KR
All-menu

Governance

Information Security Risk

Information security violations such as cyberattacks and hacking are increasing as digital transformation takes place.
Accordingly, GS Energy recognizes the need to strengthen the information protection management system and proactively establishes the information protection system.

Information Protection Risk Management System

We operate an information protection management system in accordance with the stipulated information protection regulations, and we review the status of information protection once a year to reflect the improvements.

Chief Information Protection Officer
Information Protection Officer
Security Officer
Team Security Officer
Team Security Officer

· Compliance with legal requirements such as the Personal Information Protection Act

· Review and keep evidence of the use and destruction of personal information by team security officers and security personnel

Information Protection Pledge
We receive a pledge from executives and employees to comply with the company's information protection regulations during our work process.
01
We will keep and manage the company's business information, technical information, business information, business secrets, and other information of economic value as confidential and will not be used for any purpose other than the company's business.
02
To protect confidential information, we will not bring unauthorized equipment or software without the approval of the company.
03
To protect confidential information, we agree to collect information and search for contents conducted by the company's information security department.
04
Upon retirement, I will return the original, copy, and pass of all confidential information I manage to the company.
05
We will not illegally bring information managed by third parties into the company, and we will not leak third-party confidential information that the company is obligated to maintain confidentiality to the outside world or use it for purposes other than work.
06
We will comply with all business regulations and job instructions, including the company's information security regulations.
Information protection training for executives and employees

Information protection education including personal information protection is provided once a year to employees of employees and business partners.

Information Protection Education Performance
Category 2020 2021 2022
Training time 155 169 200
Personnel 155 169 200

Unit : hours, people

Technical protection measures

GS Energy strictly manages information protection by blocking all infiltration paths other than the DMZ section* through a firewall. The DMZ section uses the control services of companies specializing in information protection and monitors the export of in-house information.
In addition, we operate a backup system and conduct disaster recovery simulation training to prepare for infringement incidents such as ransomware, and conduct mock hacking to confirm the robustness of the system when building a new external system.

* DMZ (Demilitarized Zone) : Areas that perform access restrictions between internal and external network segments to protect internal resources when providing services to the outside world

Real-time detection and response of hacking attempts
SYSTEM HACKED가 젹혀있는 화면을 손으로 건드리는 사진
Number of Data Leaks/Losses/Losses
Category 2020 2021 2022
Privacy 0 0 0
Corporate data 0 0 0

인터넷 익스플로러 브라우저에만 적용되는는 내용입니다.현재 브라우저에서는 지원하지 않는 사이트입니다. 아래의 다른 브라우저를 다운받아 사용해주세요.