We believe that it is our social responsibility to ensure the cyber security of the products and systems we provide (hereinafter referred to as "product cyber security") so that our customers can use them with peace of mind. To this end, we have established the following policy on product cyber security, and will ensure that all directors and employees involved in our products and systems are fully aware of it in order to ensure product cyber security.
Fundamental Policy for Product Cyber Security
(1) Compliance with Laws and Regulations
We shall comply with the laws, regulations and norms of each country with respect to product cyber security.
(2) Organizational Structure to ensure product cyber security
We shall establish "Product Cyber Security Management System (PCSMS)" as an internal organ to address product cyber security.
(3) Education and Training for product cyber security
We shall provide continuous education and training on our products and systems to directors and employees in order to nurture their knowledge and awareness of product cyber risks.
(4) Ensuring product cyber security
We shall implement relevant provisions within the standards and guidelines related to product cyber security during the planning, design, development, manufacturing, and maintenance phases of our products and systems as appropriate.
(5) Provision of information for safe and secure use
We shall provide warnings and/or indications to our customers so that they are able to use the products we provide with peace of mind.
(6) Monitoring of vulnerability information and its disclosure
We shall continually monitor information on vulnerabilities in the products and systems we provide, and take measures necessary to mitigate the risks and disclose the information as appropriate.
(7) Response to product cyber security incidents
In the event where cyber security incidents occur with our products and systems, we shall examine the facts, investigate the cause, take corrective actions and prevent their recurrence. Where necessary, we shall notify and provide information to our customers, government agencies and other relevant parties.
(8) Continuous improvement
We shall continue to review and improve the above activities as necessary.
Gathering and Dealing with Vulnerability Information
In addition to proactively keeping abreast of information on vulnerabilities in the products and systems we provide that may affect them, where necessary, we will take appropriate measures to notify customers, government agencies and other relevant parties of any product cyber security issues that arise in our products and systems.
Vulnerability Report Form
If you wish to contact us regarding vulnerability in one of our products or systems, please use the "Vulnerability Report Form" below. Please note that the form should only be used to report vulnerabilities in our products and systems.