Establish an Information Security Committee to take charge of IT-related matters required for our operations. The CEO serves as the chairperson (convener), and the top information unit executive also serves as the Chief Information Security Officer (Chief Information Security Officer) to integrate the business units, information, audit, legal, and risk control. and the top executive of the human resource department. Regularly convenes relevant meetings to decide, manage, and promote information security affairs, fulfill the responsibilities of business operators, and protect the legal rights and interests of shareholders and the interests of other stakeholders.
Over the past three years, no significant information security incidents have occurred, nor have there been any breaches of confidential information affecting the personal data of clients and employees, or any related fines.
Over the past three years, no significant information security incidents have occurred, nor have there been any breaches of confidential information affecting the personal data of clients and employees, or any related fines.
Information security incident statistical table
| The quantity of security breach occurrences and the corresponding fines per annum | 2021 | 2022 | 2023 |
| Number of incidents involving breaches of cybersecurity or network security | 0 | 0 | 0 |
| The number of incidents pertaining to data leakage. | 0 | 0 | 0 |
| The number of security breaches involving customer personal data.1 | 0 | 0 | 0 |
| The number of customers and employees affected by data breaches. | 0 | 0 | 0 |
| The number of fines imposed as a result of information security or network security-related incidents (in New Taiwan Dollars). | 0 | 0 | 0 |
2023 Information security drill
TOPCO Group is committed to continuously optimizing its response efficiency and ensuring a rigorous level of preparedness. Our ongoing efforts to enhance response efficiency involve considering additional measures for handling extraordinary events and integrating these into the Company’s development policies early on. This approach ensures that we can continue to operate during crises, demonstrating robust corporate resilience.
| Subjects | Goal | 2021 | 2022 | 2023 | Description | |
| Social engineering drill | Trigger | <10% | 55.95% | 49.46% | 18.92% | The accidental contact rate is decreasing year by year, and we re-educate those who are accidentally triggered. In 2023, all employees achieved an attendance rate of 100% in cybersecurity education and training. |
| Click | 51.62% | 36.76% | 17.03% | |||
| Enable | 34.86% | 30.81 | 5.14% | |||
| Firewall protection drill | <30 minutes | - | - | 5 minutes |
