Cyberattacks are becoming more sophisticated and adept at targeting companies, groups, and government offices. The Recruit-CSIRT team works diligently to protect Recruit Group’s 200+ services from cyberthreats.
As a provider of over 200 services, Recruit Group (RG) is entrusted with a massive amount of customer and client information. RG takes the responsibility to protect this data extremely seriously.
RG believes that it is crucial to conduct cybersecurity efforts in-house in order to keep important information secure. That’s why the group formed a specialized security team to carry out all incident response procedures and analysis: Recruit-CSIRT (Computer Security Incident Response Team).
When the initiative was introduced back in 2014, RG prioritized mobilizing the resources and approvals necessary to build an in-house security team from scratch. Akiteru Kamoshida, who today is head of Recruit’s Security Management Division, led the charge. As the founding member of Recruit-CSIRT, Kamoshida decided on the following goals: to be the best CSIRT in Japan in three years and to be a workplace that security engineers are happy to be a part of. To accomplish these goals, he began recruiting expert security engineers who would help accelerate Recruit’s growth and commit themselves to protecting the company’s services and sites.
Recruit-CSIRT has gradually grown into a strong team that reliably detects and counters threats to RG’s businesses. The team focuses on early detection and prevention of cyberthreats in order to minimize damage and conduct analyses that inform Recruit’s business decisions. Team members are known around the group as “the happiest geeks ever,” who are proud to protect RG’s data and contribute to Japan’s growing cybersecurity community.
Thanks to the team’s expertise and quick execution, Recruit-CSIRT has also helped defend Japan from foreign cyberattacks: In late 2015, the team discovered a rare type of malware—an APT (Advanced Persistent Threat) attack by a group of overseas hackers. After conducting a forensic investigation, the team reported the malware attack to the Japan Computer Emergency Response Team Coordination Center (JPCERT/CC). Then, in order to give RG’s group companies more time to deploy defensive measures, Recruit-CSIRT engineers expedited the development and installation of new rules in RG’s network and client-monitoring systems to detect the malware’s next attempt. When the system was attacked again, the team was able to immediately deploy countermeasures. This time, they also obtained a sample of the malware and shared it with JPCERT/CC, which dispatched an early warning alert to other companies to prevent the damage from spreading.
Today, Recruit-CSIRT is one of the leading cybersecurity response teams in Japan—and one of the only organizations actively involved in the ongoing development and education of the Japanese cybersecurity community. Recruit-CSIRT consistently shares analyses of software vulnerabilities with the public. These efforts have been praised nationwide—RG received a letter of gratitude from JPCERT/CC in 2017 and a Ministry of Internal Affairs and Communications Award honorable mention for cybersecurity in 2018.
In the words of Japan’s 2009 Second National Strategy on Information Security, we live in an “accident-assumed society.” The pace of technological advancements is accelerating and the world is becoming more interconnected—cyberattacks will continue to be a problem for every country. Recruit-CSIRT understands this reality and strives to avert every attack before it happens, and share information about the incidents that do happen so that other businesses can be prepared.
RG will continue to cooperate closely with government offices and security organizations to protect Japan’s systems and databases.