First in the Retail Industry: Establishment of "Retail ISAC" to Share and Analyze Information Across Manufacturing, Wholesale, and Retail Sectors to Strengthen Cybersecurity
Asahi Group Japan, Trial, Mitsubishi Shokuhin, and NTT will establish the "Retail ISAC" in April 2026. This is the first framework in the distribution industry to share and analyze cybersecurity information across the supply chain.
📋 Article Processing Timeline
- 📰 Published: April 6, 2026 at 23:00
- 🔍 Collected: April 6, 2026 at 14:30
- 🤖 AI Analyzed: April 21, 2026 at 01:56 (347h 26m after Collected)
Asahi Group Japan, Ltd. (hereinafter "Asahi Group Japan"), Trial Holdings, Inc. (hereinafter "Trial"), Mitsubishi Shokuhin Co., Ltd. (hereinafter "Mitsubishi Shokuhin"), and NTT Corporation (hereinafter "NTT") will establish an ISAC (Information Sharing and Analysis Center), the first of its kind in the distribution industry focusing on food, beverages, and daily necessities. This framework, established together with the founding companies during April 2026, aims to share and analyze information across corporate boundaries and start efforts to improve the "collective defense capability" against cyber threats throughout the distribution industry.
1. Background and Aims of Launching Retail ISAC
In recent years, cyberattacks have continued to become more sophisticated and ingenious. There are growing cases where targeting a specific company in the supply chain causes catastrophic damage to the business activities of the entire supply chain. In particular, the distribution industry centered on food, beverages, and daily necessities is composed of a three-tier structure tightly linking manufacturing, wholesale, and retail. A cyber incident occurring in a single company poses a risk of having widespread effects on society and people's lives through production halts, logistics disruptions, and store closures.
Furthermore, regarding responses to cyber incidents in recent years, there is a limit to how much individual companies and organizations can handle alone. Attention is being drawn to ISAC initiatives, where sharing and analyzing information on security measures across the industry allows attacker IoC*1 information and vulnerability information likely to be targeted in the distribution industry to be quickly shared with ISAC member companies, expecting to improve the defense capability against cyberattacks across the entire supply chain.
Given this situation, Asahi Group Japan, Trial, Mitsubishi Shokuhin, and NTT, together with the founding companies, have decided to establish the "Retail ISAC" with the aim of strengthening cybersecurity measures in the distribution industry.
2. Purpose and Activities of Establishing Retail ISAC
The Retail ISAC will complement the limits of individual company responses and serve as a framework to prepare for cyber risks as an entire industry. Participating companies will share and analyze information based on trust, leading to effective countermeasures.
The purposes of this ISAC are as follows:
1. Collection, analysis, and sharing of threat and incident information
Grasp and share signs of cyberattacks and damage cases across the three business models of manufacturing, wholesale, and retail, aiming to raise awareness and sophisticate initial responses within the industry.
2. Organization of best practices in the distribution industry
Bring together each company's initiatives and knowledge regarding various security guidelines, and organize and share them as practical guidelines based on industry characteristics.
3. Enlightenment and human resource development regarding information security
Aim to improve the skills of practitioners, management, and administrators, and raise the basic level of response capabilities in the field through study sessions, exercises, etc.
After the establishment of the Retail ISAC, working groups will be set up for each purpose to deepen discussions throughout the year and provide regular achievement reports to member companies. Member companies will be able to receive knowledge on security measures specialized for the distribution industry.
Through the above, we will contribute to the safety and security of people's lives by suppressing the occurrence of supply disruptions caused by cyber incidents and ensuring a stable supply of food and daily necessities.
3. Future Plans
Future plans are to be announced.
1. Background and Aims of Launching Retail ISAC
In recent years, cyberattacks have continued to become more sophisticated and ingenious. There are growing cases where targeting a specific company in the supply chain causes catastrophic damage to the business activities of the entire supply chain. In particular, the distribution industry centered on food, beverages, and daily necessities is composed of a three-tier structure tightly linking manufacturing, wholesale, and retail. A cyber incident occurring in a single company poses a risk of having widespread effects on society and people's lives through production halts, logistics disruptions, and store closures.
Furthermore, regarding responses to cyber incidents in recent years, there is a limit to how much individual companies and organizations can handle alone. Attention is being drawn to ISAC initiatives, where sharing and analyzing information on security measures across the industry allows attacker IoC*1 information and vulnerability information likely to be targeted in the distribution industry to be quickly shared with ISAC member companies, expecting to improve the defense capability against cyberattacks across the entire supply chain.
Given this situation, Asahi Group Japan, Trial, Mitsubishi Shokuhin, and NTT, together with the founding companies, have decided to establish the "Retail ISAC" with the aim of strengthening cybersecurity measures in the distribution industry.
2. Purpose and Activities of Establishing Retail ISAC
The Retail ISAC will complement the limits of individual company responses and serve as a framework to prepare for cyber risks as an entire industry. Participating companies will share and analyze information based on trust, leading to effective countermeasures.
The purposes of this ISAC are as follows:
1. Collection, analysis, and sharing of threat and incident information
Grasp and share signs of cyberattacks and damage cases across the three business models of manufacturing, wholesale, and retail, aiming to raise awareness and sophisticate initial responses within the industry.
2. Organization of best practices in the distribution industry
Bring together each company's initiatives and knowledge regarding various security guidelines, and organize and share them as practical guidelines based on industry characteristics.
3. Enlightenment and human resource development regarding information security
Aim to improve the skills of practitioners, management, and administrators, and raise the basic level of response capabilities in the field through study sessions, exercises, etc.
After the establishment of the Retail ISAC, working groups will be set up for each purpose to deepen discussions throughout the year and provide regular achievement reports to member companies. Member companies will be able to receive knowledge on security measures specialized for the distribution industry.
Through the above, we will contribute to the safety and security of people's lives by suppressing the occurrence of supply disruptions caused by cyber incidents and ensuring a stable supply of food and daily necessities.
3. Future Plans
Future plans are to be announced.