Information Security
As cyberattacks yearly grow more sophisticated and more complex, Kubota is aware that the appropriate protection and management of the personal information of its customers and other stakeholders is an important social responsibility. In order to secure its competitiveness, Kubota is also devoted to preventing the leakage of confidential information such as technological information.
Information Security System
Depending on the type of information, Kubota appoints main divisions to conduct ongoing activities such as revising rules, auditing, and awareness-raising at their respective locations. These activities are also conducted at overseas bases. When necessary, these divisions cooperate with each other in risk management.
Under a Group-wide framework directed by the Company-wide information security supervisor, we assign highly expert staff with specialist Japanese or overseas qualifications, such as Registered Information Security Specialists or Certified Information Systems Security Professionals (CISSP), to the department in charge of company-wide information security. We also appoint personnel in charge of promoting information security (IT Managers) at each department and Group company. In this way, we implement Group-wide security measures based on the policies formulated by the department in charge.
We have also established Kubota-CSIRT, an organization for managing information security-related incidents/accidents. In the case of such incidents or accidents in the Group, we promptly share information, responding rapidly and taking measures to minimize damage.
-
Information Security Structure
System Response and Monitoring
To guard against computer viruses, unauthorized intrusion into systems and networks from the outside, or other threats, we have implemented and are centrally managing multilayered security measures worldwide, including the use of antivirus software, vulnerability assessments, and robust authentication mechanisms involving multifactor authentication. By additionally introducing platforms that use AI and other technologies to analyze security logs, we are also reinforcing measures to detect and deal with suspect activity at an early stage.
Education and Awareness-Raising
We recognize that each employee also plays a vital role in dealing with information security threats. For this reason, considering trends and risks in the world, we have established new guidelines for the use of generative AI. Also, we mandate periodic information security education for employees who handle information. We seek to gain greater understanding of measures each employee must observe, including how to deal with suspicious emails and how to use generative AI.
Audits
To raise the level of the information security response across the entire Kubota Group, we have established a common Group information security policy and conduct information security audits every year to ascertain compliance status. (100% internal audit implementation rate)
Supply Chain Risk Management
To achieve stable business continuity and our goal of continuous development of synergies within the Kubota Group and with suppliers and society, we have established security guidelines for factories based on international security standards for control systems (such as IEC 62443). In this way, we are working on evaluating and strengthening security measures at our own factories. In addition, we have established information security standards required of our suppliers to enhance the security level across the entire supply chain.
Provision of Secure Products and Systems
To further enhance the safety of products and systems we provide to customers, we have joined Japan Automotive ISAC (J-Auto-ISAC), and we are working on understanding issues that have occurred within the industry and acquiring and utilizing knowledge related to product security.
Moreover, considering the legislation aimed at strengthening cybersecurity measures in products and systems, we have also worked on revising product development processes and standards.
Third-Party Evaluation and Certifications
Kubota promotes third-party evaluations and certifications related to information security.
ISO/IEC 27001 Status of certification acquisition
The following organizations received ISMS certification based on the International Standard for Information Security Management Systems (ISO/IEC 27001:2022(JIS Q 27001:2023)) from the ISMS Accreditation Center (ISMS-AC) .
|
No. |
Organization |
Location |
Location Activity |
Registration Date |
Holds Certificate No. |
|---|---|---|---|---|---|
| 1 | Kubota Corporation Farm and Industrial Machinery Consolidated Division Global ICT Headquarters DX Planning & Promotion Department | 2-47, Shikitsuhigashi 1-chome, Naniwa-ku, Osaka, 556-8601 Japan |
The system construction and development, system operation, security monitoring and response related to the operation of data platform infrastructure in DX Planning Section Ⅲ - The system development, maintenance, and system operation support for smart agriculture systems in IoT Development Section Ⅰ |
May 15, 2023 |  |
| 2 | KUBOTA Corporation Tokyo Head Office Global ICT Headquarters ICT Promotion Dept. 3 IT Solution Dept. Water and Environment Sec. 2 BLUE FRONT Maintenance Support Team Water and Environmental Infrastructure Management Headquarters Pipe Systems Division Pipe Systems Sales and Promotion Dept. Marketing Promotion Section PIPEFUL Maintenance Support Team | 2-1-3, Kyobashi, Chuo-ku, Tokyo, Japan | System Solution Business (Consulting and Development, Maintenance, Maintenance Support and Network Construction of System) <The following sites are included.> Consulting and Development, Maintenance and Network Construction of System TOKYO HEAD OFFICE Global ICT Headquarters ICT Promotion Dept. 3 IT Solution Dept. : 2-1-3,Kyobashi,Chuo-ku,Tokyo,Japan Hanshin Office Water and Environment Infrastructure Consolidated Division Water and Environmental Infrastructure management Headquarters Water and Environmental Business Process Innovation Dept. KSIS Platform Sec. : 1-1-1, Hama, Amagasaki, Hyogo, Japan Maintenance Support of System Tokyo Head Office Global ICT Headquarters ICT Promotion Dept. 3 IT Solution Dept. Water and Environment Sec. 2 BLUE FRONT Maintenance Support Team Water and Environmental Infrastructure Consolidated Division Pipe Systems Division Pipe Systems Sales and Promotion Dept. Marketing Promotion Section PIPEFUL Maintenance Support Team : 2-1-3,Kyobashi,Chuo-ku,Tokyo,Japan <The following corporation is included.> Maintenance Support of System KUBOTA Environmental Engineering Corporation Maintenance Div. Engineering Dept. BLUE FRONT Maintenance Support Team : 2-1-3, Kyobashi, Chuo-ku, Tokyo ,Japan |
October 13, 2005 |  |
| KUBOTA Corporation Hanshin Office Water and Environment Infrastructure Consolidated Division Water and Environmental Infrastructure Management Headquarters Water and Environmental Business Process Innovation Dept. KSIS Platform Sec. | 1-1-1, Hama, Amagasaki, Hyogo, Japan |
ISO/IEC 27017 Status of certification acquisition
The following organizations received ISMS Cloud Security certification based on JIP-ISMS517-1.0 Requirements for ISMS Cloud Security Certification based on ISO/IEC 27017:2015 from the ISMS Accreditation Center (ISMS-AC) .
|
No. |
Organization |
Location |
Registration Scope |
Registration Date |
Holds Certificate No. |
|---|---|---|---|---|---|
| 1 | Kubota Corporation Tokyo Head Office | 2-1-3, Kyobashi, Chuo-ku, Tokyo, Japan |
Cloud service provider:KSIS(KUBOTA Water and Environment IoT Solution System) Cloud service custmer:icrosoft Azure |
October 11, 2024 |  |
| Kubota Corporation Hanshin Office | 1-1-1, Hama, Amagasaki, Hyogo, Japan |