As a company that provides several internet services, CyberAgent recognizes the importance of information security and has accordingly established an information security system run by our company-wide IT Security Office. We have also registered as a member with the Nippon CSIRT Association and continue to strengthen security measures through close collaboration with other companies.
- Establish a monitoring system against external attacks
- Compile a summary of efforts on information security
- Implement and operation risk management and response measures
- Collect information on incidents and provide follow-up
- Implement security training for staff
Background of the members that make up the IT Security Office
Media Business, Game Business, Internet Advertising Business, Company-wide System, Legal Affairs, Public Relations, Offices, Internal Audit, Subsidiaries, Security
Information Security Policy
Construction of an Information Security Management Framework
The Company strives to protect all information assets that it possesses and works to maintain and improve information security.
Appropriate Management of Information Assets
Information assets to be held are categorized and evaluated from the perspectives of confidentiality, completeness and availability, and are appropriately managed according to their risks.
Compliance with the Law
CyberAgent complies with laws regarding information security and other guidelines.
Improvement of Constant Information Security Management
In order to prevent information security accidents, CyberAgent conducts external system audits at least once a year for all systems that have high importance, are accessible from the outside network, hold personal information and accounting functions.
System audits are also carried out when we release a new service or update the service.
Security Training for Employees
The Company provides security training to employees.
CyberAgent has built a special site to transmit security information throughout the company’s intranet. It is working to raise all employees’ awareness by sending information and educating them regarding security, and releasing comics that explain the importance of security from different points in a simple manner.
＜Original comic aimed at information security education for employees＞
Initiatives to Protect Personal Data
As a business that is in possession of information belonging to many clients, the Company has established regulations, including those to protect personal data, and strives to appropriately handle and protect them.
Affiliation to the Nippon CSIRT Association *1
CyberAgent launched the corporate group’s CSIRT IT Security Office in August 2014 as a systems counter to deal with security incidents and registered their affiliation with Nippon CSIRT Association. In the future, CyberAgent will strengthen security measures not only within the corporate group but also with a close joint framework with other companies.
*1: CSIRT (Computer Security Incident Response Team) is the collective name of organizations that deal with incidents (accidents or emergency situations) related to computer security. They constantly gather information regarding incidents, vulnerability, and signs of attack. They subsequently analyze them and formulate policies and procedures to counter them.