Information security

Our information security risks relate to all the valuable data we hold. This not only includes details about our customers, consumers, suppliers, and employees, but also information on our business strategy and our engineering and experimental data, including results from research. The danger is that this important information could be stolen, leaked, or damaged in some way.

In order to minimize this risk, we are committed to continuously enhancing our information security framework. We regularly update our policies and procedures to adapt to evolving business and technical landscapes.

As we increasingly move towards the use of cloud services for data processing, we are re-evaluating risk and strengthening our security defences. We continually assess the threat to our company using a variety of security intelligence methods. In May this year, EU data protection regulations came into force, and we have defined technical and operational measures to demonstrate that we comply with them. In addition, we have established a global information collaboration framework so that we can respond quickly in case of a data emergency.

We constantly educate employees about information security risks. In 2018, 99.4% of employees in our Japanese operations received security education. Our international tobacco business has a bespoke i-secure program, which was established to promote a culture of cyber security awareness both at home and at work. In 2018, the program included more than 120 awareness sessions across many of our 95 entities worldwide. This sort of training ensures that, alongside our technical defences against cyber crime, all employees are also striving to better protect our information.