Japan is counted among the developed economies in the global arena. But when it comes to cybersecurity and countering contemporary information security threats, the level of maturity may not be at par with North America, Oceania and Europe, says Masayoshi Someya, Senior Security Evangelist with Trend Micro Japan. In a survey conducted in March 2015 by Trend Micro, only 35 percent of enterprises have a good understanding of threats from targeted attacks and data breaches, he says.
"The awareness is something that has only started picking up in the last two years or so. Maybe up until 5-6 years ago, cybercriminals attacking specific enterprises for critical information was not something a lot of people talked about in Japan," he says. "In the last five years, criminals have been targeting not just the government or public sector organizations, but also commercial enterprise businesses."
Furthermore, in the threats seen against Japanese organizations, the tactics and tools being used in attacks, there are key differences from those experienced by the rest of the world, Someya says.
For instance, historically speaking, command and control servers for targeted attacks used to be located outside Japan when it came to attacks against Japanese entities. In 2014, 44 percent of these C&C servers were located inside Japan, making it hard for enterprise administrators to block traffic that appears to be going to legitimate business sites within the country using conventional filtering techniques.
Someya was a speaker at the RSA Conference Asia, Pacific & Japan, held in Singapore, where he presented a session titled, Are Enterprises in a Losing Battle Against Targeted Attacks? In this exclusive interview with Information Security Media Group, Masayoshi Someya shares key insights on the question of how prepared the security ecosystem in Japan and Asia is to address the threat from targeted attacks. In addition he shares advice on:
- Key indicators of compromise;
- Some security variables unique to Asia;
- Recommendations and countermeasures enterprises need to adopt.
Masayoshi Someya is Senior Security Evangelist, Trend Micro Incorporated in Japan. Someya San is responsible for evangelism and incident response communication based upon security landscape, market trends, and the company's threat intelligence. He has extensive knowledge and experience in the field, with almost 20 years of working in all aspects of the industry around the world, including North America, Europe, and Asia Pacific.