Taking aim at hardening the Taiwan semiconductor ecosystem’s defenses against cyberattacks, SEMI has launched a Semiconductor Cybersecurity Risk Rating Service. Using third-party risk scoring and risk posture assessment, the service is designed to help SEMI Taiwan members assess cybersecurity risks in real time and provide risk remediation guidance. Launched by the SEMI Taiwan Cybersecurity Committee, the service was developed by SEMI Taiwan, Taiwan Semiconductor Manufacturing Company (TSMC) and other semiconductor industry partners.
“The new SEMI Semiconductor Cybersecurity Risk Rating Service will help Taiwan semiconductor companies bolster their cyber defenses as they deploy smart manufacturing practices that rely on greater connectivity both inside and outside of chip fabs,” said Terry Tsao, Global Chief Marketing Officer and President of SEMI Taiwan. “Crucially, the service will also facilitate cybersecurity decision-making as semiconductor companies work with their supply chain partners.”
“Ever since we helped our suppliers adopt the assessment and security rating mechanism that is the foundation of the SEMI Semiconductor Cybersecurity Risk Rating Service, many security vulnerabilities have been exposed and repaired in a timely manner,” Dr. James Tu, Chairman of the SEMI Taiwan Cybersecurity Committee and Head of Corporate Information Security at TSMC. “This important service not only helps semiconductor companies monitor their suppliers’ cybersecurity status, but also makes possible the comparison of supply chain cybersecurity standards and benchmarking.”
SEMI Semiconductor Cybersecurity Risk Rating Service – 5 Features
- Quantitative Risk Scores and Peer Comparison: Helps enterprises assess various cybersecurity risks, score risk exposure levels, and compare their cybersecurity defenses with those of peers to better understand their strengths and vulnerabilities both internally and externally.
- Self-Evaluation with General Questionnaire: Aids enterprises in conducting internal risk and vulnerability assessment. The general semiconductor industry questionnaire is tailor-made based on security-related experiences from across the Taiwan semiconductor industry.
- Risk Enhancement Recommendations: The service offers mitigation measures for each identified risk and re-evaluations once the measures are implemented, giving enterprises an immediate view of their cybersecurity optimization results and investment benefits.
- Continuous Risk Ratings: Continuous risk ratings help keep enterprises updated with changes in risk indices while helping them understand both cybersecurity management trends and how they can strengthen their cybersecurity.
- Objective Risk Ratings: Objective risk rating scores for enterprises to share with business partners to help deepen mutual trust.
The introduction of the SEMI Semiconductor Cybersecurity Risk Rating Service follows SEMI Taiwan’s January 2022 release of SEMI E187, the world’s first cybersecurity standard for fab equipment.