Walsin Technology realizes the commitment and responsibility to its customers, shareholders and employees. Hence, we defined the cyber security policies and management regulations clearly. To ensure customers, the corporate, shareholders, vendors and employee’s best interest, we strictly protect our trade secret and undisclosed confidential information, including patents, manufacturing processes, recipe and intelligent properties.

The cyber security policies at Walsin Technology are

1. Invoke the awareness of cyber security
2. Highly regard the data access control
3. Enhance the data security protection
4. Ensure the business continuity

The cyber security objectives at Walsin Technology are

1. Conduct regular training to invoke employees’ awareness upon cyber security
2. Execute regular permission reviews and realize network segmentation
3. Perform backup routine jobs to keep the high data availability
4. Implement disaster recovery drills to ensure business continuity

The annual cyber security management review meeting was conducted by the Cyber Security Committee on Oct 3rd, 2023. The annual cyber security management report including cyber security management policies and risk management architecture was reported to the board of directors on Oct. 31th, 2023 as well. The revised internal control provision of computer operation was approved by the board of directors on the same day.

• To reinforce cyber security protection and management, Walsin Technology organized the “Cyber Security Committee” to guide the planning, execution and controlling of cyber security policies. As shown in Fig.1, the committee was convened by the Chief Information Offer and the members of it were composed of Walsin Technology functional division heads. The IT supervisor has acted as the executive sectary. Cyber security management, emergency response as well as cyber security auditing task force were established to initiate, execute, monitor and assess cyber security related tasks and projects. Each member of the committee has to attend professional cyber security training courses annually.
• In accordance with the cyber security management and control guidelines for Listed and OTC Companies, one supervisor and several professional engineers has been assigned to take the responsibilities of making cyber security policies, planning and executing related operations, ensuring the realization of cyber security policies and responding to emergency security issues. Each dedicated person has to attend cyber security related training annually.
• The operation of cyber security organization follows PLAN-DO-CHECK-ACT (PDCA) CYCLE (shown in Fig. 2) to ensure the goal of information security has been continuously achieved, the risk has been well controlled and the vulnerabilities have been fixed.

Figure 1 Cyber Security Organization

Figure 2 Cyber Security Management Cycle

To strengthen the ability to master potential security threats and response to security incidents, Walsin Technology has joined the Taiwan Computer Network Crisis Management and Coordination Center (TWCERT/CC) and the Information Security Information Sharing and Analysis Center of the Science Park. Through join the joint defense organization, we enhance our security defensive plan with the shared information. With solid emergency response procedures, we are able to response to information security incidents properly.

Walsin Technology defined the cyber security policies and management regulations clearly. To reinforce the objective of cyber security management, the security management team has taken the responsibility to implement the policies and regulations thoroughly as well as continuous optimized the management system and technologies. In year 2023, no major cyber security incident occurred. A total of 6 disaster recovery drills for core systems and equipment, 10 employee security education training and policy promotions were performed, and 616 employees joined the social engineering drills. This year, we also focus on the management of social communication software and optimization of network architecture in our overseas factories. We actively invested lots of resource and manpower in strengthen our cyber security management.

Walsin Technology started to build up cyber security management system in year 2018 and obtained the certification of ISO27001 at the same year. We were regularly reviewed by the external certification body and renew our ISO27001 certification annually. In year 2023, the renewed certification was obtained on Nov. 7, 2023. All the operation process and standard are following the international cyber security management system.