Information SecuritySustainability

Fundamental Approach

At JERA, our mission is to provide cutting-edge solutions to the world's energy issues.
The use of information technology is indispensable for achieving this mission, and we have established the JERA Group Information Security Basic Policy to protect our information assets and enhance the safety of transactions.

Cybersecurity Management System

To promote cybersecurity, we have established a structure for managing cybersecurity risks under the responsibility of senior management and our Chief Information Security Officer (CISO).

The Security Subcommittee, headed by the CISO, has been established to promote cybersecurity activities during normal operations in coordination with the Risk Management Committee, which oversees the entire risk management structure.

Moreover, we have established security management functions and a Security Incident Response Team (SIRT) to assist the CISO and management in overseeing cross-organizational security measures and incident response.

Diagram of Cybersecurity Management Structure (as of July 1, 2024)

Diagram of Cybersecurity Management Structure(as of July 1, 2024)

Enhancing Information Security Measures

The scope of the Information Security Basic Policy extends to all personnel involved in operations and all resources used in operations, such as materials and environments. It aims to manage and protect related information assets while strengthening security measures to address risks such as cyberattacks.

There continued to be no serious incidents related to infor mation security or the protection of personal information in FY2024.

We continuously educate all employees who handle infor mation assets to raise their awareness of information security and improve their skill level. Our aim is to ensure thorough compliance with this policy and relevant laws and regulations.

Education and Training on Information Security (FY2024)

Security Education
  • Participants: 4,747 (including officers, employees, and temporary staff)
  • Frequency: Once a year
  • Method: e-learning
Training on Targeted Email Attacks
  • Participants: 4,858 (including officers, employees, and temporary staff)
  • Frequency: Twice a year
  • Method: E-mail

At JERA, we have put together a roadmap for future security measures, including a plan to establish a global security infrastructure to improve information security across the entire group.

In addition, to promote operational efficiency through the use of secure generative AI, we have formulated the "JERA AI Usage Guidelines," which include security compliance items and usage instructions. We have shared these guidelines with officers and employees.

Enhancement of Information Security Measures for Domestic and Overseas Group Companies

We refer to the Cybersecurity Management Guidelines established by the Ministry of Economy, Trade and Industry (METI) to review and implement security measures for the JERA Group. We are also promoting security management at group companies both in Japan and overseas while strengthening security through risk management and security education. In addition, in March 2024, we obtained Information Security Management System (ISMS) certification for some operations at group company JERA Cross.