Mihoko Matsubara, Chief Cybersecurity Strategist, NTT Corporation, Japan
By Yun Xuan Poon
Women in GovTech Special Report 2020.
How do you use technology/policy to improve citizens’ lives? Tell us about your role or organization.
I am Chief Cybersecurity Strategist at NTT Corporation, which is a Tokyo-based global information and communication technology (ICT) service provider. The NTT Group has over 280,000 employees and offers its services in over 190 countries in the world. I am responsible for cybersecurity thought leadership activities to share information about the cyber threat landscape, cybersecurity best practices, or the cybersecurity trend in Japan, including public-private partnerships with the leadership and general public in academia, government, and industry. NTT is the only Japan-based global company that has a cybersecurity thought leadership team.
Since I used to serve at the Japanese Ministry of Defense, and worked at a US think tank and also US-based tech companies, my mission is to be a bridge between academia, industry, and government in different countries. Today we are using more technology platforms and tools to stay connected with our family, friends, and colleagues during the Covid-19 pandemic and ICT is an integral part of our daily lives, business operations, and national security.
Cybersecurity is crucial to protect them. Yet, we are still overwhelmed by the technicality of cybersecurity. The goal of my team is to share cybersecurity narratives on threats and best practices and make them relevant to audiences’ missions so that they can learn how to best protect ourselves.
What was the most impactful project you worked on this year?
Due to the travel constraints posed by the pandemic, there has been a drastic increase in the number of webinars and online conferences since March 2020. This shift to virtual conferences has allowed me to share cybersecurity movements in Japan including the preparation for the 2020 Tokyo Summer Olympic and Paralympic Games and public-private partnerships with global audiences much more frequently. Furthermore, I have also been afforded the opportunity to engage with senior executives to discuss the latest trend of cyberattacks on their industry and cybersecurity actions to take.
What is one unexpected learning from 2020?
It has been shocking to see the growth of cyberattacks on the healthcare sector such as cyber espionage to steal Covid-19 vaccine information or ransomware attacks to disrupt hospital operations and monetize their cyberattacks. Every one of us needs access to medical services especially during the pandemic.
It is commendable that hundreds of cybersecurity professionals around the world stood up and launched coalitions such as Covid-19 Cyber Threat Coalition and Cyber Threat Intelligence League to provide cyber threat intelligence and cybersecurity advice and support to impacted healthcare institutions.
Some companies including Coveware and Emsisoft also began to offer free cybersecurity tools and services to healthcare institutions. NTT Ltd. provided free cybersecurity consulting services for healthcare institutions in multiple countries between this spring and summer.
What tool or technique particularly interests you for 2021?
According to the NTT 2020 Global Threat Intelligence Report, one of the global key findings is that nearly 55 % of all attacks were application-specific attacks, and 22 % were web-application attacks. Due to the pandemic, we are using applications, especially cloud collaboration tools and so I expect the importance of application and cloud security will grow next year. While zero trust is nothing new and it is a decade-old concept, the pandemic will push us more to embrace zero trust to protect remote workers rather than solely reliant on perimeter defense.
What are your priorities for 2021?
After I published a book on cybersecurity in the end of 2019, I have been writing shorter pieces to analyse timely issues such as Covid-19 pandemic-related cyberattacks on the education and healthcare sectors. While I am certainly keen to continue to do so for busy business people and policy makers, I look forward to start writing longer papers again.
What advice would you give to women looking to start a career in GovTech?
Be open to learn about any skillsets, from technology to business management, law, and policy. Nobody has a full knowledge about any technology or cybersecurity from the beginning. Everybody used to be a baby and somehow they picked up skillsets along the way in their academic or professional journey.
Technology is there because it helps people and organisations improve their efficiency and effectiveness. It is indispensable to learn about technology to advance your career in GovTech, but it is not enough. It is also important to learn how this technology and your skillset can help solve current issues. That is why you also have to understand non-technical issues such as business, law, and policy.
The Covid-19 pandemic has been a difficult year, however people in the tech sector, with the appropriate skills are still in high demand. Be ambitious and optimistic. I wish you all the best of luck and look forward to working with you!