We formulated the Global Information Security Regulations (Information Security Policy) to establish a Group-wide information security management framework under the supervision and management of a senior executive officer and senior managing director who acts as Information Security Officer, thereby controlling and managing security with the DX Strategy Development Division at its core. We also established a Sysmex Computer Security Incident Response Team in fiscal 2020 to enhance our initiatives.
In terms of cooperating with outside organizations, we participate in the Medical Device Cyber Security Council, which is made up of the Ministry of Health, Labour and Welfare, hospitals, and domestic medical device manufacturers. We are also affiliated with the Nippon CSIRT Association and share information regarding threats from emergencies and significant incidents.
Internally, we implemented specific measures including rigorous management and regular review of access to information, regular updates to security patches, login restrictions by biometric authentication (facial and fingerprint recognition) for laptop computers and mobile devices on loan from the Company, and review of installed applications. In addition to these continuous operational and control measures, we also installed endpoint detection and response (EDR) for PCs and server devices as part of our ransomware countermeasures (endpoint technology measures).