Murata believes that protecting corporate information assets, including corporate confidences such as technical expertise, is crucial for maintaining sustainable growth.
To address this issue, Murata created the Information Security Subcommittee as a subsidiary organization of the Risk Management Committee and conducts information security by monitoring recent risk trends and introducing relevant domestic and international guidelines based on international standards (ISO 27001). We also established a Basic Policy in Information Security and rules including Information Security Management Rules and are working to establish and implement information security measures. We continuously review the details of these policies and rules and conduct internal and external audits and diagnoses to raise security levels.
To ensure that all officers and employees in Japan and our worldwide locations understand information security and handle information properly, we distribute an Information Security Guidebook in Japanese, English, and Chinese, conduct training for all employees and rank-based internal training, issue e-mail magazines, and take other educational measures.
To prevent leaks of Murata corporate confidences and personal information as well as interruption of business activities caused by cyberattacks, we are reinforcing measures such as malware countermeasures, internet communications checks, ID management, access controls, and vulnerability diagnoses and their responses, and are strengthening terminal monitoring. We also collect and monitor various types of logs on a global basis, have established systems to respond to events that may lead to major security incidents, and respond to and defend against constantly changing cyberattacks.
All offices and affiliates continuously perform human and vehicular access control at site boundaries. Security zones are established within business sites, and various measures including access controls using ID cards and so on are implemented in highly confidential zones to prevent unauthorized internal and external interference.