ANNUAL REPORT  2) The TWSE has effectively prevented the occurrence of information-security incidents by actively identifying and tracking common supply chain issues (including telecom operators, developers, and IT firms) via analysis of information-security incidents and collection of intelligence. Some of the common issues involve DDoS attacks, interruption of telecom services, verification of system errors, aging servers, and malware infection. 3) The TWSE established 5 guidelines for securities firms and futures commission merchants, namely regarding: internet security defense, defense standards for information system security, supply chain management, cyber security for emerging technologies, and information operational resilience. These serve as reference for the Taiwan Securities Association, Chinese National Futures Association, and SITCA (Securities Investment Trust & Consulting Association of the R.O.C.) to establish self-disciplinary regulations to bolster the cyber security framework of the entire securities and futures market. 2. Spur First-Level Listed Companies to Upgrade Information Security 1) TheTWSEencourageslistedcompaniestojoinTWCERT/CC. 2) The TWSE urges the 102 first-level listed companies to appoint a Chief Information Officer (CIO) and dedicated information security staff. 3. Urge Securities Firms to Upgrade Information Security 1) Securities firms should adopt a two-factor authentication mechanism for online trading to prevent against credential stuffing attacks using stolen usernames and passwords. 2) Tobettertheinformationsecuritymanagementofsecuritiesfirms,theTWSEcarried out information security checks to identify securities firms’ implementation status. 3) The TWSE has encouraged third-level and fourth-level securities firms with online order placement services to install cyber security protection mechanisms in advance, and provides incentives for fourth-level securities firms to enhance their cyber security protection capabilities. 2022 年報 29