Information Security ｜ LG Energy Solution

Information Security

LG Energy Solution protects its crucial information assets as well as information of the stakeholders, including the members, customers and business partners, according to the information security management based on an international standard ISO/IEC 27001. We comply with the applicable laws and regulations regarding information security in and out of Korea, including the General Data Protection Regulation (GDPR) in the EU or the Network Security Law in China, and implement various activities to improve awareness of security. We also take real-time response to internal and external cyber threats, and build the capacity to prevent accidents.

Information Security Management Framework

Scope of Information	Company's trade secret Management information, technical information, intellectual property, etc.	Personal Information Employees, customers, suppliers, and all relevant stakeholders
Target Group	Employees, visitors, dayworkers, suppliers, and all personnel in contractual relations with the company, pertaining to all global business sites
Policy	Based on information security regulations, LG Energy Solution enacted enforcement rules that consist of the entities engaged in information security, such as employees, business partners, security organizations, and other related departments. Audits for Information Security Policy and System are conducted annually, in align with ISO certification surveillance and/or renewal.
Organization	In order to systematically carry out various information security management activities, LG Energy Solution has appointed the Chief Information Security Officer (CSO) and is operating an information security organization at the headquarters and each business site. In addition, through the information security meetings attended by the security personnel from all global business sites, we continuously share and discuss various security status and issues of each business site. We also hold information security committee meetings attended by the management and executive directors of relevant departments to ensure timely decision-making of the management.

Privacy and Personal Data Protection

In terms of privacy protection, LG Energy Solution also conducts a security review in advance to check for any infringement of personal information and compliance issues. In addition, we appointed a privacy officer who is authorized to handle inquiries/complaints and relieve damages associated with privacy. We intend to further block all risk factors in a preemptive manner and bolster our security system to safeguard the personal information of employees, customers, business partners, and stakeholders.

See “Privacy Policy”

Preventive and Responsive Activities to Information Security Incident

LG Energy Solution operates a security control system from the office area to process facility area, and continuously improves its security level and response capabilities by regularly inspecting and simulating security vulnerabilities and carrying out mock exercises in preparation of internal and external cyber-attacks. LG Energy Solution engages in various activities aimed at raising awareness of all the target groups on information security and preventing incidents.

Conducting information security training and awareness raising activities
Annual trainings for all employees (contract workers included)
Customized trainings for respective target group such as new hires, prospective retirees, business partners, visitors, and national key technicians/personal information handlers
Promoting information security accident cases to encourage employees to practice security awareness and partake in related activities

LG Energy Solution