Based on its risk management policy, the NYK Group has established an appropriate risk management system, which helps prevent the materialization of risks by identifying and assessing risks and formulating counterstrategies accordingly. If risks materialize, NYK gives first priority to dealing with matters that may endanger human lives. At the same time, the Company avoids or mitigates risks by obtaining appropriate information on all materialized risks in a timely manner so that the proliferation of damages can be prevented and operations can be promptly restored.

The businesses and performance of the Group could be affected by technological innovations, natural disasters, and social factors such as the economic and political climate, environmental regulations,and safety and security in countries worldwide. As they best understand the nature of operations, the personnel of operating divisions conduct quantitative and qualitative evaluations of risks in accordance with the Company's risk management policy and rules.

Risk Map

A wide variety of economic, political, and social factors in countries throughout the world have the potential to impact negatively the NYK Group's mainstay shipping and integrated logistics operations as well as the Group's cruise and other businesses. Please click on the link below.

The NYK Group continuously reinforces multilayered defenses in readiness for cyberattacks, which are evolving and diversifying on an almost daily basis. However, given that the perfect defense is infeasible, the Group is also developing countermeasures focused on cyber resilience, thereby enabling rapid recovery from damages. Moreover, the Group is putting in place "zero trust" countermeasures, which are not reliant upon the boundary defenses of the networks used when introducing cloud computing or telecommuting.
Specifically, the Group is introducing a multi-factor authentication(MFA) system and an endpoint detection and response (EDR) system while introducing cloud systems to reduce risks caused by malfunctions or disasters as well as a global security operation center (GSOC) to monitor IT equipment worldwide around the clock 365 days of the year. These systems are designed to minimize damages by rapidly detecting and countering hacks. In parallel with these measures at onshore bases, as a maritime shipping company, we are also working to improve cybersecurity between ships and onshore bases by strengthening our maritime telecommunications systems. Further, in regions worldwide the Group has established computer security incident response teams (CSIRTs), that coordinate with each other globally. By promptly sharing and managing information not only with IT departments but also with other departments when an incident occurs, the teams underpin a system that enables the member of senior management to make decisions appropriately.
All of these initiatives rest upon the foundation of the Group employees' security literacy. To increase this literacy generally, for Group companies in Japan and overseas, we have introduced an education platform, conducted regular cyberattack countermeasure drills, and carried out security assessments. Through these initiatives, we will regularly monitor the degree to which our measures are becoming permanently entrenched.