KPI

KPI
Initiative Target
FY2021 FY2022 FY2023
Number of global information security education sessions 2 sessions 4 sessions 4 sessions + education following up training
Number of global e-mail training sessions 3 sessions 4 sessions 4 sessions

*You can scroll horizontally.

Promotion Framework

Information Security Committee

As threats to information security are becoming increasingly advanced, ingenious and pernicious, it is vital to tackle them through continuous efforts and actions.
We established the Information Security Committee more than 10 years ago to maintain and improve information security across the Daifuku Group.
Considering the globalization of our business and the increasing role that the IoT (Internet of Things) plays for our products and services, it is more important than ever to promote the information security of our products and services. Through evaluating and countering IT risk factors embedded both inside and outside the company, we are promoting information security initiatives that are appropriate for a global enterprise together with our business operations.

Initiative guidelines

  • Reinforce regulations and develop policies with the aim of raising the standard of the Daifuku Group’s information security as a whole
  • Coordinate with business and investigate information security policies for products and services
  • Quantify in a way that is aligned with the KPI settings and establish the objective evaluation of results

Framework for initiatives

Information Security Committee

Policies for information security countermeasures

Infrastructure aspect:
Threats to information security are on the rise and have become increasingly malicious. We therefore prepare for possible attacks through up-to-date and multilevel defense systems in cooperation with specialist security companies.

Human aspect:
In cases of information theft which use human psychological techniques or deceitful approaches, prevention is difficult if only relying on infrastructure countermeasures. We will enhance our employees’ information security knowledge and understanding through initiatives by the Information Security Committee, internal training programs and simulated cyber terrorism training sessions.

Action

CSIRT

The mission of the CSIRT (Computer Security Incident Response Team) is to deal with information leaks stemming for example from cyber attacks and respond to any other computer security incidents. The CSIRT is centered on the Information Security Committee, enabling Daifuku to swiftly identify the possible scope of an accident and damage, put first-response measures in place, and investigate causes and means to prevent reoccurrence.

Number of training sessions conducted for targeted cyber attack emails KPI

The target for fiscal 2019 was to hold two sessions, and the actual number of sessions held was two. In addition to the conventional languages of Japanese, English, Chinese (Simplified & Traditional), Korean, and Spanish, this time we added training in Thai, and applied the training results and feedback on noteworthy points to increase the effectiveness of our training. We will continue to provide employees with training to prevent information leaks due to cyber attacks in the future.

Number of training sessions
  FY2017 FY2018 FY2019
Number of training sessions 1 training session 2 training sessions 2 training sessions

*You can scroll horizontally.