Governance
With developments in information technology, vessel operations and management have rapidly adopted cutting-edge digital solutions. Real-time weather data from maritime internet services allows safer navigation paths. Integration of automated vessel management systems, autonomous navigation technology, and advanced security solutions has improved cargo management efficiency and accident prevention. Nevertheless, the prevalence of cybersecurity threats, including internal data breaches and external cyberattacks, has risen in tandem with the expansion of IT use. In response, Pan Ocean and POS SM created a comprehensive information security management system focused on “Vessel and Navigation Information Security” and “Personal Data Protection.” This systematic framework protects important information assets and promotes secure and responsible operations.
Information Security Management System
Pan Ocean and POS SM operate the Information Security Management System to protect information assets, including customers’ cargo transport data, companies’ core technologies data, and human resources data. The Information Systems Team, led by the Chief Information Security Officer (CISO), and the IT Infrastructure Team take the lead in managing this system. The final approval and responsibility for the information security management principles, policies, and business plans of Pan Ocean and POS SM rest with the CEO. The head of the Information Systems Team also serves as both the CISO and the Chief Privacy Officer (CPO). Pan Ocean IT Infrastructure Team and POS SM Information Systems Team are responsible for the practical operations of information protection. These teams support secure information management for both information systems and vessels.
Technical Security
Pan Ocean and POS SM implement various technical security measures designed to fundamentally block external cyber threats, including hacking, malware, and ransomware attacks, while also preventing information leakage and data corruption. These measures include the establishment of system and web firewalls, database access controls, regular security patch updates for servers and workstations, and document encryption.
Administrative Security
Pan Ocean and POS SM have established security policies and regulations to prevent internal information leakage and data corruption resulting from employee negligence. They also provide information security training to all employees. In addition, employees participate annually in user cybersecurity simulation training programs organized by the Korea Internet & Security Agency (KISA) to strengthen their practical information security capabilities.
Disclosure of Information Security Status and Compliance with Relevant Laws and Regulations
Pan Ocean discloses its information security status through the Comprehensive Information Protection Disclosure Portal . In 2024, the company invested KRW 370 million in information security initiatives, including the upgrade of its network access control solutions. In accordance with relevant laws and regulations, the company is also enrolled in personal data liability insurance. Furthermore, Pan Ocean continuously reviews and applies applicable laws and regulations related to information security to ensure compliance and responsible management in this area.