Information is a critical corporate asset in promoting the use of data and advanced digital technologies. The Daiichi Sankyo Group has implemented effective security measures against the risk of leakage and falsification of confidential information and production line stoppage, among other risks through the creation of a robust cyber environment.

Improvement and Strengthening of Information Security Management System

To ensure a stable supply of products and provide reliable information to customers, we have established a global policy on information security. We have designated the CDXO*1 as the ultimately responsible person for the overall management of information security. Additionally, we have determined that the Head of Global Cybersecurity, appointed by the CDXO, will lead the implementation of information security measures within the Daiichi Sankyo Group alongside the Security Committee, which promotes these measures.
The information and system assets referred to in the information security policy include information on our business units, as well as our business partners and customers, and the data, media, information systems, and industrial systems that include the information.  We aim to elevate the global level of information security by establishing the Daiichi Sankyo Group Information Security Standard, evaluating the implementation status of security measures across the Daiichi Sankyo Group, and fostering continuous improvement based on the results. In order to protect information resources from security threats, it is paramount to continuously raise the awareness of all employees. DS Group company's situation, including explanations of cyber-attack methods such as phishing emails, identification of attacks and how to react.

*1Chief Digital Transformation Officer

Measures for Cyber Security

The CSIRT^*2, the framework for dealing with incidents relating to computer security in enterprises, is managed under the leadership of the Head of Global Cybersecurity in order to respond to the increasing number of cyber-attacks in society over recent years.
With the cooperation of external security partners, the security monitoring system is operating 365/24/7, and a system is in place to respond swiftly to incidents that have occurred. It is important to collaborate with other organizations in the same industry as well as other industries to manage the threat of cyber-attacks.
In collaboration with external security teams such as external specialist organizations and other companies' CSIRT, we collect information related to cyber security and proposes and promotes security measures for the DS Group.
Moreover, we are continuously working, with the CSIRT at the center, to contribute to the improvement of security not only within the DS Group but also in society as a whole by building cooperative relations with external organizations.

*2Computer Security Incident Response Team

 

Measures for Operational Technology (OT) Security

To fulfill our mission of providing a stable supply of top-quality pharmaceutical products, we are implementing operational technology security (OT security) measures. These measures guard against risks of cyber-attacks to controllers and systems involved in the manufacturing process of pharmaceuticals.
Specifically, we are promoting security measures by designing a standard model based on recommended security technology measures for manufacturing sites, and evaluation and management processes for identifying and managing OT security risks. With these measures, we minimize risks in quality control that could jeopardize stable supply, helping provide pharmaceuticals to our patients.

Personal Information Security Initiatives