Information Security and Personal Information Protection

Recognizing the possibility of risks that damage competitiveness or obstruct business continuity due to unforeseen information leakage caused by cyberattacks, etc., or the risk of having to pay penalties for legal infringements, the Teijin Group adopts measures to prevent leakage on both the hard and soft sides and responds properly to globally diversifying personal information protection legislation.

Information Security

The Teijin Group identifies the leakage of information assets and business secrets and cyberattacks as information security risks. From the perspectives of physical threats and vulnerability, technical threats and vulnerability, and human threats and vulnerability, we adopt risk countermeasures and respond properly to globally diversifying personal information protection legislation.*

  1. *In addition to the General Data Protection Regulation (GDPR) in the European Union, similar regulations are becoming common in the United States, China, and Southeast Asia. In view of these developments, we respond to the various regulations in each country based on our response to the GDPR.

Main Initiatives

The Teijin Group is promoting the building of an information security governance structure and process, as well as specific initiatives through the Information Security Committee. Each division designates a person responsible for information technology, a person responsible for personal information protection, and a person responsible for the management of trade secrets.

These responsible persons check the management status of information assets, such as information systems, networks, facilities, personal information, and business secrets every year. At the same time, the Corporate Audit Department conducts information security audits and personal information protection audits of all Group companies.

In FY2021 the number of cyberattacks threatening to infect Teijin's network with viruses increased over the previous fiscal year, but there were no reports of actual damage caused by information leakage from Teijin's network.

  • Response to physical threats and vulnerability
    We are studying our response to facilities and equipment handling confidential information, including entry and exit, as well as our response to such IT devices as servers and computers.
  • Response to technical threats and vulnerability
    We are studying the management of access to information assets, etc., as well as antivirus measures, data recovery response, etc.
  • Response to human threats and vulnerability
    As measures to reduce risks caused by human factors, we are studying education for employees, etc. (implementation of information security training, irregular targeted email training, caution against suspicious email, etc.), as well as our response to management at work consignees.
  • Appropriate response to personal information protection
    In addition to Europe's GDPR, regulations are being tightened in Japan, China, Thailand, and elsewhere. In these circumstances, in FY2021 we strengthened our personal information protection structure by adding the regional headquarters of our three global poles to the Teijin Group Global Personal Information Task Force. Furthermore, through the system of designating persons responsible for personal information protection, we are promoting the thorough implementation of measures.