Keynote Speech 1

Policy Approaches to Strengthen Cyber Security in the Financial Sector

Hiroshi Harano

Head of Cyber Security Planning Group

Financial Services Agency of Japan

Cyber-attacks have been occurring around the world in recent years. In Japan, cyber-attacks have been causing business disruptions, information theft, and financial damage. The threat of cyber-attacks has become one of the top risks that could affect the stability of the financial system. In light of these threat trends, we will introduce the measures taken by the Financial Services Agency (FSA) and explain the desired responses by financial institutions.

S-1

Security Strategies to Confront Cyber Threats in DX/AI era

Tsuneo Tosaka

Field CISO - Enterprise

Fortinet Japan G.K.

Cyber attacks are deploying/expanding faster than ever before due to international conflicts, geopolitical risks from Trump tariffs, and the growing uncertainty caused by the DX/AI drive. the complexity of the IT environment has expanded the attack surface, and security measures are becoming more complex as incidents increase. This presentation will discuss security hardening and Zero Trust's security strategy necessary to confront evolving cyber threats.

S-2

Security Measures That Ensure Recovery - The New Standard for Business Continuity -

Taira Fujita

Senior Sales Engineer

Absolute Software K.K.

As cyberattacks continue to intensify, the suspension or removal of security tools poses a significant risk for financial institutions. This session highlights two key aspects: agent persistence and rapid recovery capabilities. The focus is on how the Absolute Resilience Platform enables financial institutions to establish robust systems capable of withstanding cyber threats, through features such as self-healing, automated recovery of critical applications, and remote OS restoration.

S-3

Innovation in Financial Cybersecurity: Autonomous Defense through AI, Operations, and Trends

Akane Mo

Enterprise Sales Representative

SentinelOne Japan K.K.

The financial industry remains a prime target for cybercriminals due to its vast repositories of sensitive data and high-value transactions—facing 300 times more cyberattacks than other industries. In this session, we will explore how AI-powered cybersecurity platforms enable financial institutions to quickly detect threats across endpoints, identities, and the cloud, and autonomously respond to neutralize them. We will also cover the latest security trends and share practical insights on how to effectively operationalize these advanced technologies in real-world environments.

Panel Discussion

Practical Response to Short-term Risks for Financial Institutions (Mainly Banks, etc.)

<Moderator>

Tomohiro Kuchino

Director

KPMG AZSA LLC

<Panelists>

Azusa Takeyama

Director

Bank of Japan

Hiroyoshi Koizumi

General ManagerSustainability Risk Management Office, Risk Management Department

Mizuho Financial Group, Inc.

In May 2025, the Network for Greening the Financial System (NGFS) published new scenarios for assessing short-term climate policy and climate change impacts, as opposed to the traditional long-term climate scenarios. In response to this, experts from various fields, including financial institutions, supervisory authorities, and financial advisory, will gather to discuss the current situation and practical response issues related to short-term climate change risks based on an overview.

S-4

Frequent Security Incidents at Outsourcing Partners and Their Countermeasures
~Why are security checklists prone to irrationality?~

Yuya Ueki

Security Expert

Assured, Inc.

Recently, there have been many cases of incidents occurring at outsourcing companies, leading to information leaks and business suspensions for the outsourcing companies.
As a countermeasure, various companies are using "security checklists," but these have become a mere formality and are causing problems with the workload.
In this presentation, our security experts will explain countermeasures.

S-5

Safeguarding Financial Trust: DMARC & Phishing Defense

Ken-ichi Kirihara

Senior Consultant

TwoFive, Inc.

In the financial industry, domain spoofing and phishing remain serious threats. This session will highlight DMARC-based defenses and the latest practices to detect and take down diversified attacks such as fake websites and social media abuse, sharing how “visibility → detection → rapid response” can protect both brand and customers.

S-6

The reality of Account Theft Targeting Customers and the Methods of Monitoring IT

Masato Hori

Senior Sales Engineer

Kela KK

Crimes that exploit stolen accounts to cause harm to customers have been increasingly uncovered and prosecuted. Stolen credentials are misused for fraudulent transactions, resulting in severe consequences for financial institutions. Accounts leaked from Infostealer-infected devices are immediately traded on underground markets and fall into the hands of attackers. In this session, we will introduce early detection mechanisms that monitor such circulation and protect customers to prevent further damage.

S-7

Visualizing OSS Vulnerabilities and Leveraging SBOM to Mitigate Supply Chain Risks

Masato Yoshii

Senior Manager

Sales Engineering Black Duck Software G.K.

Japan’s Financial Services Agency (FSA) cybersecurity guidelines emphasize supply chain risk management as a key priority. With the growing use of open source software (OSS), identifying and managing vulnerabilities has become critical for financial institutions. This session explores how Software Bill of Materials (SBOM) can be used to visualize OSS components and improve software transparency. By detecting vulnerabilities and managing software composition, organizations can reduce supply chain risks. We will share practical examples of tool usage and implementation steps, offering a technical roadmap for financial institutions to strengthen application security and align with regulatory expectations.

Keynote Speech 2

Threats in Cyberspace and Police Efforts

Atsushi Nemoto

Director of Cybercrime Prevention Office

National Police Agency

The environment surrounding cyberspace is constantly changing, and the threats to cyberspace continue to be extremely serious. In this lecture, we will explain the threats in cyberspace that the police are aware of, and discuss the police efforts to deal with them, as well as the measures that financial institutions are required to take and the recent topics of discussion.

S-8

-Pioneering a New Era- The Evolution and True Value of Cross-Financial Industry Cyber Exercises

Ryo Uchimi

Executive Officer & Principal Consultant

Newton Consulting Ltd.

When it comes to large-scale, cross-industry cyber exercises, the FSA's DeltaWall and the Shinkin Central Bank's cross-industry drill stand out as two of the world's largest and most impactful. These two exercises, which collectively bring together over 300 organizations, are powered by our company's cyber exercise know-how and our 'dan-lo' exercise platform. This session will delve into the critical aspects of practical incident response and cyber resilience, highlighting how our 'dan-lo' platform makes it possible.

S-9

Visualizing Insider Threats and Preparing for Complex External Risks with AI
– Enabling Log Integration, Automation, and Visibility in the Financial Sector with Exabeam Nova and UEBA –

Tetsuki Umehara

Senior Sales Engineer

Exabeam Japan K.K.

We will introduce a new security operations approach that leverages AI and machine learning to visualize, analyze, and automatically respond to signs of insider threats and increasingly complex risks. With Exabeam Nova and behavioral analytics technology, we support rapid and accurate countermeasures against information leakage risks in the financial industry.
This session will focus on the following key points:
What are “anomalous behaviors” detected by AI?
Automation and visualization enabled by Exabeam Nova
Use case in the financial industry
How to manage risks from former employees and privileged users
A new approach to “connecting and visualizing” security logs

S-10

Introducing Thales’ Latest Authentication Services for Financial Institutions

Satoru Haga

IAM Reginal Sales Manager

Thales Group

'This session introduces Thales’ latest authentication products and services for financial institutions. We will cover multi-factor authentication, single sign-on, and access management, showing how these solutions strengthen security while improving user convenience. Thales supports financial organizations in building a safe, reliable, and efficient authentication infrastructure that meets regulatory requirements and enhances the customer experience.

Keynote Speech 3

Risk Management as "My Business": Sensitivity Expected for Management of Financial Firms

Kiyotaka Sasaki

Visiting Professor

Hitotsubashi University Business School

In parallel with the heightened cyber attacks and financial crimes, an increasing number of misconducts by financial firms as well as supervisory actions by JFSA have been noted. Rapidly changing environments surrounding financial industry, failure of corresponding risk management, a lack of proper corporate governance and culture as root cause seem to be common backgrounds. Risk management for my own business and corporate value, not for others including JFSA, could be presented;