Yeap Transport is a data-driven bus fleet management company that has been providing organisations and individuals with transportation management solutions to improve operational efficiency and communications. With the changing technological and industry landscape, we have enhanced our system with various tools including rolling out connected and internet of things (IoT) networks and devices. We have also moved our system from on-premise to cloud to be more agile and flexible, to better integrate new features quickly and to have a faster response time to our customers.
However, becoming more open and connected means being exposed to greater potential risks. These have escalated in the wake of the pandemic where more cyber attackers are launching sophisticated and relentless assaults, putting the data and assets of organizations, governments and people at continual threat.
In response to this, Yeap Transport has decided to push ahead with its cybersecurity initiatives to safeguard against exposures and incursions by achieving ISO/IEC 27001 -Information Security management certification. We believe that a multi-faceted crisis management strategy, with several workstreams and teams that cooperate closely and regularly, is the best method to build cybersecurity strength and safeguard our business from harm.
ISO 27001 will certify that our organisation has implemented appropriate controls, processes and technologies in our information security management system in accordance with established regulatory frameworks. To this end we have taken the following actions:
1. Appointed a virtual Chief Information Security Officer (vCISO) to establish our security strategy and ensure all data assets are protected in the regulatory framework.
2. Appointed a Data Protection Officer (DPO) to ensure compliance with PDPA for our policies and processes.
3. Established standard procedures and policies to protect our communications, systems and assets from both internal and external threats.
4. Implementing end-to-end protection tools to safeguard networks, systems, and devices.
5. Providing regular training of our staff in the latest in safety and cyber security protocols.
We plan to attain the ISO 27001 certification by 4Q2022.
In the meantime, should you have any queries or feedback with regards to cyber security concerns, do feel free to contact us via email: firstname.lastname@example.org