To demonstrate the determination of managing information security, the Cyber Security Office was established in July, 2021, whose major task is to ensure the Company’s core information communication system to reach the goals of confidentiality, integrity, and availability.
All information equipment has safety control measures, including regular update of password, allowing USB flash drive to read instead of to write, controlling the computer authority for software installing and so on. In addition, social engineering drills are held regularly, and phishing emails are sent to test our associates’ awareness of information security protection. A total of 4 social engineering drills were held in 2021 with 10 test emails sent at each drill, and approximately 25,000 people were tested, with the pass rate of 99.61%. Information security education and training are strengthened to those who failed the tests.