Yokogawa has joined the Common Vulnerabilities and Exposures (CVE) Program as a CVE Numbering Authority (CNA). As of October 24, 2023, the company is authorized to assign CVE IDs to cybersecurity vulnerabilities for Yokogawa Group companies' products and Yokogawa Group subsidiaries' products.
In 2014, the company started collecting information on Yokogawa product vulnerabilities and countermeasures and began disclosing this information in Yokogawa Security Advisory Reports. In accordance with the CVE Program's mission of identifying, defining, cataloging, and publicly disclosing vulnerabilities, Yokogawa included CVE IDs in the Yokogawa Security Advisory Reports. Now, as a CNA, Yokogawa does not need to request and wait for the issuance of a CVE ID and can therefore quickly disclose information on cybersecurity vulnerabilities.
Yokogawa says it remains vigilant in its efforts to reduce cybersecurity risks with its products and provides cybersecurity support over the entire lifecycle of its control systems, from system design and development to construction and operation. When a vulnerability is found, the company will act as prescribed in the Yokogawa Group Vulnerability Handling Policy and provide whatever support is needed to ensure the security of its customers' assets.
In 2008, the company established a Security Competence Laboratory in Singapore to research and stay up to date on the latest advances in IT security technology, and it has gone on to open similar laboratories in Japan, India, and the US.