About Semiconductor Cybersecurity Risk Rating Service
SEMI Semiconductor Cybersecurity Risk Rating Service is a ‘foundation for cybersecurity assessment’ inspired by the cybersecurity framework of the National Institute of Standards and Technology (NIST) in the United States, covering common security practices to serve as a standard template that familiarizes the semiconductor ecosystem with security maturity assessment and benchmarking, so as to create a unique competitive edge for your business!
Assist enterprises to assess risks from different perspectives - internet assets, network applications, human risks and internet assets exposed to risks, showcasing assessment results such as network domain risk posture, comparison of dark web intelligence, and external asset reports. Up to ten items such as human risks, endpoint, email, internet service, cloud service, and network applications will be evaluated, while scores of risk exposure levels and comparisons with peers will be shown to effectively understand strengths and weaknesses of cybersecurity both internally and externally.
A cybersecurity risk assessment general survey tailor-made based on security-related experiences collected from the industry is available for enterprises to conduct internal risk and vulnerability assessment.
Mitigation measures are advised for each risk item, which can be quickly re-evaluated after repair, so that enterprises immediately learn the optimization results and investment benefits.
The system continuously performs risk ratings on the tested domain during the lease period, and corporate users can keep track on the changes of risk index through the platform, so that senior management can have a better understanding of the improvement curve of corporate cybersecurity.
Enterprises can forward risk rating scores to business partners for them to understand how cybersecurity is protected internally, so as to deepen mutual trust.
James Tu, Chairman of SEMI Taiwan Semiconductor Cybersecurity Committee, Head of Corporate Information Security of TSMC, encouraged suppliers to use the Semiconductor Cybersecurity Risk Rating Service. He also said that since TSMC introduced ansaid that since TSMC introduced an assessment and security posture scoring mechanism for suppliers, many supplier information security vulnerabilities have been exposed and patched in a timely manner. This mechanism not only assists enterprises in monitoring supplier information security status but also provides supply chain information security benchmark comparison.
Types of Plan
Industry digital transformation has brought about numerous cybersecurity concerns. With the increasing smartification of devices and production lines, there is a growing risk of malicious network attacks. Defending against cybersecurity threats has become a common challenge for all industries, and supply chain security has gained significant attention in recent years. As emerging cybersecurity threats continue to rise, businesses are placing great importance on relevant cybersecurity solutions and standards to effectively enhance their defense mechanisms.
The introduction of third-party risk scoring and risk posture services for semiconductor cybersecurity risk assessment is applicable to all businesses. This service not only efficiently manages suppliers and monitors their cybersecurity postures but also provides comparisons of cybersecurity standards within the supply chain, contributing to the improvement of global supply chain information security.
Key features of the service include:
- Continuous monitoring for 365 days after service activation
- Access to risk rating records during the service period
- Risk assessment reports, including cybersecurity posture scores and industry comparisons
- Identification of issues and improvement recommendations
- SEMI cybersecurity evaluation
- Medium to long-term exposure assessment records (including new targets and historical monitoring records)
SEMI Member: 59,850 NTD / Non-Member: 115,500 NTD
ADD-ONS: OUR ADVANCED SERVICES
Consultation on Cybersecurity Enhancement
The technical team of CHT Security that has years of practical experiences in cybersecurity capacity building, hacking attacks and defense, and digital forensics and incident response (DFIR) will conduct in-depth analysis of the rating results, and provides suggestions and consultations. Corporate resources can thereby be allocated in a more precise and effective way, improving cybersecurity comprehensively and thoroughly.
Learn More About SEMI Semiconductor Cybersecurity Risk Rating Service
For more information about the SEMI Semiconductor Cybersecurity Risk Rating Service, please contact SEMI Taiwan:
SEMI Taiwan Ms. Helen Chen TEL:+886.3.560.1777 #112 Email: hchen@semi.org | SEMI Taiwan Ms. Cindy Chen TEL:+886.3.560.1777 #116 Email: cchen@semi.org |