Cyber Security Cloud, Inc. (Headquarters: Shinagawa-ku, Tokyo, Representative Director, President and CEO: Toshihiro Koike, hereinafter referred to as "the Company"), a global security manufacturer, has held a "Crisis Management Seminar on Preparing for the Threat of Cyber Attacks" with the aim of enhancing corporate incident response capabilities from the perspective of crisis management, in light of the current situation in which the impact of cyberattacks has intensified in recent years has spread to corporate activities and social infrastructure. was held on Thursday, March 27, 2025.

This seminar focused on crisis response in the event of a cyber attack, with experts working on the front lines explaining initial responses and preparations in peacetime in an easy-to-understand manner. Over 70 people participated online.

In addition, an archived version of this seminar will be available for a limited time from Monday, April 28, 2025 to Saturday, May 31, 2025 at 23:59.

[Opening remarks and the current state of cyber attacks]

Our CSO and CISO, Mr. Kiriyama, introduced the results of his analysis of the latest attack trends. Based on observation data from the company's "Shadankun" and "WafCharm," he showed that in 2024, there were months when more than 8,000 attacks were recorded per host, indicating that attacks are no longer limited to "specific companies," but rather to all environments connected to the Internet.

[Session Report]

Session 1: Daisuke Kyogaku (Deputy Director, Cyber Section, Fire and Corporate New Business Department, Tokio Marine & Nichido Fire Insurance Co., Ltd.)

Theme: "The latest trends in cyber insurance and its applications discussed by cyber insurance developers"

Kyogaku spoke about the importance of corporate preparedness from the perspective of cyber insurance. He introduced how the "emergency hotline service" and expert support that come with cyber insurance can be a great help, especially for small and medium-sized enterprises, who find it difficult to build a response system. He also shared the process of forensic investigations and recovery support when an incident occurs, and emphasized that "cyber insurance should not be used as a talisman, but should be actively used as the starting point for initial response."

Session 2: Naoki Bando (Fellow of the Software Association of Japan, Director of BC Signpost Corp.)

Theme: "Communication during incidents involving information leaks"

Mr. Bando gave a practical explanation of how to respond when a data leak occurs, based on examples of ransomware damage suffered by medical institutions and local governments. He introduced the reality of information actually being made public on the dark web, and an example of a virtual infrastructure being encrypted in 30 seconds. He pointed out "pitfalls in preparation" such as vulnerabilities in VPN equipment, poor password management, and insufficient EDR/NDR operational systems, and said, "Sincere information disclosure is essential so that companies are not seen as 'perpetrators.'"

Session 3: Daisuke Tsuta (Mori Hamada & Matsumoto Foreign Law Joint Enterprise)

Theme: "Legal responses and practical points when personal information is leaked"

Tsuta introduced the reporting and notification obligations under the Personal Information Protection Act, including the difficult question of whether or not there is a risk of information leakage, and the important points for legal action. In particular, he shared how the presence or absence of logs is directly linked to legal assessment, how to review the division of responsibilities in contracts, and how to utilize the small and medium-sized enterprise support system. He advised, "It is important to respond calmly and practically, rather than stirring up anxiety."

[Panel discussion]

Theme: "What should you do in the 'first 30 minutes' when a security incident occurs? / What 'preparation for peacetime' is necessary for your company?"

• Speakers: Daisuke Kyogaku, Naoki Bando, Daisuke Tsuta
• Moderator: Hayato Kiriyama (Cyber Security Cloud, Inc.)

Overview:

As a response required in the "first 30 minutes" immediately after an incident occurs, each speaker pointed out the importance of "preserving evidence," such as "saving logs," "disconnecting from the network," "cutting off backup lines," and "avoiding system initialization." In addition, it was pointed out that in addition to introducing EDR and NDR, it is also essential to develop an effective operation system.

In the second half of the session, "Preparation for peacetime," it was stated that it is necessary to introduce multi-factor authentication (MFA), maintain appropriate relationships with vendors, and prepare a business continuity plan (BCP) in the event of a system outage. In particular, opinions were exchanged that non-IT departments should also consider cyber incidents to be their own concern and respond from a company-wide perspective.

Furthermore, specific measures such as the increased costs of forensic investigations and utilizing expert networks through cyber insurance were mentioned, and the view was expressed that a dual approach of "preparation" and "systems" will lead to a sustainable crisis management system for companies.

【Summary】

In this seminar, experts well versed in the fields of technology, law, and communication gave practical and multifaceted explanations on how to prepare for and respond to cyber attacks. We will continue to provide information and support to contribute to strengthening corporate security systems and improving the crisis response capabilities of society as a whole.

[Limited-time archive distribution announcement]

You can watch the archived video of this seminar for a limited time.
Viewing deadline: April 28, 2025 (Monday) ~ May 31, 2025 (Saturday) 23:59
Click here to request an archive viewing: https://my69p.com/p/r/kiYIMtQR