In order to ensure that clients’ information and assets are securely protected from increasingly challenging cyber security threats, and to enable clients to conduct transactions with peace of mind, Nomura Group continues to strengthen its cyber security platform under the leadership of the Crisis Management Committee and Group IT Officer.
The leadership team will be leveraging the Comprehensive Guidelines for Supervision of Financial Instruments Business Operators, etc. of the Financial Services Agency, the Cybersecurity Framework of the National Institute of Standards and Technology (NIST) and other overseas frameworks, as references to manage the Cybersecurity operations throughout the entire Nomura Group.
Nomura Group has established the Nomura Group Computer Security Incident Response Team (CSIRT) under the Crisis Management Committee’s secretariat.
In addition, Nomura Securities and Nomura Group companies have established CSIRTs to protect their operations, information assets, and systems.

Organizational Structure

Organizational Structure

Cyber Countermeasures

The following cyber countermeasures are being promoted for each of the five functional categories defined by the NIST Cybersecurity Framework.



  • Based on our management vision and risk appetite, we have identified information assets to be protected, and have established a Group-wide governance system.
  • We are continuously strengthening our system through threat-based penetration testing and third-party risk assessments.
  • We are conducting cyber risk assessments and countermeasures, including programs utilizing support from outside vendors.


  • We have deployed several system-related measures to protect against unauthorized access and computer viruses.
  • We regularly implement training, drills, and awareness-raising activities to increase the knowledge of executives and employees.
  • We have established a system to collect and share information on attackers and attack methods through communication with Financials ISAC Japan and specialized cyber security vendors.


  • We have established a monitoring system that operates 24 hours a day, 365 days a year, to detect abnormalities in a timely manner.
  • We have created a mechanism to collect and analyze system logs and to detect abnormalities, including internal misconduct.


  • In preparation for cyber incidents, we have established a system for quickly contacting clients, related institutions, and senior management.
  • We have created an incident response manual, and we analyze the cause of incidents, minimize damage, and otherwise respond mainly through CSIRT.


  • We have established a business continuity plan and a backup data center.
  • We have prepared for rapid recovery of business and systems through system switching training and cyber exercises.
Connecting Markets East & West