MENU
MENU
Press Release] Completely free of charge! Donation Box Shape Added to "Wampaco" Box Development Service
News] Introduced in KBC Kyushu Asahi Broadcasting Corporation's Evening Wide Information Program "Gyutto
News] Introduced in TV Asahi Broadcasting Corporation's "Ariko Times
News] Introduced in TVQ Kyushu Broadcasting's "TVQ News + (Plus)".
News】FBS Fukuoka Broadcasting System "Mentai Wide" introduced us.
Sanpo-yoshi Communication
A story I heard from one of my business partners the other day sent chills down my spine.
The company, with sales of several tens of billions of yen, is truly a company specializing in offering cyber security measures to its customers. However, the company has been hit by a cyber attack, and the company is in turmoil.
When we asked for more details, we learned that although the company's own security measures were perfect, the cause was an intrusion from an "affiliated company" whose security measures were inadequate. The attackers targeted the weakest link and used it as a springboard to infiltrate the mainframe.
The story did not end there. He was dismayed to learn that he had already lost hundreds of millions of yen in sales because a major client, fearing a second outbreak, had told him to stop doing business with them. Even for an expert, a momentary lapse can be fatal. And the damage is not limited to your own company; it can take away your most important asset, the "trust" of your customers, in an instant.
This story is no longer about other people. It is a stark reality that "you can no longer protect your company simply by fortifying your own defenses. Instead of directly targeting large companies with strong security, attackers are looking at small and medium-sized companies as weak points in the supply chain and using them as a foothold to gain entry. The "we don't have enough information to be targeted" mentality makes them easy targets.
So what should we do? While it is important to implement advanced systems, I believe that the first step is to thoroughly implement basic measures that can be started today.
* Stop using passwords and make them more complex.
* Set up "multi-factor authentication" combining not only IDs and passwords but also smartphones and other devices.
* Keep computer operating systems and software up-to-date without hassle.
These must become commonplace "habits" just like seat belts in a car or daily locks.
Needless to say, upon my return to the company, I immediately instructed the systems department to re-examine the risks through the group companies and suppliers. Security measures are no longer the sole responsibility of the IT department. It is a top priority for our management to protect the trust of our customers, the lives of our employees, and the future of the company itself. I am convinced that we must reevaluate our security measures once again as an investment in "trust," not in cost.