Cyber Security Policy
Purpose: The purpose of this policy is to protect the confidentiality, integrity, and availability of Varuna Ship Repair and Drydocking Services Inc.'s digital assets. As our operations become increasingly dependent on technology, we are committed to safeguarding our systems and data against cyber threats.
Scope: This policy applies to all digital assets, systems, and personnel involved in managing, accessing, or interacting with Varuna’s digital infrastructure.
Main Guidelines:
ISO Compliance: Comply with ISO 27001 (Information Security Management) to ensure that all data is protected against unauthorized access, alteration, or disclosure.
Access Control: Implement strict access controls, ensuring that only authorized personnel have access to sensitive information and critical systems.
Data Protection and Encryption: Use encryption protocols and data protection measures to safeguard sensitive information, including client data and internal communications.
Regular System Updates and Patches: Ensure all systems and software are regularly updated and patched to mitigate vulnerabilities and protect against known threats.
Incident Response Plan: Establish and maintain a comprehensive incident response plan to handle any potential data breaches or cyber threats efficiently.
Employee Training: Provide regular cybersecurity training to all employees to raise awareness of phishing, malware, and other cyber threats, ensuring they can recognize and prevent attacks.
Third-Party Risk Management: Ensure that third-party partners handling Varuna’s data comply with our cybersecurity standards.
Commitment: Varuna Ship Repair and Drydocking Services Inc. is committed to protecting our digital infrastructure and minimizing cybersecurity risks. We will continue to implement and update best practices to secure our operations against evolving cyber threats.