Information Security

Information Security

Fiscal 2020 Objectives Fiscal 2020 Achievements Self-Evaluation
  • Pass the certification renewal screening for ISO 27001
  • After holding training for employees aimed at dealing with Emotet* malware emails, hold individual preventative training for employees who had inadvertently opened the malicious emails sent during training
  • Maintained ISO 27001 certification (renewed July 22, 2020)
  • After holding training for employees aimed at dealing with Emotet* malware emails, held individual preventative training for employees who had inadvertently opened the malicious emails sent during training
★★
Priority Objectives for Fiscal 2021
  • Pass the recertification for ISO 27001
  • After holding training for employees aimed at dealing with new types of malware email, hold individual preventative training for employees who had inadvertently opened the malicious emails sent during training. Also, progressively expand training to overseas bases as well
  • Self-evaluation: ★★★ Achieved more than targeted / ★★ Achieved as targeted / ★ Achieved to some extent

Sharp is working to ensure information security by setting forth a Global Basic Policy on Information Security for the safe and appropriate management and use of information and information systems.

As part of its efforts to enhance information security, Sharp also acquired ISO 27001 (IS 635826) certification on June 30, 2015 and has secured an appropriate information security management system.

Summary of Certification Activities

Organization Sharp Corporation
Scope of Certification
  • Planning, management and operation of call center service
  • Taking care of use’s complaints
  • Administration and operation of a web site to sell digital books
  • Administration and operation of an affiliated web site
  • Customer satisfaction on service in photovoltaic generation system an energy related businesses
  • Implementation of in-company information management
Certification Number IS635826
Certification Body BSI Group Japan K.K.
Initial Certification Date June 30, 2015

Information Security Measures

In Japan, online sessions on information security are provided annually to all employees.

Also, since 2019, Sharp has worked to keep employees aware and informed by promptly sharing information company-wide about the characteristics, as well as actual examples, of targeted email attacks that have caused data security breaches to companies and organizations outside Sharp. Sharp also developed and introduced its own training system to tackle these targeted email attacks and held training four times for all employees in fiscal 2020.

Training emails mimicking the Emotet* malware emails, which have wrought havoc globally were sent out, and any employees who opened the file attachment or accessed the link in the training emails were provided with educational content to help them become more knowledgeable and vigilant.

Sharp will continue to stay abreast of the increasingly sophisticated attack methods being utilized and will continue to adapt its training to mimic the latest attack patterns, as well as progressively expand this training outside Japan to Sharp’s overseas bases in order to ensure a more robust and global preparedness.

Sharp is also continuing with strengthening measures, such as a vulnerability assessment of publicly accessible websites. It is also addressing the issue of information leaks caused by targeted cyber-attacks as well as the accessing of illicit websites. The company is putting in place hacking countermeasures and using log analysis for early detection of fraudulent actions. In addition, to verify company-wide information security measures, Sharp implements information security self-checks, and seeks to maintain and improve its level of information security.

  • A sophisticated, targeted email attack that uses content from actual emails sent and received by recipients in order to fool them.