INFORMATION SECURITY POLICY

1. Organization
   Xiberlinc's management takes the initiative to systematically and continuously improve information security measures and to establish internal systems and organizations to maintain and enhance information security.
    

2. Risk Management
   Xiberlinc employs a comprehensive risk management approach to identify, assess, and mitigate cybersecurity risks by integrating regular risk assessments, threat intelligence analysis, and vulnerability scanning.
    

3. Data Protection
   We prioritize the protection of sensitive data, including research subject information and proprietary data, and implement access control, encryption, and anonymization techniques to safeguard data at rest and in transit.
    

4. Cyber Security Measures
   Implement industry-standard technologies such as firewalls, intrusion detection systems, and robust network segmentation to protect against unauthorized access and malicious attacks.
    

5. Employee Training and Awareness
   Employees are essential to information security. We conduct periodic research ethics training to ensure that employees understand the importance of information security and acquire the necessary knowledge and skills.
    

6. Compliance with Laws, Regulations, and Contractual Requirements
   We comply with all laws, regulations, codes, and contractual obligations related to information security, and meet the expectations of our clients.
    

7. Incident Responses
   Security incidents may occur despite our advance measures. In the event of a violation of laws and regulations, breach of contract, or an accident related to information security, we will take appropriate measures to prevent recurrence.

​

Reviewed on 2024.02.14

​