Enterprise Information Security Organization
The company has established an Information Security Task Force responsible for policy development, execution, risk management, and compliance auditing. The task force reports regularly to the Board of Directors on information security performance, trends, and technologies. On March 27, 2025, the task force reported the 2024 outcomes and 2025 goals.
Cyber Policy
“To maintain the Company information security, conduct self-manage, and raise information security awareness.”
Cyber Security Risk Management Framework
The Information Security Team collaborates with information security teams from Taiwan and overseas subsidiaries to plan, execute, audit, and take action (PDCA cycle) to enhance information security management. They regularly review and optimize information security policies and protective measures to effectively implement security management.
Specific Management Measures
Short-Term Information Security Goals
Continue to enhance phishing/social engineering drills and security awareness campaigns, deploy next-generation intrusion detection and prevention systems, strengthen vulnerability scanning and patching, Conduct regular disaster recovery drills for core systems.
No major information security incidents affecting operations in 2024
Information and Communication Security Risks and Countermeasures:
Significant Information Security Incident:
Zero significant information security incident in 2024.