1. Uvance Wayfinders
  2. Leaders Message
  3. Redesigning security for an era of AI-driven cyberattacks: Find the risks attackers see—and build systems that deny them freedom to operate

Find the risks attackers see—and build systems that deny them freedom to operate

Redesigning security for an era of AI-driven cyberattacks

Why do so many organizations remain vulnerable—even after investing in security measures?

As cyber incidents surge, security has become a core management issue. According to a survey by Teikoku Databank, more than 40% of large enterprises surveyed have experienced cyberattacks. Many of these companies deploy proven tools end-to-end, and appear to have no obvious vulnerabilities or configuration flaws. And yet, they still get hit.

One reason is that security initiatives often become performative. Implemented without being tested for effectiveness and leaving critical “big holes” unaddressed. What is needed now is a firm commitment to business continuity: revisiting business processes through the “attacker’s perspective,” and redesigning security accordingly.

Uvance Wayfinders, Fujitsu’s consulting arm, includes security professionals with deep frontline expertise. In this conversation, two leaders share what today’s threat landscape demands—and what enterprises must prioritize to close the gaps that still remain.

* This article is an excerpt from an advertisement published on Nikkei Business Online with permission from Nikkei BP. (Unauthorized reproduction prohibited)
* Titles and affiliations are as of the time of the interview.

1. Surprisingly many companies are leaving “big holes” unaddressed

At Wayfinders, Takeshi Sato leads security consulting and is widely recognized as a cybersecurity professional. In his previous role at a security firm, he spent nearly a decade hacking the systems of more than 200 Japanese corporate clients as a “white-hat hacker ” (an expert engaged by companies to test defensive strength), making hidden security risks visible.

“Large enterprises take security seriously. On the surface, there are no glaring vulnerabilities or configuration errors. They’ve deployed a full set of security products,” Sato notes. “But from an attacker’s point of view, many still look extremely vulnerable. I suspect a majority of enterprises stop at implementation—they don’t evaluate effectiveness. As a result, an astonishing number of companies leave ‘big holes’ in place.”

Supply-chain attacks—where smaller firms are compromised first, then used as entry points into larger enterprises—are often cited as common. But Sato stresses that company size does not necessarily correlate with defensive strength. “Attackers can break in directly. If there are no public-facing vulnerabilities or configuration issues, breaching via exposed servers can be difficult. So where do they go? Endpoints. They enter through endpoints, seize AD (Active Directory, a centralized mechanism for managing internal user privileges), and spread ransomware. From the attacker’s perspective, it’s a straightforward approach—and not particularly difficult.”

Based on his work alongside incident response teams, Sato also notes that breaches are often discovered not internally, but through external notifications or third-party reports. “Many companies don’t notice on their own. That suggests there are cases where damage has already occurred—without them realizing it.”

Satoshi Mihara, who oversees technology consulting at Wayfinders, adds that cybersecurity used to be treated like insurance. “Going forward, countermeasures must assume attacks are happening every day—every second. Even if you suffer damage, you need mechanisms that allow you to restore data quickly from backups and continue operations. And even if attackers gain access, you need to transform into an organizational structure and business processes that are resilient to attack—limiting the contamination of sensitive data and restricting system manipulation.”

In recent years, major incidents have been reported across Japanese enterprises as well. Security has become a central theme in modernization—and it requires redesign, grounded in a determination to continue the business no matter what.

Scene from an interview showing Takeshi Sato, Lead of Security Consulting, Uvance Wayfinders, Fujitsu Limited
Takeshi Sato
Lead of Security Consulting, Uvance Wayfinders
Scene from an interview showing Satoshi Mihara, Head of Global Technology Practice, Managing Partner, Uvance Wayfinders, Fujitsu Limited
Satoshi Mihara
Head of Global Technology Practice, Managing Partner, Uvance Wayfinders

2. Think like an attacker—and focus on what actually works

Today’s attackers have unprecedented firepower, using cloud services and AI to amplify their scale and effectiveness. “By using AI to generate variants of malware that succeeded in the past, it has become much easier to evade endpoint detection. AI is accelerating attacks,” Sato explains. In other words: preventing intrusion itself has become extremely difficult. What matters is limiting what attackers can do after they get in.

That is where the “attacker’s perspective” becomes essential. Audit systems from the viewpoint of those trying to exploit them, while taking actions to close the “big holes” described earlier. For Wayfinders this is an important principle—and a key differentiator from approaches that focus primarily on checklists or tool adoption.

“For example, if your environment allows attackers to easily obtain Domain Admin privileges after intrusion, then no matter what defenses you put in place, it’s game over once they’re inside,” says Sato. Common weak points include storing admin credential information on shared file servers; leaving environments exposed to Kerberoasting (an attack that steals service account passwords); or failing to correct weak configurations in the organization’s directory services. “Simply ensuring that these common techniques don’t work against you can dramatically improve security effectiveness.”

The attacker’s perspective also matters when evaluating new solutions. “Sometimes we’re asked about introducing cloud-based ID management solutions to strengthen identity controls. Solutions can improve convenience—but can also increase attack entry points. Instead of outsourcing security to products, tightening the basics—reducing the number of administrators, hardening password operations—can be highly effective on its own,” Sato says.

Security is not “solution-first.” The priority is changing rules and processes from a security standpoint to close gaps. When gaps are closed, even if attackers enter, they are slowed down—buying time to detect and contain them.

“Any measure is better than none,” Sato adds. “But the key is identifying what is truly effective. That’s where the ‘attacker’s perspective’ matters. If common techniques don’t work and there are fewer admins, it becomes much harder to attack.”

Scene from an interview showing Satoshi Mihara and Takeshi Sato, Uvance Wayfinders, Fujitsu Limited

3. Spending more or spending smart? The flag-bearer who makes the difference

As a large enterprise with vast numbers of endpoints and boundaries to protect, Fujitsu positions security as a top management priority. As a result the company can offer customers tried and tested measures that Fujitsu has practiced and found effective internally. This is a major strength. Mihara explains: “We are rebuilding our own security based on the attacker’s perspective. The practical technologies and know-how gained through that work are directly applied in Wayfinders consulting.”

Many consulting firms follow a textbook process, propose mechanisms and tools, and stop there. Fujitsu, by contrast, can support end-to-end implementation—recommendations, deployment assistance, and operational support. Fujitsu also works with most security products in the market and has hands-on technical knowledge.

Scene from an interview showing Takeshi Sato, Lead of Security Consulting, Uvance Wayfinders, Fujitsu Limited

“Each product has strengths and weaknesses. For one specific attack, one product may detect it while another may miss it,” Sato notes. “We analyze and understand product characteristics from the attacker’s perspective.”

Mihara continues: “Japanese companies are increasing security spending—but the problem is what’s inside that investment.” Even spending ¥10 billion may not prevent significant damage. On the other hand, a ¥3 billion spend can frustrate attackers—if it funds the right measures. The issue is not the amount; it is the ability to judge what connects to effective defense.

Sato emphasizes that security starts with governance—policies and rules—viewed from both management and operational perspectives. “If you leave this only up to consultants or SI vendors, you won’t achieve effective measures,” he says. Wayfinders approach is to start by understanding the business processes.

Scene from an interview showing Satoshi Mihara, Head of Global Technology Practice, Managing Partner, Uvance Wayfinders, Fujitsu Limited

With IT talent shortages a constant challenge, can companies do enough? Sato argues that quality makes the difference: “If you have one excellent ‘flag-bearer,’ your security level can improve dramatically. If they can set priorities and choose effective measures, then subsequent frontline work—vulnerability management, framework compliance, and so on—can be supported by AI.” The flag-bearer does not necessarily have to be internal. What matters is confronting real risk through approaches such as Red Team testing, then continuously optimizing measures to increase effectiveness.

4. As AI evolves, security becomes an even greater management priority

As AI-driven automation advances, security will become even more complex. “Today, AI is still responsible for single functions within business processes. But going forward, AI will make more important decisions and begin to control operations and data,” says Mihara. “When autonomous AI agents start communicating with one another, the number of points that must be defended expands dramatically.”

If the number of AI agents in an enterprise grows to 100,000 or 200,000 and they begin exchanging data, the number of potential targets increases. Organizations will need measures such as defining, in detail, what data types and access levels each AI agent is allowed to handle, controlling what can and cannot be transmitted through agent communications, and isolating compromised agents to minimize damage.

“AI agents will function like human employees,” Sato adds. “It may be difficult to completely prevent them from being compromised and data being stolen. Even if we accept that the endpoint may be hacked, we need measures that prevent that compromise from spreading across the organization. Whether humans or AI run operations, the result is the same if you leave ‘big holes’ unaddressed.”

Simply deploying tools does not guarantee the business or information assets are protected. Companies should build a solid foundation aligned with international standards such as the CSF (Cybersecurity Framework), while continuously evaluating effectiveness and implementing the measures that are truly necessary.

As AI reshapes the business environment at ever increasing speed, security requirements will inevitably evolve as well. What is needed now is redesign: reviewing the current state from the attacker’s perspective, in parallel with transforming business processes and IT environments, and rebuilding security itself. Wayfinders aims to maximize practical effectiveness cultivated through real-world experience—and close the “big holes” that still remain in enterprises.

Satoshi Mihara
Head of Global Technology Practice, Managing Partner, Uvance Wayfinders

Head of Global Technology Practice, Managing Partner, Uvance Wayfinders, Fujitsu
Satoshi Mihara graduated from the School of Political Science and Economics at Waseda University. After working at a domestic systems integrator, an overseas IT vendor, and in business management within the retail industry, he joined Accenture in 2007. Subsequently, he led data utilization projects as Managing Director and engaged in consulting primarily for the financial and retail industries. He joined Fujitsu in June 2024. Leveraging his extensive technical knowledge and experience, he is driving global expansion and transformation in the technology consulting domain at Uvance Wayfinders.

Satoshi Mihara

Takeshi Sato
Lead of Security Consulting, Uvance Wayfinders

Takeshi Sato has extensive experience in cybersecurity, specializing in attack simulation and countermeasure planning to help organizations visualize security risks and optimize their strategies. After positions involving vulnerability assessment and SOC analysis at a major telecommunications company, he led Red-Team testing operations and a white-hat hacker team at a global security vendor. In 2025, he joined Fujitsu to leverage his practical expertise in cybersecurity under Uvance Wayfinders and drive the advancement of next-generation security consulting.

Takeshi Sato

Careers

Uvance Wayfinders is looking for individuals who are fearless of change. Professionals seeking to create new consulting services while boldly using technology to help our clients transform and grow. Join our diverse team, the source of innovation, to create a better future together.

Explore our career opportunities
a person standing at a table with a laptop and a red object
page top