YKK is the largest manufacturer of zippers in the world. Look at the clothing or accessories in your wardrobe and it is likely you will see YKK branded zippers and buttons.

The company, founded in Tokyo, Japan in 1934, supplies over 10 billion zippers a year to major clothing manufacturers, who use them on jeans, jackets, handbags, wallets and more. YKK has even produced zippers used on space suits worn by astronauts.

The company forms a crucial part of the global clothing industry, with operations and partners in over 70 countries.

YKK customers include major apparel brands like Uniqlo, Nike, Adidas and Levi’s, while luxury brands including Louis Vuitton, GUCCI all Burberry use YKK fasteners.

As a vital cog in the clothing industry supply chain, YKK must ensure that manufacturing is not impacted by disruptive cyber-attacks and that confidential businesses data held by the company is not compromised.

In conversation with Infosecurity, Rod Goldsmith, regional cybersecurity leader at YKK Americas, shared his approach to the company’s cybersecurity strategy and how his team protects an organization that manufactures enough zippers each year to circle the globe 80 times against cyber threats.

Infosecurity Magazine: What are some of the key cybersecurity challenges for YKK as such an integral part to clothing supply chains?

Rod Goldsmith: Cybersecurity is king of the hill. Whether that’s around personal data, intellectual property or customer data, our partners expect us to keep their data safe, their designs secret and confidential.

Our reputation is very important. People look to us for good service. If they don’t trust that we are protecting their data or that we will be able to give them products on time because of downtime due to an incident, that could really harm our business prospects in the future.

We’re looking to keep a closer eye on our supply chain as well. We have a lot of remote users, so we need to be able to have real-time visibility and alerting on those systems when they’re not on the network. That is where we rely on SentinelOne’s WatchTower team for their quick response and a heads up on anything that goes hot, is very helpful for us as a lean team.

IM: What has been your biggest challenge since taking on the role at YKK?

RG: We were using a legacy tool which wasn’t performing as well as we would like it to.

We had 30 days of log storage with our old platform. Since adopting SentinelOne, we have now bumped that up to 90 days, so now we have the ability to peel back further to see what happened and learn lessons.

Our corporate cellphones are very important for executives, and they touch a lot of important information. Previously our corporate cellphones had some policies in place, but as far as threat management, there wasn’t much, so we’ve made changes there as well.

IM: What is your strategy for YKK Americas to ensure stability and cybersecurity resilience as a key part of a larger supply chain?

RG: The Americas as a region is the most targeted region in the world by ransomware and the manufacturing industry is the most targeted industry. So, we are in a position where we are facing a high volume of sophisticated attacks.

As a manufacturer, our bread and butter is our production environment, so we need to be able to secure our operational technology systems.

From a supply chain perspective, we need to maintain production by all means necessary. If office workers can’t work for a few hours, we can deal with that. But we need to maintain production at all times.

IM: How do you effectively communicate cybersecurity challenges to executive leadership?

RG: There are historical episodes we can refer to and recollect the experience of how things went there.

We are able to refer to authoritative frameworks and publications in order to share stats with our executives and let them know that we are the most targeted region, we are the most targeted industry for ransomware. Sharing with them those risks up front, giving them that foundation, is very helpful.

It’s also important not to be technical, but plainly describe the risk, what we’re looking at and the alternative if we don’t take action to protect operations.

The executives understand that cybersecurity is critical. But what’s most important to them is the business objectives and how we’re tying our cybersecurity strategy to the needs of the business. That’s reassuring to them.

IM: What are the benefits and challenges around AI in cybersecurity?

RG: The main benefit is time saved. There’s always something to do, whether it’s a fire you are trying to put out, or something you’re trying to be proactive about in advance. Whether you are testing controls or doing risk assessments, there’s always something to do, so time is valuable. Time saving is the biggest benefit for sure.

Also, it is a good way of learning things. We can get information a lot quicker and we’re able to learn while gathering those details, that’s the best part.

The worst part is that the bad actors are using AI much faster than we are, much more collaboratively than we are and probably better than the good guys are right now. It’s hard for us to collaborate as well as they do, as we’re all in different businesses.

IM: How are you using AI tools to help manage cybersecurity at YKK?

RG: I’ve been in cybersecurity for 15 years but my team is less experienced. So, SentinelOne Purple AI is helpful for generating queries, but we can write them in plain English to ask questions or look for help.

Not having to learn specific queries or learn every context around cybersecurity is helpful for my junior staff, but even for me, it is very helpful

Even if I want to just look at stats, if I want to know how many machines are offline today, for example, I can ask Purple AI and can get results fast and it’s really helpful.

IM: What is the most significant challenge in cybersecurity at the moment?

RG: From my standpoint, it’s personnel and resources. Businesses will say they are committed to cybersecurity but after you bring in the tools, you have all the alerts, things to do, you have policies in place which you must abide to  all of which requires personnel to work on. So, I think resourcing is the one.

Quantum computing is also something that we are thinking about. We want to make sure that that our vendors are taking steps to prepare for protecting our environments. When it comes, that’s going to be a trainwreck for organizations which aren’t prepared. So, it’s something we’re definitely keeping a close eye on.

IM: What has been the biggest success in cybersecurity in recent years?

RG: From my perspective, it’s intrusion detection systems. With SIEMs, for the most part, they have always been a supporting mechanism: they collect information, they report information and that’s it.

When I came into this role, I was very much looking for something that could collect that information, report that information, but also give us the ability to respond.

That is where XDRs have been a success. The ability to take the place of a SIEM and give you more avenues to respond quicker in some cases

IM: What’s one piece of advice you’d give to other cybersecurity leaders?

RG: It’s a lifestyle and you have to be committed to it; you have to take responsibility for it: you have to treat it like it’s your baby.

You make sure the company is taken care of, you make sure that employees can maintain jobs. Because attacks cost money, sometimes those attacks can result in people not having jobs.

Also, always be learning: because there’s always new things to learn and the field is very expansive. We’re not going to be able to know everything about everything, but we at least want to know a good bit about most of the stuff out there within our responsibility.

It’s good to be committed to that, but you have to commit to yourself first and take the time away when you need it. Because incidents can be very demanding, but taking a step away for personal care is important.  

Image credit:  Danishch / Shutterstock.com