RISK & RESILIENCE
Cyber attacks dominate headlines across the world as global names such as JLR, M & S and Asahi find themselves targeted by malicious actors. Against this backdrop, Mihoko Matsubara serves as Chief Cybersecurity Strategist at Japanese tech giant NTT, where she leads global thought-leadership work on effective cybersecurity strategy for both public and private sectors.
Mihoko explains:“ While more people are concerned about cyberattacks, they are not necessarily familiar with technical aspects of cybersecurity.
“ My role is to explain the current threat landscape with statistics and regional or sector-based examples, as well as cybersecurity measures to take without using technical jargons.”
Her career spans the Japanese Ministry of Defense, US academic institutions and major corporations in Tokyo and Singapore. This blend of government, research and industry roles reflects her long-standing focus on strengthening international understanding of cyber risk and improving cooperation between organisations and nations.
She also writes extensively on cybersecurity, with three books covering cyber attacks from attacker and defender viewpoints, the nature of cyber warfare in Ukraine and the lessons Japan can take from both cyber and kinetic attacks faced by Ukraine.
Here, Mihoko sets out her insight on today’ s threat landscape and what organisations such as Asahi can do to protect themselves.
Q. HOW IS JAPAN’ S APPROACH TO DEFENDING CRITICAL INFRASTRUCTURE – PARTICULARLY MANUFACTURING AND UTILITIES – EVOLVING IN RESPONSE TO THE
RECENT SURGE OF RANSOMWARE AND OT-TARGETED ATTACKS?
» Japan is currently working to enhance its cybersecurity and resilience posture. The Active Cyber Defense Law passed in May 2025 is intended to minimise the damage caused by substantive cyberattacks that can compromise national security, while Japan has also established new requirements for critical infrastructure companies to enhance their cybersecurity practices under the revised Economic Security Promotion Act.
Japan had two wake-up calls. One was a ransomware attack on Kojima Press Industry Co., a major supplier to Toyota Motors in February 2022, that led to temporarily suspending Toyota domestic factories.
Another one is a ransomware attack on the Port of Nagoya, the largest commercial port in Japan, that paralysed their cargo shipping operations for two days. They urged Japanese companies to enhance their cyber defences.
Furthermore, Toyotimes – Toyota owned media – released a video interview with the President of Kojima Press Industry Co. about how his company and Toyota worked together to respond to the cyberattack and how leadership should behave during an incident. The industry appreciated the sharing of their lessons.
96 March 2026