downloadGroupGroupnoun_press release_995423_000000 copyGroupnoun_Feed_96767_000000Group 19noun_pictures_1817522_000000Member company iconResource item iconStore item iconGroup 19Group 19noun_Photo_2085192_000000 Copynoun_presentation_2096081_000000Group 19Group Copy 7noun_webinar_692730_000000Path

About Semiconductor Cybersecurity Risk Rating Service

pic111

SEMI Semiconductor Cybersecurity Risk Rating Service is a ‘foundation for cybersecurity assessment’ inspired by the cybersecurity framework of the National Institute of Standards and Technology (NIST) in the United States, covering common security practices to serve as a standard template that familiarizes the semiconductor ecosystem with security maturity assessment and benchmarking, so as to create a unique competitive edge for your business!

Assist enterprises to assess risks from different perspectives - internet assets, network applications, human risks and internet assets exposed to risks, showcasing assessment results such as network domain risk posture, comparison of dark web intelligence, and external asset reports. Up to ten items such as human risks, endpoint, email, internet service, cloud service, and network applications will be evaluated, while scores of risk exposure levels and comparisons with peers will be shown to effectively understand strengths and weaknesses of cybersecurity both internally and externally.

A cybersecurity risk assessment general survey tailor-made based on security-related experiences collected from the industry is available for enterprises to conduct internal risk and vulnerability assessment.

Mitigation measures are advised for each risk item, which can be quickly re-evaluated after repair, so that enterprises immediately learn the optimization results and investment benefits.

The system continuously performs risk ratings on the tested domain during the lease period, and corporate users can keep track on the changes of risk index through the platform, so that senior management can have a better understanding of the improvement curve of corporate cybersecurity.

Enterprises can forward risk rating scores to business partners for them to understand how cybersecurity is protected internally, so as to deepen mutual trust.

+
pic111

James Tu, Chairman of SEMI Taiwan Semiconductor Cybersecurity Committee, Head of Corporate Information Security of TSMC, encouraged suppliers to use the Semiconductor Cybersecurity Risk Rating Service. He also said that since TSMC introduced ansaid that since TSMC introduced an assessment and security posture scoring mechanism for suppliers, many supplier information security vulnerabilities have been exposed and patched in a timely manner. This mechanism not only assists enterprises in monitoring supplier information security status but also provides supply chain information security benchmark comparison.

 

 

Types of Plan

Industry digital transformation has brought about numerous cybersecurity concerns. With the increasing smartification of devices and production lines, there is a growing risk of malicious network attacks. Defending against cybersecurity threats has become a common challenge for all industries, and supply chain security has gained significant attention in recent years. As emerging cybersecurity threats continue to rise, businesses are placing great importance on relevant cybersecurity solutions and standards to effectively enhance their defense mechanisms.

The introduction of third-party risk scoring and risk posture services for semiconductor cybersecurity risk assessment is applicable to all businesses. This service not only efficiently manages suppliers and monitors their cybersecurity postures but also provides comparisons of cybersecurity standards within the supply chain, contributing to the improvement of global supply chain information security.

Key features of the service include:

  • Continuous monitoring for 365 days after service activation
  • Access to risk rating records during the service period
  • Risk assessment reports, including cybersecurity posture scores and industry comparisons
  • Identification of issues and improvement recommendations
  • SEMI cybersecurity evaluation
  • Medium to long-term exposure assessment records (including new targets and historical monitoring records)

SEMI Member: 59,850 NTD / Non-Member: 115,500 NTD

ADD-ONS: OUR ADVANCED SERVICES

consult new

Consultation on Cybersecurity Enhancement

The technical team of CHT Security that has years of practical experiences in cybersecurity capacity building, hacking attacks and defense, and digital forensics and incident response (DFIR) will conduct in-depth analysis of the rating results, and provides suggestions and consultations. Corporate resources can thereby be allocated in a more precise and effective way, improving cybersecurity comprehensively and thoroughly.

Learn More About SEMI Semiconductor Cybersecurity Risk Rating Service

For more information about the SEMI Semiconductor Cybersecurity Risk Rating Service, please contact SEMI Taiwan:

  SEMI Taiwan

  Ms. Helen Chen

  TEL:+886.3.560.1777 #112

  Email: hchen@semi.org

SEMI Taiwan

Ms. Cindy Chen

TEL:+886.3.560.1777 #116

Email: cchen@semi.org