You Nakatsuru
With a background in security incident response support and malware analysis and countermeasure research, he joined Secureworks in March 2016. Currently, as a researcher on the Counter Threat Unit team, he focuses on investigating the latest cyber attacks, particularly those targeting Japanese enterprises. He is also actively involved in incident response and red team testing. Additionally, he has presented his findings at prestigious conferences such as the FIRST Annual Conference and CODE BLUE.
Session
Case studies like DarkVishnya, where eight Eastern European banks lost tens of millions due to physical intrusion and malicious devices, highlight the critical importance of addressing physical security. SecureWorks has included physical intrusion in red team exercises since 2011, with the Japanese team's intrusion success rate remaining at 100%. This emphasizes the urgency of improving physical security.
This session leverages extensive penetration testing experience to illustrate differences in physical security practices between Japan and the United States, presenting real-world cases from both nations. It offers practical insights for effectively countering physical threats. Analysis indicates that Japan’s relatively lenient security, influenced by low crime rates, leaves organizations vulnerable to intrusions through social engineering and inadvertent staff cooperation. Conversely, the U.S. enforces stricter measures due to higher risk awareness but remains susceptible to vulnerabilities driven by human factors. Both countries must tackle their exposure to social engineering. Attendees will understand how cultural contexts shape security postures and gain actionable strategies to strengthen defenses against these weaknesses.