In recent years, the threat of cyberattacks has grown globally, and in Japan, cybersecurity risks have further increased due to digitalization and the widespread adoption of telework during the COVID-19 pandemic. Various cyberattack incidents have been confirmed, including ransomware infections, DDoS attacks, targeted attacks, and unauthorized access. Beyond direct attacks on companies, there is also an increasing risk of third-party attacks through service providers, partners, or outsourced vendors.

Our company supports the development and enhancement of cybersecurity frameworks. We offer comprehensive support, from expanding governance measures related to cybersecurity to technical assessments identifying gaps in cybersecurity measures. Specifically, we assist in building systems based on the three lines of defense, expanding response frameworks in line with the PDCA cycle, and providing incident response training programs. Our cybersecurity training programs have been adopted by numerous ministries, including the Financial Services Agency, as highly effective exercises.

Additionally, we have a proven track record in policy support through commissioned research and studies for government agencies, both domestically and internationally. We have conducted research projects on cybersecurity regulations in various countries, commissioned by multiple ministries.

In governance framework development, we analyze the target state and current gaps based on regulations and guidelines, considering human resources, necessary operations, and organizational roles to build a feasible grand design and provide execution support. In risk management framework development, we offer cybersecurity risk assessment methods considering system importance and the risk of cyberattacks.

Our incident response training programs set realistic scenarios based on recent cyberattack trends and company operations, implementing exercises and proposing improvements based on the results. Unlike general training, we provide concrete improvement proposals through scenario analysis.

In technical assessments, we offer assessment services and evaluation reports based on tools such as the "Cybersecurity Assessment Tool" used in the US and the Financial Services Agency's "Cybersecurity Self-Assessment Tool" (CSSA) in Japan. We accurately evaluate the current response status of financial institutions and identify missing technical factors, supporting the derivation of effective countermeasures.

• Establishment of a cybersecurity framework through the formulation of guidelines, risk management procedures, and incident response manuals compliant with various cybersecurity guidelines
• Strengthening of emergency response frameworks through incident response training programs simulating cyberattacks
• Identification of the current technical status and missing technical measures for effective cybersecurity responses

• Cybersecurity Management Framework Development Support (Regional Banks)
• Cyber Incident Response Procedure Development Support (Financial Industry Associations, Regional Banks)
• Cybersecurity Incident Response Exercises (Central Government Ministries, Financial Industry Associations, Regional Banks)
• Research on Cybersecurity Measures in the Financial Sector in Foreign Countries (Central Government Ministries)

• FinTech Journal: Why Did the Financial Services Agency Create the "Security Self-Assessment Tool"? Background and Trends
• FinTech Journal: What Does the Financial Services Agency Demand? Key Points for Managing "Assets, Access, Logs" in-house
• FinTech Journal: Key Points for "Incident Response" and "Third-Party Management" as Demanded by the Financial Services Agency