2025 Cybersecurity

In accordance with Article 9 of the "Regulations Governing Establishment of Internal Control Systems by Public Companies," the Information Security Policy has been established, along with a cross-departmental Information Security Steering Committee. Through a clear division of responsibilities, this organization ensures that when a security incident occurs, reporting and contingency mechanisms are promptly activated to effectively reduce the risk of operational disruption and data loss.

To protect stakeholder interests and strengthen incident response capabilities, the Company has established a clear and effective reporting mechanism. This allows internal employees and external stakeholders to report suspicious events. Any incident involving system abnormalities, data leak concerns, unauthorized account use, malware infections, or social engineering attacks can be addressed through the following first-line procedures in coordination with relevant departments.