Policy and Organization
Strengthening Information Security Management
The Meiden Group understands that ensuring the security of the information we handle is a most critical issue. We therefore protect information assets from disasters, accidents, criminal acts, errors, and other threats. We also maintain and enhance information management to prevent leaks, tampering, or theft.
Information Security Control System
In fiscal 2019, we are continuing to implement initiatives to reinforce information security for the entire Meiden Group.
1. Analysis of Incidents and Countermeasures for Each Cause
We conducted analyses and implemented measures to cover both aspects of hardware/software and human factors: the former includes data protection from unauthorized logins, virus infections from suspicious emails, targeted email attacks, etc. as well as the theft, loss, or mishandling of information devices.
2. Sustainable Information Security Measures
We had previously conducted initiatives based on “defense,” but we are now working to implement sustainable security measures in the areas of “prediction,” “defense,” “detection,” and “response.”
We introduced the Security Operation Center (SOC) in fiscal 2017, established a detection system that operates 24 hours per day, 365 days per year, and in fiscal 2019 we installed next-generation antivirus software on all computers, in order to enhance detection.
We established the Meiden Computer Security Incident Response Team (CSIRT), joined the Nippon CSIRT Association, and promoted the establishment of an internal system to speed up responding to incidents in fiscal 2019, in order to enhance response.
Going forward, we will continue to strengthen hardware and software measures and continue to conduct personnel measures, such as information security education and suspicious email drills. We are continuously rolling out measures for information security on a group-wide basis.
3. Enhancement of Supply Chain Information Security
Since fiscal 2017, we have continuously conducted activities to enhance information security together with our suppliers. We ensure that suppliers are aware of information security measures as management issues, and we hold training and information sessions as required.
In fiscal 2019, we began conducting site visits for some suppliers and activities to confirm the status of measures. In this way, we are continuing to conduct activities to enhance information security throughout the entire supply chain.