Privacy Protection and Cybersecurity Overview

Why is this Important?

The Company’s internal information is an asset that must be protected effectively. Hence, EGCO Group established access restrictions to ensure appropriate cybersecurity risks measures. It is one of the preventive measures implemented against cybercrimes, attacks, sabotage, espionage, and mistakes. The 3 fundamental IT security components are

C
CONFIDENTIALITY

Confidentiality of information

I
INTEGRITY

Maintaining data integrity

A
AVAILABILITY

Availability of information

Management Approach

Privacy Protection and Cybersecurity Target

Long Term Target

  • Improve the Company’s data security system in accordance with the ISO 27001 standard

  • 80% of total employees receive training to improve their information security and data privacy understanding with regards to relevant high-risk parties and stakeholders

2021 Target

  • Improve information breach monitoring and prevention system

  • Implement cybersecurity and personal information protection policy that is up to date and aligned with international standard

2021 Performance

  • Certified ISO/IEC 27001:2013

  • Announced cybersecurity and data protection policy and guideline implementation in accordance with the international standards

  • Distributed Denial-of-Service (DDoS) prevention system installation

  • Conducted Penetration Testing in cooperation and Vulnerability Assessment with consultants and improved security weak spots to ensure the Company’s cybersecurity system is stable and met the established standards

Privacy Protection and Cybersecurity Governance

Risk Oversight Committee stipulates an internal audit policy regarding risk management activities as well as investigates IT development related operations regularly.

Explore more
Cybersecurity Measures

EGCO Group stipulated and published IT security and cybersecurity policy for every employee, including external parties providing services for EGCO Group, to use as an operational guidelines on IT related tasks, ensuring full compliance with related laws.

Explore more
IT Security/ Cybersecurity Process & Infrastructure

EGCO Group’s IT Security System was certified ISO/IEC 27001:2013 which covers processes such as grievance management, change management, document control, asset utilization monitoring, etc.

Explore more
Data Privacy Protection

EGCO Group places great importance on data protection and privacy of employees, customers, suppliers, and every stakeholder.

Explore more

Related Documents

Policies, Requirements and Performance

Performance Data

Governance
Economic