Information Security System
SAEDONG has established an information security system to protect corporate assets, prevent information leakage, and ensure compliance with legal regulations. To ensure the safe construction and operation of our business systems, we have implemented and operate a security review procedure for our IT systems.
Cyber Incident Response Simulation Training
The purpose of cyber incident response simulation training is to assess and enhance the organization's capability to respond quickly and systematically in the event of an actual cyberattack. To protect SAEDONG's assets (e.g., data, drawings) from cyber incidents such as ransomware or hacking, the company conducts backup and recovery simulation training. These efforts aim to prevent work disruption by establishing a robust backup system and repeatedly strengthening the recovery process to ensure business continuity and system availability.
Cyber Incident Response Simulation Process
| Step | Description |
|---|---|
| 1 | Establish training plan |
| 2 | Design attack scenarios |
| 3 | Conduct simulation training |
| 4 | Record and evaluate training results |
| 5 | Analyze and derive improvement actions |
| 6 | Share results and conduct training |
Employee Information Security Training Status
| Item | Unit | 2022 | 2023 | 2024 |
|---|---|---|---|---|
| Number of participants in information security training | persons | 88 | 96 | 98 |
| Total training hours in information security training | hours | 88 | 96 | 98 |
Information Security Incident Response System
SAEDONG has established an incident response system to minimize damage and prevent recurrence when a security threat or breach occurs. The IT Team of SAEDONG operates a rapid detection and initial response system in the event of an information security incident to ensure the safe protection of customer information and continuously enhance corporate trust.
Information Security Incident Response Process
01
Detection and Identification
02
Initial Response and Isolation
03
Incident Analysis and Investigation
04
Recovery
05
Post-Reporting and Improvement Measures
06
Preventive Activities and Security Reinforcement
01. Detect abnormal signs and determine whether an incident has occurred
02. Prevent incident escalation and minimize damage
03. Analyze attack path, identify scope of damage, and collect evidence
04. Restore normal conditions and resume services
05. Prepare incident report and implement corrective measures
06. Inspect and remediate vulnerabilities, enhance awareness through training and education