Information security



Cybersecurity Governance & Commitment

To comprehensively enhance corporate cybersecurity defense capabilities and cultivate security awareness among employees, PTTech formally established the 【Information Security Risk Management Committee】 in July 2019. The committee is responsible for coordinating and reviewing cybersecurity policy governance, protection planning, supervision, and implementation across all business groups.

Risk Transfer & Protection

To mitigate operational risks, the company continuously maintains 【Cybersecurity Liability Insurance】 (latest policy period starting August 2025). This insurance mechanism provides substantive protection against risks of fines or claims due to accidental data leaks, demonstrating our commitment to corporate responsibility.

Cybersecurity Organizational Model

Cybersecurity Strategy & Compliance

 

We continuously strengthen our corporate security posture through multi-faceted protection strategies and rigorous regulatory compliance.

 

Governance Strategy

  • Refining Management Systems

    Continuously optimizing information security management systems and improving security infrastructure design and data protection technologies.

  • Risk Management & Prevention

    Enhancing employee training to raise security awareness and proactively identify and defend against potential threats.

 

Compliance & Audit

  • Compliance Mechanisms

    Implementing security mechanisms that comply with international and domestic regulations to ensure legal business operations.

  • Periodic Review & Updates

    Regularly reviewing and updating operational standards to ensure corporate security standards remain modern and effective.

Performance & Implementation Records

2026 Performance

0

Data Breaches

No leaks of personal or confidential data.

Real-time

Defense & Recovery

Immediate response initiated; no major impact on operations.

Training & Investment Impact

History of Cybersecurity Governance

The company adheres to the highest governance standards, proactively establishing comprehensive security defense and reporting mechanisms. Faced with increasing cyber threats, we maintain real-time response and rapid recovery capabilities to ensure data security and operational stability. We report annual performance to the Board of Directors and maintain continuous cybersecurity insurance coverage.

 

2026 – Incident Response

Event Date: 2026/01/27

Incident: Information systems targeted by a network cyberattack.

Response: defense and recovery mechanisms were immediately activated to safeguard security.

Impact: No personal data, trade secrets, or important documents were leaked. No significant impact on operations.

Insurance Claim: Not applicable.

Follow-up: Continued monitoring and strengthening of network infrastructure control to ensure system safety.

 

2025

Cybersecurity governance report presented to the Board on Aug 6; completed renewal of Cybersecurity Liability Insurance.

 

2024

Special report presented to the Board on Aug 9; maintained Cybersecurity Liability Insurance.

 

2023

Special report presented to the Board on Aug 9; maintained Cybersecurity Liability Insurance.

 

2019 – 2022

Since 2019, annual reports have been presented to the Board every August, with continuous insurance coverage to build a long-term safety net.