SII began using information and communications technology (ICT) to further enhance the technologies of "SYO"ism that it has developed over the years. We also run many information systems to grapple with the rapidly-changing business environment.
As ICT has become deeply rooted in corporate activities, the threats associated with ICT including virus infection and information leakage caused by cyber attacks have also extended to a broad range of activities.
SII regards all information on networks inside and outside the company, as well as information systems including computers and networks, as significant assets of the Group. We recognize that management has an important responsibility to ensure the information security to maintain these assets.
To ensure information security, SII employees have been working as a team under a promotion framework consisting of senior management in chief executive roles based on internal regulations and various guidelines.
Information assets are evaluated and classified based on confidentiality, completeness, and availability to clarify risks and take the necessary steps to maintain these information assets.
We also thoroughly communicate the importance of information security and specific compliance items to all employees, and periodically provide educational training.
Since the number of cases of cyber attacks and targeted emails has been increasing especially among companies, we are working on creating a safe and stable environment for IT systems by continually strengthening relevant countermeasures and raising employees’ awareness of information security.
- Build systems and establish measures anticipating security incidents.
- Conduct training assuming a targeted attack.
- Enhance internet security measures.
- Strengthen governance at all sites in Japan and overseas.
In addition to the information system-related measures, SII has established the Personal Information Protection Policy and has been putting in place other internal rules, including the "SII Group Personal Information Protection Basic Regulation." In order to uproot personal information loss or leakage due to negligence, we continually provide education programs to each employee.