01. The information security situation is severe and urgent With the continuous development of communication technology and network attack methods, enterprises are facing an increasing number of security threats. In this training, we particularly emphasized the severe situation faced by information security, including the challenges posed by the development of quantum computing to traditional encryption technologies, as well as specific threats such as network eavesdropping and ransomware attacks. In recent years, from the leakage of domestic express delivery information to the sale of university faculty and student information on overseas networks, various data security incidents have become commonplace. These all warn us that information security is no longer just a technical issue, but also a strategic issue related to the fate of enterprises.
The training also includes conducting a thorough inventory of various information assets of the company, establishing an information security risk assessment system, in order to reduce security risks from the source. For important information assets, the company has taken comprehensive measures including terminal security, vulnerability management, and internet behavior control to ensure information security from both technical and management perspectives.

02 The training content covers a wide range and is practical and feasible This training mainly focuses on the establishment and implementation of the company's information security management system. The training content should cover the management of the company's information assets, data security protection, and the security standards that employees should follow in their work. By analyzing multiple domestic and international information leakage incidents this year, students have gained a deep understanding of the multifaceted challenges of information security and learned how to implement corresponding protective measures in their daily work. For example, the training emphasized the security management of terminal devices such as PCs and servers, and established information security red lines and punishment mechanisms for violations to ensure that employees can consciously comply with security regulations.

03 Building an Information Security Culture with Full Participation of All Employees The goal of Sunson Technology is not only to establish a practical and efficient information security management system, but also to create a culture within the company where everyone values information security. This training encourages all employees to start from small things and participate in information security management work. Under the guiding principle of "safety first, full participation of all employees", the company is committed to ensuring that every employee has the necessary information security awareness, and through the combination of technology and management, ensures that every employee can understand and apply information security related norms.