December 15th saw the annual Rakuten Global Chief Information Security Officer (CISO) Conference featuring over 40 of Rakuten’s top security experts along with external vendors coming together to talk shop on Rakuten’s cutting-edge approach to privacy, cyber and information security.
Beginning in 2017 with the establishment of Rakuten’s Global Security Governance initiative, this annual event brings together the global Rakuten security community to share thoughts and ideas on the latest security trends as well as best practices on how Rakuten can continue to provide best-in-class privacy and information security.
Building bonds through digital trust
The 2021 theme focused on the concept of “digital trustworthiness” and how, in ever-evolving digital markets, the need for human consumers to trust the security resilience of the technology they interact with is more critical than ever.
“With the rapid pace at which society is changing all around us, the need for digital trustworthiness in technological systems is increasingly critical for enterprises.”
This year’s session was a hybrid model with Japan-based CISOs gathering in person, and global CISOs joining remotely. This assembly of security leaders was designed to reaffirm Rakuten’s commitment to providing services that consumers can trust, where interactions with any of Rakuten’s diverse portfolio of 70+ services provide a safe, secure and private user experience — along with the promise of ethical usage of personal data.
Global collaboration among security experts
The livestreamed conference kicked off with overviews of the current in-house security approaches from information security, privacy and cyber security perspectives, and how these three pillars connect to form the cutting-edge governance scheme in place across the entire Rakuten Group.
Prior to the conference, attendees were invited to view a wide selection of pre-recorded tech talks from some of Rakuten’s top security and privacy experts from all the Group’s regions. Close to a dozen different hot industry topics were covered, all presented from the perspective of how Rakuten is incorporating digital trust through cyber security or privacy initiatives.
The Global Privacy Office’s Mina Iwanaga’s detailed the Act on Protection of Personal Information (APPI) — an upcoming Japanese privacy law amendment — focused on improving consumer protection through stricter controls placed on data transfers and the expansion of user rights, and what this means for Rakuten in 2022.
“[Rakuten CISO Conference 2021] was designed to reaffirm Rakuten’s commitment to providing services that consumers can trust, where interactions with any of Rakuten’s diverse portfolio of 70+ services provide a safe, secure and private user experience — along with the promise of ethical usage of personal data.”
In addition, the Information Security Office’s Edward Mao spoke about Rakuten’s Payment Card Industry Data Security Standard (PCI DSS) implementation — an initiative to reduce cyber security risks by installing a variety of controls, such as the tokenization of financial data to protect customer information and reduce credit card fraud.
Creating a secure “digital workplace”
In addition to timely customer-facing topics, the conference also covered key internal initiatives. The Corporate IT Department’s Stephen Yukita spoke on how digital trust is paramount for the internal operations for employees of Rakuten Group. Detailed were the three pillars of Rakuten’s internal Digital Trust approach: strong identity, device trust and compliance, and working toward VPN-free access to internal networks. These components contribute to Rakuten’s future vision of creating a “digital workplace” that ensures security is with every user, with every resource at every access point, whether physically present in a Rakuten office or not.
With the rapid pace at which society is changing all around us, the need for digital trustworthiness in technological systems is increasingly critical for enterprises. With the One Team spirit of its global security experts, Rakuten is poised to be an industry leader in providing digital products consumers can trust, in the New Normal and beyond.