CyStack.,JSC

CyStack is a leading Vietnam-based cybersecurity firm recognized for its research, innovation, and award-winning products and services in security testing and assessment, managed security services, data protection, and security compliance. Dedicated to inclusivity, CyStack delivers intuitive and scalable solutions that ensure robust protection for businesses of all sizes, regardless of budget or technical expertise.

Controls

Governance and Compliance

STATUS

CONTROL

Compliant

Internal Security Assessment

Internal security assessments are performed at least annually, covering systems, access permissions, and security controls. Assessments may be conducted internally or by a third party.

Compliant

Incident Response

The organization maintains an incident response plan covering detection, containment, eradication, recovery, and post-incident review. The plan is tested at least annually.

Compliant

Vendor Risk Management

Security and privacy risk assessments are performed before engaging vendors involving data exchange or technical integration. An approved vendor and software list is maintained.

Compliant

Physical Security

Office and data center facilities are secured with badge access, visitor logs, surveillance cameras, and clean desk policies. Business continuity plans are maintained and tested.

Compliant

Privacy and Notices

The organization publishes privacy policies, security notices, and terms of use. Customers are promptly notified of any material changes.

Compliant

Risk Management

The organization maintains a formal risk management program that includes identification, assessment, mitigation, monitoring, and periodic review of risks.