Cyber Security / Data Security

The Group recognizes that protecting the information assets entrusted to the Group by customers and business partners and the information assets held by the Group is a serious social responsibility. As well as striving to comply with laws, regulations, and other social norms related to information security, we have formulated and maintained the Information Security Policy. In accordance with this policy, we implement measures to prevent unauthorized access to information assets such as introducing technical security measures, while appropriately managing information to prevent loss, theft, falsification, or leakage of information assets, through taking measures against mistransmission of e-mails, restrictions on the use of recording media, taking an inventory of confidential and personal information, and other efforts. In addition, we strive to raise awareness and ensure thorough implementation among all officers and employees by providing continuous information security trainings that include alerts for malware damage and phishing scam e-mails and ways of coping with incidents, and by conducting scenario-based cyber-incident drills.
These initiatives are regularly monitored by the Compliance Committee and reported to the Board of Directors. By doing so, we strive to regularly review and continuously improve initiatives necessary to ensure information security.