NRI SecureTechnologies, Ltd. | Blog

Pola Orbis Optimizes Security with NIST CSF 2.0 Assessment

Written by NRI Secure | Feb 9, 2026 7:54:02 AM

Pola Orbis Holdings, a global enterprise with numerous locations both in Japan and overseas, manages a diverse portfolio of brands, primarily in the cosmetics business. In April 2022, the company established the Group Digital Solutions Center to accelerate group-wide digital transformation (DX) while simultaneously advancing IT rationalization.

As part of its commitment to strengthening security, the company decided to implement assessment and improvement activities based on the NIST Cybersecurity Framework (NIST CSF). In response, NRI Secure developed specialized questionnaires tailored to the NIST CSF and provided assessment support services on its "SecureSketCH" platform. Pola Orbis Holdings has been utilizing this service to conduct ongoing assessment and improvement activities since 2023.

At a Glance

  • CHALLENGE
    • Lack of visibility into the security status of each group company, preventing the implementation of comprehensive enhancement measures.
    • Need for continuous assessment and industry benchmarking by utilizing an objective, globally recognized framework.
  • SOLUTION
    • Conduct a standardized security maturity assessment across 22 group companies.
    • Establish a system to calculate both the NIST CSF 2.0 Tier value and the SecureSketCH score.
  • RESULTS
    • Visualized the group's overall strengths and weaknesses, clearly defining areas for prioritized action.
    • Enabled reporting to the executive management team with persuasive, data-driven explanations, including industry comparisons.
    • Clever operational tactics and effective use of features allowed self-service deployment to overseas locations.
         

Background

Adopting NIST CSF for Objective, Continuous Group-Wide Assessment

Mr. Akihiro Iihara, Manager of the Network & IT Security Team at the Group Digital Solution Center

 

Pola Orbis Holdings established a dedicated team and a cross-group information security committee. This structure allowed them to implement security strengthening measures across the group. However, a major challenge remained: effectively understanding the current security status of each group company, which was essential for driving effective measures.


Mr. Akio Iihara, Manager of the Network & IT Security Team at the Group Digital Solutions Center, recalls the situation at the time:


The company's organizational culture significantly influenced the process of adopting the NIST CSF.

Key Selection Factors

Why SecureSketCH? Combining NIST CSF Compliance with Industry Benchmarking

When the company began its tool selection process in July 2023, its primary focus was on practical usability and the ability to achieve objective, continuous evaluation. Mr. Iihara elaborates on the reasoning behind their final decision.


To address this, NRI Secure leveraged SecureSketCH's strength in providing statistical data for competitor comparison. They proposed an evaluation support system that could simultaneously calculate both the SecureSketCH score (out of 1,000 points) and the NIST CSF evaluation tiers (Tier 1-4).

 

Figure 1: Unified Assessment Mechanism for SecureSketCH and NIST CSF 2.0

 


Ms. Yumi Yamamoto of the Network & IT Security Team explains why this proposal was the deciding factor:

Ms. Yumi Yamamoto of the Network & IT Security Team at the Group Digital Solution Center

Deploying NIST CSF 2.0 Questions to 22 Companies with Operational Support

After the decision, NRI Secure provided flexible support for both technical and operational aspects.

 

Through a phased approach, starting with two pilot companies in 2023 and expanding to all 22 companies in 2024 following the NIST CSF 2.0 update, Pola Orbis successfully established its evaluation foundation.

Visualizing Group-Wide Risks

Comprehensive Assessment Reveals the Full Picture

The comprehensive evaluation of 22 group companies brought previously unseen organizational conditions to light. Mr. Iihara discusses the insights gained from the results.

 

Figure 2: Group-Wide Evaluation Results (Sample Data)



This visibility sparked a change in mindset across group companies.

Elevating Management Reporting with Data-Driven Benchmarks

Combining NIST CSF Tiers with Industry Comparisons

The hybrid approach of outputting NIST CSF 2.0 Tier values and SecureSketCH scores simultaneously has been a game-changer for management reporting.

 

Streamlining Global Operations

Achieving Efficiency Across Language Barriers

On the operational side, the system's characteristics enabled efficient management.

 

Figure 3: Response Progress Monitoring Dashboard on SecureSketCH



Deploying to overseas bases presented challenges, but the team overcame them through operational ingenuity.

Future Outlook

From Common to Individual Issues: A Phased Approach to Security

Moving forward, Pola Orbis plans a strategic approach to improving security maturity.

 

Expectations for SecureSketCH and a Message to Peers

Mr. Iihara shares his current challenges and future expectations for the platform.


Ms. Yamamoto offers advice to companies facing similar challenges.


Learn more about the solutions featured in this case study
SecureSketCH Product Information
Download Service Brochure
Contact Us
View full post