CYBER SECURITY AND DATA GOVERNANCE

With cyber-attacks becoming more prevalent, targeted and complex, we are adopting industry best practices and moving beyond technology defence towards a more holistic and risk-based cybersecurity framework. The objective is to establish a robust foundation to identify and protect our critical assets and more importantly, be able to detect and respond to the threats.

Using proven security solutions, we ensure sensitive data are encrypted to safeguard critical information. Backup and data recovery strategy are in place to minimise downtime and ensure critical information can be made available quickly for business continuity.

CDL has developed a Cyber Security Framework to detect, protect against and respond to cyber-attacks and crimes. The CDL Computer Security Policies and Standards were updated to inform all employees on cyber security compliance. Besides embracing the Next Generation Anti-Virus software, Advanced Email Security Protection solution, Enterprise Class Firewalls and Intrusion Protection System to protect our information assets, our Information Technology (IT) department has also deployed User Behaviour Analytical solution to enable the identification of abnormal user computing behaviour or activities. In addition, IT had put in place a series of online cyber security training and conducted periodic phishing attacks to increase our employees’ vigilance.

Information security materials are also made available to better educate stakeholders of prevailing risks, especially in the handling of sensitive corporate data. Since 2014, we have implemented a Personal Data Policy which informs stakeholders on how CDL manages personal data in compliance with the Singapore Personal Data Protection Act (No. 26 of 2012). Customers and business partners can get in touch with our Data Protection Officer by mail, email and phone on matters concerning their personal data with CDL.

CDL’s Social Media Guidelines advocate personal responsibility on the use of social media, including taking precautions for the protection of information privacy, to avoid any negative impact on us.

In 2018, there was no substantiated complaints concerning breaches of customer privacy, theft, leak and loss of customer data or critical information from CDL’s IT network.