Company Vision

Information Security Management

　　Strengthening the digital resilience of information security With the advent of the digital network era, digital activities are becoming increasingly complex, and information security threats are becoming increasingly severe. How to maintain the company's continued competitiveness under such changes has become an important issue facing major companies around the world. In order to comply with the trend of information security management needs and in accordance with the "Guidelines for the Establishment of Internal Control Systems for Publicly Issued Companies" and the "Guidelines for Information Security Management of Listed Companies", Everest will appoint 1 information security supervisor and 2 information security specialists in 2024 to promote various information security management tasks, demonstrating Everest's determination to actively implement information security measures. The company has invested a total of 6 million TWD in the 2024 information security budget and will hold regular quarterly meetings to review relevant information security protection matters.

◉ Strengthen information security management 

1. Establish a standardized process for handling information security incidents The company has established a standardized process for handling information security incidents in accordance with the information security policy of its parent company, Far Eastern Group, and clarified the relevant processes and measures, including reporting, handling procedures and the responsibilities of relevant personnel. The goal is to eliminate information security incidents in the shortest possible time and propose corrective and preventive plans based on the causes of the incidents. In 2024, the company did not experience major information security incidents, nor has it suffered any financial losses due to information security incidents. 
2. Implement corporate social responsibility for reporting and handling information security incidents Everest has introduced information security incident monitoring services (SOC) to integrate log records generated from various information security devices, such as firewalls, AD hosts, and storage device detection and response, to detect, collect, analyze, and manage network security events to effectively respond to potential network attacks. The company implements unified collection of various information security information, providing early warning information of threats before they occur, real-time warning of threats during the event, and analysis of threats after the event, effectively managing various information security warnings, ensuring that there is a basis for compliance when information security incidents occur, and reducing the harm and loss to key information systems and important information assets and operations. 
3. Strengthening personnel information security management and training In addition to holding information security courses and education training for employees to promote information security awareness, Everest also requires system developers and managers to follow the specifications of system construction and security management, and strengthens information security awareness to reduce information security risks. 
4. Ensure the effectiveness of information security protection In order to prevent various information security threats, in addition to adopting a multi-layer network architecture design to enhance defense in depth, various information security protection systems and threat detection and response mechanisms have been established, gradually reflecting intelligence sharing, vertical communication, and report monitoring, improving the overall maturity of information security governance, and reducing information security risks. nZero cybersecurity incidents in 2024

ⓄInformation security management 

In order to achieve the goal of "zero information security risk", the information confidentiality and integrity control measures are as follows:

Intellectual Property Management 

The Company maintains the advanced technological achievements achieved through innovative research and development, enhances long-term competitiveness, and effectively manages intellectual property rights. The Company's 2024 intellectual property management operations were reported to the Board of Directors  on November 6, 2024 as follows:

ⓄIntellectual Property Management Implementation Results

• In order to protect the company's intellectual property rights and confidential information and implement intellectual property management, the company requires frontline and R&D personnel to sign security agreements, intellectual property rights agreements, and IT equipment/software usage agreements, and conducts continuous education and training throughout the year to enhance employees' awareness of protecting the company's intellectual property.
• In response to possible intellectual property disputes in commercial competition, the company has established a response team to formulate response measures and handling mechanisms. 
• The company cooperates with international manufacturers and marine environmental protection organizations on the "Ocean Recycled Yarn" project to convert marine waste plastics into high-value-added fibers, which are then made into functional fabrics to produce marine recycled environmentally friendly fabrics. 
• The company uses existing core polyurethane synthesis technology to develop environmentally friendly bio-based waterstops, combines moisture-proof rubber with bio-based monomers, and successfully develops environmentally friendly bio-based waterstops containing 25% bio-based content. 
• In order to strengthen the intellectual property management mechanism and maintain the company's long-term competitiveness, key work reviews will be conducted in 2024 to establish more rigorous and comprehensive confidentiality control measures, intellectual property management rules and regulations, and intellectual property dispute handling procedures. 
• In addition to providing education and training courses for new employees, Everest also strengthens education and training on intellectual property protection, contract terms and intellectual property knowledge for existing employees to enhance employees' awareness of intellectual property protection.