DB HiTek
Grand Prize in Materials
& Components Category
Site Search
- Popular Keywords
Social
Security Management
Information Security
Information Security
DB HiTek recognizes that management of information security is one of the important factors in earning customer trust, and continues to carry out projects for information protection.
Information Security Management System
DB HiTek has established an information security management system that clearly defines roles and responsibilities for information protection and enables smooth operation for such tasks.
- Representative Director
-
Information Protection Committee
- Head of Committee: Representative Director
- Secretary: Chief Information Security Officer
- Chief Information Security Officer
- Chief Privacy Officer
-
Information Security Working Committee
- Head of Committee: Chief Information Security Officer
- Secretary: Manager of Security Part
-
Information Security Management Department
- IT Team Security Part
- HR team
- Technology Security: - Maintaining an external threat response system - Operating and analyzing security solutions - Reviewing security and verifying suitability - Preventing internal information leaks
- Management Security: - Establishing a company-wide security policy - Responding to policy implementation audits and external inspections - Information security training and promotion - Managing information security certification and disclosure
- Physical Security: - Maintain physical security systems at each business site. - Designate and respond to security zones - Control and manage asset entry and exit - Prevent unauthorized entry (access control, CCTV, etc.)
-
Each department (Fab1, Fab2)
- Information Security Manager for each department (respective department head)
- Information Security Manager for each department (designated manager)
Information Protection Policy
All employees of DB HiTek practice security management for all information assets to prevent leakage of such information assets including semiconductor core technology information. At the same time, the employees maintain a reliable information protection system through stable operation of information assets and minimize damages.
The information assets to be protected are as follows.
- 1 information on semiconductor technology, production, trade secret, and customer information
- 2 important tangible and intangible information created and managed through business performance
- 3 information system facilities, media, and devices for business support
- 4 work environment assets related to physical locations and equipment related to work performance
- 5 other trade secret information assets designated by the company
Information Security Management Certification
-
ISO/IEC 27001
Information Security Management System
- Certificate No.
- C698037
- Valid Until
- 2027.09.23
- Certified Locations
- Fab1, Fab2
Information Security Awareness Activities
DB HiTek is engaged in various activities, such as signing security pledges, conducting regular education, and managing security scores to improve security awareness and prevent our employees and employees of partner companies from causing such accidents.
Information Security Activities
to Raise Awareness
Please swipe horizontally
to view the content.
| Category | Activites | Note |
|---|---|---|
| Company-wide information security education | Issues regarding recent domestic and international information protection Significance and importance of information protection and the protection of trade secrets Information protection guidelines and 7 main security requirements for employees | |
| Management of employee security score | Individual management of information security score Penalty points imposed based on the importance and risk of each penalty category Corrective action plan to prevent recurrence Incorporation of KPI indices for each team to encourage employee participation | Year-round |
| Phishing mail simulation training | Improved response to cyber attacks Security training for employees who have read emails and management of penalty point | Quartely |
| Conduct worksite security checks | Inspection for elements of security violation in the office space Inspection of procedures regarding the check-in and out-of-assets Management of penalty points for violators | Quartely(Unannounced) |
| Security management of partner companies | Promotion of information security awareness and advancement of partners’ competency Requirement of security pledge once a year Phishing mail simulation training Information security education | |
| Information Security Certification / Disclosure | ISO/IEC 27001:2022 Certification Management Disclosure of Information Security Investments to Protect Users and Ensure the Right to Know Information Security Investment / Personnel / Certification / Activities |
Information Security Incident Response
DB HiTek carries out various activities to minimize security risks from malicious code and hacking.
Response to Information Security Incidents
Please swipe horizontally
to view the content.
| Key Operations | 2024 | 2023 | 2022 |
|---|---|---|---|
| Number of malicious IP blocked | 94,546 cases | 78,799 cases | 27,461 cases |
| Number of cyber/information security incidents | 0 cases | 0 cases | 0 cases |
| Number of personal information leaks | 0 cases | 0 cases | 0 cases |