The Information Security Committee, under the leadership of the Chief Information Security Officer (CISO) and the Chief Information Officer (CIO), was newly established in December 2019 as an information security system to control and manage information security activities.
- Ensures the stable supply of our products and services to customers by giving instruction on how to promptly respond to information security incidents caused by cyberattacks (analysis of the type of cyberattack/impact on business, interim/permanent responses) and providing a swift resolution.
- Prevents information security incidents from occurring by collecting information on vulnerabilities, sharing such information within the company, and understanding and controlling the status of response to vulnerabilities.
Establishment of PSIRT
We are currently working on the establishment of the FANUC PSIRT (Product Security Incident Response Team), which is designed to, as an engine for the realization of the Cyber/Physical Security Framework (CPSF) formulated by the Ministry of Economy, Trade and Industry which we aim for, contribute to ensuring security of FANUC products by indicating how to prevent security risks in business and promoting security activities involving customers and other stakeholders inside and outside the company in an efficient and sustainable way.
Recognizing that risks associated with cyberattacks and other threats are priority management issues, FANUC strives to strengthen information security by appropriately allocating resources to cyber security measures, under the initiative of the management.
Declaration of Cyber Security Management
In support of ”Declaration of Cyber Security Management 2.0” updated by Japan Business Federation in October 2022, we have developed ”FANUC Declaration of Cyber Security Management” to reinforce our cyber security measures actively taken at the initiative of the management.
Acquisition of ISO 27001 Certification (ISMS activities)
IS656789 /ISO 27001
Corporate Administration Division, Research & Development Division, Sales Division (Headquarters),
Products Manufacturing Division and Products Management Division.
December/2016: Research & Development Division acquired ISO27001
December/2017: Sales Division (Head Office) acquired ISO27001
December/2018: Corporate Administration Division acquired ISO27001
December/2019: FA Products Manufacturing Division and Products Management Division of Headquarters acquired ISO27001
December/2021: Products Manufacturing Division of Headquarters acquired ISO27001
December/2022: Products Manufacturing Division of Tsukuba and Mibu acquired ISO27001
December/2023: Products Manufacturing Division of Hayato acquired ISO27001
Information Security Training
1.We believe that the most important information security measures are to improve employee knowledge of information security and to inform them of the procedures to be followed in the event of an incident, and we conduct annual information security training for employees.
In addition, the CISO has released a video message to employees to demonstrate the Company's commitment to information security.
2.FANUC considers information security measures at domestic and overseas affiliates to be important in light of the recent increase in attacks on supply chains. FANUC conducts annual information security training for these companies.