Security

From before, the LY Corporation Group has made utmost efforts against information security threats in accordance with its information security policy of: protecting its users from information leaks (confidentiality), providing round-the-clock service (availability), and securely protecting the service contents from destruction or fabrication (integrity).

INDEX

CISO Message

Hideyuki Nakahara, CISO

At LY Corporation, our highest priority is safeguarding our customers' trust and safety. As privacy and security become ever more paramount, it is also essential that we prepare ourselves against cybersecurity attacks and other threats.
Along with growing our business, we are committed to fulfilling our responsibility of offering services that form a crucial part of social infrastructure and serve a great many customers.

Hideyuki Nakahara, CISO
Joined Yahoo Japan Corporation in 2003. Served as Vice President of Front-end Development Division, R&D Management Group, Vice President of Smart Device Development Division, Smart Device Strategy Office, and other posts. Appointed Corporate Officer, President of System Management Group in April 2014.
Appointed Executive Corporate Officer, Executive VPoE, Head of Service Infrastructure Group, LY Corporation in October 2023. Appointed CISO in January 2024.

Cybersecurity Policy

From before, the LY Corporation Group has made utmost efforts against information security threats in accordance with its information security policy of: protecting its users from information leaks (confidentiality), providing round-the-clock service (availability), and securely protecting the service contents from destruction or fabrication (integrity).
In addition to these ongoing efforts, the LY Corporation Group, with a view to detecting and countering increasingly sophisticated cyberattacks, works to build information systems and provide services in compliance with the cybersecurity framework of U.S. National Institute of Standards and Technology (NIST).
LY Corporation has put together and declared these views as LY Corporation Group's Cybersecurity Policy.
Based on these basic approaches, LY Corporation has specified rules to be followed by employees on matters such as handling of information, in its internal regulations. Violations of the rules are subject to disciplinary action. Also, for the purpose of ensuring full understanding about the personal information handled in the company, as well as recognition of rules relating to it, all employees are required to submit written pledges.

Related links

LY Corporation Group's Cybersecurity Policy

Information Security Management System

LY Corporation establishes a supervisory organization of security to formulate rules and to provide necessary guidance and cooperation to the Group companies. The organization is chaired by the CISO who is appointed by the President and Representative Director and to whom authorities are transferred .

figure : Information Security Management System

• CISO: Chief Information Security Officer

Security initiatives in the whole Group

As part of the vertical governance over the Group's security, LY Corporation regularly monitors the status of security initiatives implemented at each Group company, based on the NIST cybersecurity framework, and continuously makes improvements in accordance with the results of the monitoring.

At the request of each Group company, LY Corporation also provides proactive support to improve the security level of the entire Group, including support for conducting vulnerability assessments and incident response training, as well as support for the introduction of security educational materials, security assessment services, incident response support services, and a variety of security solutions.

Page top