Our approach to information security

Various Measures

Information Security Education

Mitsubishi Electric provides the following education programs to foster a corporate culture that enforces the proper handling of confidential corporate information and personal information.

Education for all employees

An e-learning program on information security is offered once a year to all of the Company’s roughly 50,000 employees, to disseminate thorough knowledge of various issues on information security, including Mitsubishi Electric's policies, the status of information leakage incidents, laws and regulations on the protection of personal information, the Unfair Competition Prevention Act, and security measures (human, physical, technological, and organizational) to be taken by all employees.

Education corresponding to each career stage

Education on confidential corporate information management and personal information protection is provided to new employees, employees in their twenties and thirties, and newly appointed section managers, so that they may fulfill the roles that are expected of them at each career stage.

Exercises to practice handling spoofed e-mails

As a measure against cyber-attacks, Mitsubishi Electric regularly conduct exercises that allow all employees, including officers, to verify that they know how to handle spoofed e-mails. Employees of affiliates in Japan can participate in this exercise. At overseas affiliates in the Americas, Europe, and China, practice exercises are conducted according to local circumstances under the direction of regional representative managers.

Other individual training

Employees posted overseas are provided with a preliminary education program, which covers risks in confidential corporate information management and personal information protection outside Japan and examples of information leakage incidents that have occurred overseas.

Contractor Management

Confidential corporate information and personal information are entrusted to a contractor only after a proper non-disclosure agreement is concluded between Mitsubishi Electric and the contractor. The agreement stipulates all the security matters that we require. To ensure that confidential corporate information and personal information entrusted to a contractor will be handled with appropriate control, before entrusting the information to the contractor, we confirm that the contractor will maintain the proper level of protection. After submitting the information, we supervise the contractor by regularly examining a status report on the use and management of the information that we have submitted. Moreover, the agreement includes a special clause that provides for the protection of the personal information that we have submitted.

Cyber-Attack Countermeasures

Cyber-attacks have become a major threat for businesses. As they are growing increasingly sophisticated and diverse year-by-year, it is becoming difficult to prevent them. The Mitsubishi Electric Group deploys cyber-attack countermeasures through a multilayered defense consisting of a number of different defense measures stacked on top of each other. Furthermore, there are cyber-attacks that cannot be prevented entirely with a multilayered defense alone. Accordingly, we monitor cyber-attacks and have put in place a system to respond immediately should a case occur, in an effort to prevent or minimize damage.

Internet websites are constantly exposed to many external threats, and so we only launch websites that are approved in order to maintain high security level.