Information Security

Basic Concept

As information technology advances at an accelerating pace, our company deals with an ever-increasing flow of digital data through its networks. In such a dynamic environment, safeguarding the integrity, confidentiality, and accessibility of our information assets not only preserves customer trust but also contributes to the stability and confidence of the broader society.
This is why in 2020, the Tsubaki Group formulated the Electronic Information Security Policy to protect all of the information assets we handle from a range of threats. Based on this global policy, in addition to technical measures, the entire Group is working on organizational measures such as vulnerability checks by third-party institutions, education of employees, implementing risk assessment and systematic countermeasures, and periodic audits of information security.
We will continue to strengthen our information security measures, including cyber security measures.

Electronic Information Security System Chart

Full Text of the Electronic Information Security Policy

Promotion System

The company launched the IT Committee in 1997, and expanded the committee system to include the domestic Group in 2002. Since 2014, we have been holding a Global IT Summit every year. We have set up IT supervisory leaders that oversee the information systems in overseas regions. As cyber risks are becoming increasingly serious each year, we are working to strengthen our information security governance globally.

Information security measures for cyber attacks focus on how can we prevent cyber attacks, how quickly can we become aware of cyber attacks, and how quickly can we restore business activities after an attack? In the unfortunate event that there is a cyber incident^*, we have set up a Cyber Security Countermeasures System headed by top management to launch a countermeasures team of experts led by the Information System Department, which will follow the IT-BCP (Business Continuity Plan) to restore business activities as quickly as possible.

* Situation that threatens the confidentiality and normal operation of information systems.

Cyber Security Countermeasures System

Principal Initiatives

The Tsubaki Group is promoting specific initiatives for technical threats such as cyber attacks, and human threats including internal fraud and violations of rules, etc.

Technical measures	1. Monitor networks during normal operation, and introduce mechanisms to detect, intercept, and notify of incidents of unauthorized access and hacking 2. Introduce security tools for email-based threats and attacks 3. Make cyber risks in overseas subsidiaries more visible, and strengthen countermeasures against them (cyber risk rating survey)
Human security measures	1. Implement information security and cyber security education (regularly hold e-Learning sessions twice a year) 2. Strengthen measures to prevent the sending of emails to the wrong recipient 3. Implement training on targeted email threats (implemented irregularly, several times a year)

Technical measures

1. Monitor networks during normal operation, and introduce mechanisms to detect, intercept, and notify of incidents of unauthorized access and hacking

2. Introduce security tools for email-based threats and attacks

3. Make cyber risks in overseas subsidiaries more visible, and strengthen countermeasures against them (cyber risk rating survey)

Human security measures

1. Implement information security and cyber security education (regularly hold e-Learning sessions twice a year)

2. Strengthen measures to prevent the sending of emails to the wrong recipient

3. Implement training on targeted email threats (implemented irregularly, several times a year)