Ensuring Information Security: Cultivating a Culture of Security Awareness and Coping Strategy

Information security is deemed critical for an organization pertaining to business management informatization. Take corporate organizations as an example, a multitude of sensitive data and information is processed in daily operations, which includes customer data, financial record, business strategy and restricted documents. To protect such information relates to reputation and customer trust in addition to corporate financial security and operational competitiveness. Information security has become one of the crucial elements that leads to organizational success in the information age.

The information processed by the Irrigation Agency involves essential fields such as water conservation and irrigation facilities, farm reservoir management, and dispatching control of water distribution in irrigation, which is of great concern to facility safety, effective use of water resources for agriculture, and food production. Therefore, it is considered an important basic industry, while computer systems, networks and equipment are the critical infrastructure that supports the business operations.

Irrigation Agency is the government agency stipulated as B-level in term of cyber security responsibility. Changhua Management Office strictly abides by relevant information security regulations, ensures the effectiveness of firewalls and antivirus software, version updates, regular backup of database, and conducts regular vulnerability scans, penetration testing, and cyber security checkup in the information and communication system to improve information security. In addition, the Agency cooperates with higher authorities to organize e-mail and social engineering drills, as well as counting the virus emails through computer click-test of each office to boost prevention of colleagues’ information security risks.

Information security education and training can help colleagues discern and cope with various internal and external security threats, learn to evaluate and manage information security risks, identify potential threats and vulnerabilities, and furnish corresponding coping strategies.

This Office conducts online information security general education and training to enable colleagues to grasp the commonly found in all types of information security threats, the major trends for government cybersecurity attacks, and the puh strategies and related specific directions about national cyber security, which enables colleagues to become active participants and protectors in information security, as well as strengthening capabilities to discern and address various security threats, reducing internal and external risks, and protecting irrigation’s information assets to guarantee smooth business operations, continuous advancement and optimization.