Cybersecurity as a global, multi-sector activity with Mihoko Matsubara

Like many leaders in the cybersecurity space, the professional journey of Mihoko Matsubara did not necessarily begin with securing devices or technology. However, once she discovered it, she was hooked.

Discussing her career path with the Left to Our Own Devices podcast and how it opened her eyes to a world of security, Mihoko explained how she went from curiosity to university in Washington, D.C., became a Senior Security Analyst at Hitachi, then VP Public Sector Chief Security Officer at Palo Alto, and to her current position as the Chief Cybersecurity Strategist at NTT Japan.

Armed with data and the global perspective she picked up over her nine years as a Foreign Liaison Officer for the Japanese Ministry of Defense, Mihoko quickly stepped outside her comfort zone early on in her career to understand what was happening not just within, but outside of Japan.

Like many of us who narrow our news sources or focus on specific specialties, we become experts in what we do but require effort to explore peripheral events. Recognizing the importance of broadening perspectives in the cybersecurity domain, Mihoko sought to bridge the gap between Japan and the global community. This started by translating Japanese cybersecurity-related articles and incidents into English, making this vital information accessible to a wider audience. Her articles gained recognition when they were picked up by renowned publications like the New York Times and the Washington Post, signaling the impact of her work. Over time, she published a book in Japanese that educated executives on white hat hackers, black hat hackers, terminology, and other information that they must become aware of within their organizations to ensure smooth operations and secure assets.

Understanding the breakdown of attacks in the US, UK, Australia, and Japan. According to a 2021 study, the percentage of businesses impacted by a ransomware attack are 72% in the US, 78% in the UK, 80% in Australia, yet only 50% in Japan. What was even more surprising was the discrepancies in the percentage of companies who paid the ransomware demands– 64% in the US, 80% in the UK & Australia, with a smaller 20% paying in Japan.

These numbers that show a large variation in Japan’s favor can potentially be attributed back to hosting the 2020 Olympic Winter Games. “Back in 2013, we found out that Tokyo would host the Olympic games in 2020 and it was a big moment in Japan. Everybody, including the central government, local government, big companies, academia saw it as a wakeup call,” said Mihoko. “We had to make sure that we have clear deadlines to enhance our national security capabilities to an appropriate level. But we all know that no matter what we do, bad guys won’t stop carrying out cyber attacks. We have to create a good ecosystem.”

The measures put in place for the Olympics still doesn’t stop the increasing number of small to medium businesses that are being targeted, something that every government around the globe is struggling with. On the one hand, Mihoko shares that unsurprisingly, “We have the same struggles as every other country looking to fill vacancies in critical cybersecurity roles.”

However, awareness is rising amongst the population. “Japan is on the same page with Israel and the U.S. We have an acute shortage of good cybersecurity professionals. We have universities to provide computer science degrees and also have programs in cybersecurity but they are more technology focused,” said Mihoko. But looking to the future, she pointed out “A community university in the western part of Japan has made cybersecurity a standard course for all incoming students and it teaches the technical aspects of cyber attacks. They also teach about cybersecurity policies and strategies and it makes sense to bring this holistic view since it’s something that affects everyone.”

Since writing her book, Mihoko has written extensively about policies and issues faced by the Asia Pacific region. In Japan specifically, the government is enacting new economic security measures, expected to be released later this year, with new regulations to secure supply chains and critical infrastructure. This is similar to the Biden Administration’s cybersecurity strategy in the US that views cybersecurity as not only a national security issue but an economic security issue.

Ultimately, cybersecurity impacts every part of our lives. From the cars we drive, to critical infrastructure, and medical devices, it’s a global effort to keep one another secure. “Cybersecurity is related to everybody because every single person on this planet uses it every single day for their daily lives or business or academic work,” said Mihoko. “So anything you do for your work for daily lives it is related to cybersecurity.”

Mihoko Matsubara’s journey exemplifies the power of knowledge, bridging cultures, and fostering collaboration to protect our digital world. Her contributions continue to shape the landscape of cybersecurity, ensuring a safer future for us all.