IT Security and Information Management Initiatives
The Chugai Group is promoting digital transformation (DX), having formulated CHUGAI DIGITAL VISION 2030 based on the main strategies of strengthening digital platforms, using digital technology to create new drugs, and optimizing all value chains.
In promoting DX, it is essential to expand responses to newly emerging risks including large-scale data breaches, infringement of intellectual property, and privacy violations. Chugai has established CHUGAI CYBER SECURITY VISION 2030 based on expected changes in the internal environment such as an expansion of areas requiring security management and the need for data governance, and changes in the external environment such as increasingly sophisticated and complex threats and tighter regulations and guidelines. Under this vision, Chugai is taking steps in the three areas of organizational management, people and culture, and technology to carve out a position as a leading company in cyber security and thereby help achieve the goal of becoming a top innovator in the healthcare industry.
Chugai has continued with annual initiatives to further improve the security level of the entire Group, including that of subsidiaries outside Japan. In addition, we are building an organizational framework comprising representatives from various functions and further strengthening our IT business continuity plan (BCP) to respond to security incidents. We also actively share information within the pharmaceutical industry.
People and culture
Given the importance of raising awareness so that all employees view security as integral to them, Chugai has established guidelines specifying compliance requirements and regularly provides training on the latest threats. Going forward, we aim to create a security-first culture in the Chugai Group by implementing cross-functional security measures and training security specialists.
In addition to conventional defense-in-depth measures, Chugai is moving toward zero-trust security to respond to increasingly sophisticated and complex cyber attacks, while supporting diverse work styles through remote work and mobile devices, as well as increased use of cloud services. We also conduct ongoing monitoring and regular incident response training to ensure immediate detection and prompt action should any security incident occur.