One of the world’s biggest manufacturer for electronics and electrical products, Mitsubishi Electric revealed that they were hacked, and found out last year in June 2019. Mitsubishi may have compromised personal and corporate data, but confirmed that there was no breach of sensitive data on defence, electric power, railroad, confidential technical data, important client information and other information on critical infrastructure.
In response, Shlomie Liberow, Technical Program Manager at HackerOne stated, “While it is unclear exactly how the hackers breached Mitsubishi, what does seem to be clear is that Japan is suffering from a shortage of cyber security professionals. To help bridge the gap, we see many organisations deploy technology to take on security tasks, however, they are coming to realise that technology is only as good as the people implementing it. Technology will only get a company so far, organisations really need skilled humans to fully understand the attacker mindset and how they work to exploit vulnerabilities and infiltrate networks. As a result of this, organisations must try to not only build systems that are secure, but also to build teams that are capable of responding to security incidents quickly and effectively.
For many organisations today, the first time they experience a security incident is an actual attack. Methods such as Red Team Engagements and Bug Bounty programs can be used to simulate malicious actors in a controlled way, allowing organisations to practise responding to security incidents and develop muscle memory for when a real attack occurs.”
