Information Security
CLOSE
MENU
Sustainability
Sustainability Management
Materiality
Environment
Environmental Management
Business Activities and Environmental Impact
Cleantech
Response to Climate Change
Social
Talent Development Strategy
Respect for human rights
Health and Safety
Supply chain
Quality
Social Contribution Activities
Governance
The Japan Steel Works Group Standards of Corporate Conduct
Non-financial data
There is a continued increase in the importance of information and information systems in improving the efficiency of office work and production technology continues to increase, as well as speeding up decision-making. At the same time, threats such as information destruction, leaks, and tampering and system destruction due to cyberattacks are increasing, and the risks associated with information and information systems are on the rise.
In this environment, in order to continue to maintain the satisfaction and trust of customers and to fully fulfill our role, we recognize that an important management challenge is to accurately identify information-associated risks and protect both the information entrusted to us by customers and the information and systems necessary for us to do business.
Framework
-
The Chief Information Security Officer (CISO), appointed by resolution of the Board of Directors, oversees information security measures at JSW. Persons in charge of information security management and information security administrators are assigned at the Head Office and each plant. The Information Security Committee, chaired by the CISO, comprehensively discusses the status of information security incidents, recent threats to information systems, the environment in which the Company operates, and opinions and requests regarding the usability of various security measures, and conducts detailed verification on a regular basis.
In addition, we are constantly working to maintain and improve security while continuously evaluating the adequacy of countermeasures against various cyber-attacks based on detailed analysis results from continuous monitoring data from one of Japan's leading security vendors. -
Structure of the Information Security Committee
Training
We conduct information security training (e-learning) for JSW officers and employees to improve their security awareness and literacy.
-
Participation Rate in Information Security Training (e-learning)
FY2020 FY2021 FY2022 Participation rate 99.3% 100.0% 100.0%
-
Third-party diagnostic evaluation
Assesment *1 Results of evaluation Evaluation year Information security risk
assessment *2Overall rating: B
(10-step scale; A–J [lowest risk–highest risk])Fiscal 2020 Information leakage
communications assessmentInformation leakage communications assessment overall rating: A
(no communications corresponding to information leakage)Fiscal 2022
- *1 Assessments consist of intrusion inspections and vulnerability assessments of company network systems, based on information security benchmarks and carried out by security vendors with information security management system (ISO/IEC 27001) certification.
- *2 Implemented with every major system change.