Ubisoft 2016 Annual Report Download - page 45

Download and view the complete annual report

Please find page 45 of the 2016 Ubisoft annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 216

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
  • 194
  • 195
  • 196
  • 197
  • 198
  • 199
  • 200
  • 201
  • 202
  • 203
  • 204
  • 205
  • 206
  • 207
  • 208
  • 209
  • 210
  • 211
  • 212
  • 213
  • 214
  • 215
  • 216

Governance, risks, riskmanagement andinternalcontrol
3
Report of the Chairman of the Board of Directors on corporate governance, internal control andriskmanagement
and/or managerial skills: development opportunities, share purchase
plans, stock option plans, personal development plans, etc.
In spite of these measures, the risk of events occurring that could
have an impact on internal organization or the motivation or
retention of employees cannot be ruled out. Such circumstances
could do signi cant and long-lasting damage to the operational
and nancial performance of the Group.
RISKS ASSOCIATED WITH INFORMATION
SECURITY AND INFRASTRUCTURE
Ubisoft is faced with risks that could compromise the personal data
of players and their game play experience, the personal data of its
employees and partners, and its own nancial information and
intellectual property. These risk factors primarily concern:
loss or theft of data: the majority of online games require Ubisoft
to handle a large quantity of data relating to players, employees
and partners, as well as information relating to products, services
and activation keys. Ubisoft is conscious of the strategic value
of this data and the fact that the loss or theft thereof could do
signi cant damage to the Group;
unavailability of IT systems: online gaming systems require the
permanent availability of IT systems. However, an attack on the
systems (denial of service attack, malware, etc.), a defect in the
IT infrastructure, or a natural or environmental disaster could
result in the temporary or permanent unavailability of systems or
team members. Situations such as these could cause considerable
damage to Ubisoft;
piracy of products and services;
any form of cheat tools enabling dishonest players to gain a
competitive advantage over other players. This could lead to an
imbalance in the player experience and distorted data;
identity theft: social engineering type attacks could cause
signi cant nancial damage and harm Ubisoft’s reputation;
an error by or the unavailability of an external partner on which
Ubisoft relies. This predominantly relates to cloud infrastructures
and applications (SaaS, IaaS, Paas), external development teams
and suppliers of technological services and equipment.
In this context, the Security and Risk Management Department
develops innovative security programs to appropriately anticipate
and protect against all of these risks. This Department is also
committed to ensuring the con dentiality, integrity and availability
of all information processed by Ubisoft. To this end, its main work
involves:
the development of innovative IT system monitoring programs;
the implementation of intrusion detection and prevention
programs, as well as incident response plans and procedures;
strengthening the security of game codes and services;
game piracy:
with regard to connected games (which represent the majority
of Ubisoft games), the Group has developed a “Live Services”
solution to continually offer new experiences to players (new
content, animations, ongoing community management, etc.).
Only players holding an active license can take advantage of
these live services, thereby reducing any form of piracy of the
connected games,
with regard to unconnected games, Ubisoft has established a
new partnership to reduce piracy;
the regular performance of internal and external audits to adapt
and improve risk management procedures: Ubisoft carries out
network and system intrusion testing, social engineering tests and
continually evaluates the physical security of its Material assets;
the establishment of business continuity and disaster recovery
plans;
employee and partner training on incident management and
security.
Despite all of the measures put in place to ensure the security of
information and infrastructure, Ubisoft cannot rule out the risk
of intrusion or piracy of its systems which could have a material
impact on the activity of the Group.
INDUSTRIAL AND ENVIRONMENT-RELATED RISKS
The Group’s own activities do not present any signi cant industrial
and environmental risks since the Group does not manufacture the
video games (and associated ancillary products) it publishes and
distributes. Nevertheless, the Group remains alert to regulatory
changes in countries where it is present.
The Group currently has no knowledge of any industrial or
environmental risk (1).
3.1.2.2 Legal risks
RISKS ASSOCIATED WITH INTELLECTUAL
PROPERTY RIGHTS
Ubisoft has chosen to develop its brands in-house, meaning that it
holds all intellectual property rights to these games and can offer
them via any type of device, product or service. This strategy also
enables Ubisoft to limit the risk of third-party infringement.
Aware of the importance and value of its portfolio of intellectual
property rights (brands, copyright and patents), Ubisoft has a team
of lawyers dedicated to these rights and protecting them. This team
oversees the registration of industrial property rights, continually
monitors brands identical or similar to its own registered by third
(1) See sections 4.3.1.3 and 4.3.1.4 of the section on “Corporate Social Responsibility”
- Registration Document 2016 43