在「資安防護與韌性升級」方面，本公司及周邊單位 2022 年度共同試行證券暨期 貨市場電腦緊急應變支援小組(SF-CERT)，全天候協助業者應變資安事件，並藉由建 立指引及辦理各類訓練及演練，強化市場整體的資安意識與事件應變處理能量。 在證券商資安防護部分，辦理資通安全總體檢作業，瞭解證券商資安執行與落實情 形，並已訂定多項參考指引，提供證券商公會發展為資安自律規範;另輔導證券商採行 雙因子驗證機制，並繼完成第一、二級證券商建置防護機制之後，擴大要求及協助第三、 四級證券商完成建置，以防範資安事件之發生。在上市公司資安升級部分，辦理資安宣 導說明會，去年已推動 102 家的第一級上市公司全數設置資安長及專責人員，將持續擴 大上市公司之參與及提升其對資安之重視。 In terms of upgrading information security, the TWSE and peripheral units established the Security and Future Computer Emergency Response Team (SF-CERT) in 2022, providing industry members with around-the-clock assistance in response to security incidents. SF-CERT services include establishing guidelines and holding various training sessions and security drills, and aim to strengthen the market’s overall cyber security awareness and responsiveness. To enhance the cyber security of securities firms, the TWSE carried out an information security check to identify securities firms’ implementation status. A number of guidelines have been established to serve as a reference for the Taiwan Securities Association to establish self-disciplinary regulations on cyber security. The TWSE has assisted securities firms in adopting a two-factor authentication mechanism. With information security protection mechanisms in place for first- and second-level securities firms, the TWSE is now requiring and enabling third-level and fourth-level firms to complete installation to protect against cyber security incidents. To boost information security among listed companies, the TWSE held a number of explanatory sessions on cyber security. In 2022, all 102 first-level companies appointed a Chief Information Officer (CIO) and dedicated information security staff. The TWSE will continue to advance the importance of information security among listed companies and urge them to upgrade their protection measures. ANNUAL REPORT  2022 年報 09