrastructures. 3 Establishing a Group-wide cybersecurity culture. 4 Partnering with our ecosystem across the value chain to build trust and raise the defense level of the industry at large. 6.2 Reinforcing the Group’s cybersecurity posture and that of its ecosystem of partners and customers Schneider Electric deploys several actions to reinforce its cyber posture and that of its ecosystem of partners and customers: • Holding a cyber-related business risk register to articulate potential vulnerabilities/attacks and define remediation activities. • Identifying and prioritizing high-value digital assets to the Company’s operation. • Implementing cyber capabilities and digital locks around people, processes, and technologies. • Deploying general and dedicated awareness and training programs on cybersecurity and data protection, with a strong focus on high-risk population (customer-facing people, HR). • Monitoring, detecting, responding, and learning from cyber events. • Performing reality checks via metrics, internal and external reviews, cyber crisis drills, and vulnerability assessments to our extended enterprise (including our acquired companies). • Engaging cyber discussions with our customers, suppliers, and partners to improve the resilience across the value chain. • Partnering with leading companies, experts, and authorities in the field of cybersecurity. 6.3 Proposing cybersecurity by design • Cybersecurity Framework and other recognized standards, such as ISA/IEC 62443 and ISO 27000. • Schneider Electric IoT-enabled EcoStruxure ™ platform provides our customers with end-to-end cybersecurity solutions and services to protect a vast digital ecosystem. As part of the Trust pillar of its 2021-2025 sustainability strategy, Schneider Electric commits to be in the top 25% in external ratings for Cybersecurity performance (SSE #16). In the Top 25% in external ratings for Cybersecurity performance Schneider Electric continuously and consistently monitors its posture with the support of cyber scoring agencies. This scoring capability enables the Group to identify and address vulnerabilities and weaknesses (along with Intelligence-driven detections) around main risk categories like Compromised Systems, Diligence, User Behavior and Public Disclosures. Addressing findings that can negatively impact overall cybersecurity rating and benchmarking our performance against is aiding our maturity journey on cybersecurity, from a performance, risk, and communication perspective. With this discipline, we measure the improvement of our posture over years: from a baseline of 520 in January 2018, we have now reached a score of 800 for the year 2021. Evolution of our external rating since 2018 +54%. Tr ust SSE #16 Top 25% Top 25% Baseline 2025 target 2021 Progress 0 100 Top 25%