Risk management & Cyber Security

Cyber Security

Cyber Security

To strengthen information security management, enhance the company’s overall information services, ensure alignment between information systems and business requirements, and effectively manage information security operations, the Company has obtained the ISO/IEC 27001:2022 Information Security Management System certification issued by bsi (Certificate No. IS836217). The Company strictly complies with relevant laws and in accordance with the ISO/IEC 27001:2022 framework, has established an “Cyber security Risk Management Framework,” which includes cyber security policies and specific management programs.

  

The Company aims to build a strict and effective information security defense. According to the cyber security risk management framework, the Information Security Management Committee has established an information security task force, an emergency response task force, and an audit task force. The Information Security Management Committee coordinates the formulation, implementation, risk management, regulatory compliance and auditing of information security and related policies. The audit supervisor supervises the implementation of information security operations and evaluates the effectiveness of the information security risk management measures of the entire corporate group, and regularly reports to the board on the effectiveness of the operations and systems of the overall information security management organization. In order to effectively promote the Cyber security policy, the Company has appointed a chief information security officer (CISO) and established a dedicated information security unit that has a supervisor and at least two specialists responsible for cyber security-related monitoring and the implementation of various management plans formulated by the Information Security Management Committee. Information security education and training sessions are carried out for all employees regularly. Personnel working in the information security dedicated units need to receive at least 16 hours of specialized information security training.

  

2025 Implementation Status of Cyber security
  1. During this year, a total of six Group Information Security Review Meetings, one Disaster Recovery Planning Meeting, and six ISMS implementation meetings were held. In addition, a report on the 2025 information security status and implementation progress was presented to the Board of Directors on November 6, 2025.
  2. Continuous investment has been made in information security protection mechanisms to ensure their effectiveness, enhance the security management of network and information infrastructure, and strengthen employees’ information security awareness to safeguard information security
  3. Joined the Taiwan Computer Emergency Response Team/Coordination Center (TWCERT/CC) to ensure the timely and effective receipt and sharing of cybersecurity intelligence, achieving cross-organizational cybersecurity collaboration and strengthening overall defense capabilities.
  4. Published at least three cybersecurity bulletins to communicate key security requirements and important precautions.
  5. Collaborated with the Audit Office to complete information security project audits across all group facilities, ensuring that industrial control systems, information systems, and related data center environments comply with security standards.
  6. Drill Execution
    • One social engineering drill for the email system was conducted, with participation from all group employees.
    • In conjunction with the annual maintenance shutdown of the building’s high-voltage power distribution system, a Business Continuity Plan (BCP) power outage recovery drill was carried out, with full participation from the building’s central control, electromechanical, and information security personnel.
  7. Conducted information security training, including "Introduction to Social Engineering Attack Techniques and Email Security Training I & II", "Information Security Awareness and Training" and "Information Security Precautions and Email Precautions". All new employees completed the information security training courses, with a total of 2,965 managers and employees participating.

IR Contacts

 

August Chang

ir@upc.com.tw

Tel : +886-2-2651-7889 ext. 6003

Transfer Agency

CTBC Bank, Stock Transfer Agent

5F., No.83, Sec. 1, Chongqing S. Rd., Zhongzheng Dist., Taipei City 100, Taiwan, R.O.C.

www.ctbcbank.com

Tel : +886-2-6636-5566
Terms of use Personal Information Protection Cookie Policy
Copyright © 2026 UPC Technology Corporation. All Rights Reserved.
We value your privacy
By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyse site usage, and assist in our marketing and performance efforts.
Accept All Cookies
Manage Preferences
We value your privacy

UPC and certain third parties use cookies on www.upc.com. The details regarding the types of cookies, their purpose and the third parties involved are described below and in our Cookie Policy . Please click on “Allow All” to consent to our usage of cookies in order to have the best possible experience on our websites. You can also set your preferences or reject cookies (except for essential cookies).
Allow All
Manage Consent Preferences
  • Essential cookies
    Always Active
    These cookies are essential in order to enable you to move around the website and use its features, such as setting your privacy preferences, logging in or filling in forms. Without these cookies, services requested through usage of our website cannot be properly provided. Essential cookies do not require consent from the user under applicable law. You may configure your web browser to block strictly necessary cookies, but you might then not be able to use the website’s functionalities as intended.
  • Analytics cookies
    These cookies collect information about how visitors use a website, for instance which pages visitors go to most often, and how visitors move around the site. They help us to improve the user friendliness of a website and therefore enhance the user's experience.
Confirm my Choices