Walsin Technology realizes the commitment and responsibility to its customers, shareholders and employees. Hence, we defined the cyber security policies and management regulations clearly. To ensure customers, the corporate, shareholders, vendors and employee’s best interest, we strictly protect our trade secret and undisclosed confidential information, including patents, manufacturing processes, recipe and intelligent properties.

The vision of cyber security policies at Walsin Technology is to protect company’s trade secret from breaching, invoke employees to the awareness of cyber-attacks, realize cyber security management on daily operations and make sure high availability of all IT services.

The annual cyber security management review meeting was conducted by the Cyber Security Committee on Oct 20th, 2022. The annual cyber security management report including cyber security management policies and risk management architecture was reported to the board of directors on Nov. 1st, 2022 as well. The revised internal control provision of computer operation was approved by the board of directors on the same day.

• To reinforce cyber security protection and management, Walsin Technology organized the “Cyber Security Committee” to guide the planning, execution and controlling of cyber security policies. As shown in Fig.1, the committee was convened by the Chief Information Offer and the members of it were composed of Walsin Technology functional division heads. The IT supervisor has acted as the executive sectary. Cyber security management, emergency response as well as cyber security auditing task force were established to initiate, execute, monitor and assess cyber security related tasks and projects. Each member of the committee has to attend professional cyber security training courses annually.
• In accordance with the cyber security management and control guidelines for Listed and OTC Companies, one supervisor and several professional engineers has been assigned to take the responsibilities of making cyber security policies, planning and executing related operations, ensuring the realization of cyber security policies and responding to emergency security issues. Each dedicated person has to attend cyber security related training annually.
• The operation of cyber security organization follows PLAN-DO-CHECK-ACT (PDCA) CYCLE (shown in Fig. 2) to ensure the goal of information security has been continuously achieved, the risk has been well controlled and the vulnerabilities have been fixed.
• To strengthen the ability to master potential security threats and response to security incidents, Walsin Technology has joined the Taiwan Computer Network Crisis Management and Coordination Center (TWCERT/CC) and the Information Security Information Sharing and Analysis Center of the Science Park. Through join the joint defense organization, we enhance our security defensive plan with the shared information. With solid emergency response procedures, we are able to response to information security incidents properly.

Figure 1 Cyber Security Organization

Figure 2 Cyber Security Management Cycle

Walsin Technology defined the cyber security policies and management regulations clearly. To reinforce the objective of cyber security management, the security management team has taken the responsibility to implement the policies and regulations thoroughly as well as continuous optimized the management system and technologies. In year 2022, we actively invested lots of resource and manpower in many projects including Virtual Desktop Interface Project, Mobile Device Management Project, Virtual Desktop Setup Standardization, Vulnerability Blocking Project, and Endpoint Protection Upgrade Project.

Walsin Technology started to build up cyber security management system in year 2018 and obtained the certification of ISO27001 at the same year. We were regularly reviewed by the external certification body and renew our ISO27001 certification annually. In year 2022, the renewed certification was obtained on Nov. 30, 2022. All the operation process and standard are following the international cyber security management system.