Kubota is aware that the appropriate protection and management of personal information of its customers and other stakeholders is an important social responsibility. In order to secure its competitiveness, Kubota is also devoted to preventing the leakage of confidential information such as technological information.
Depending on the type of information, Kubota appoints main divisions to conduct ongoing activities such as revising rules, auditing and awareness-raising at their respective locations. These activities are also conducted at overseas bases. When necessary, these divisions cooperate with each other in risk management.
As shown by the EU’s General Data Protection Regulation (GDPR), there is a growing trend to further enhance protection of information assets. As such, in FY2018, Kubota reorganized its emergency contact list and response procedures across the entire Group, including overseas subsidiaries and affiliated companies in order to promptly respond to information security-related incidents/accidents.
With Kubota-CSIRT – an organization for managing information security-related incidents/accidents – at the helm, in FY2019 Kubota will further enhance its initiatives to prevent information security-related incidents/accidents, respond promptly if they occur, and minimize damage.
Information Management System
* Initiatives to ensure information security
To enhance security for personal information and other information assets of the customers, Kubota promotes on a company-wide basis the implementation of the initiatives below:
- Establishing the Group-wide information security policy, continuously developing various regulations and guidelines, and monitoring the status of compliance therewith.
- Assigning personnel in charge of promoting information security (IT Manager) at each workplace, and implementing Group-wide measures based on the policies formulated by the department in charge.
- Introducing to all PCs an automatic monitoring program to constantly monitor the status of various security protection measures, such as anti-virus systems. Overseas, taking into consideration each local situation and improving information security in cooperation with the IT managers of each local site.
- Providing IT managers and sub-managers with education and enlightenment programs on a periodic basis. For Group employees, also providing e-learning courses on personal information protection and information security, with the aim of raising understanding of the information security matters that each employee should observe.