I moved to the information security department and realised the need for practical knowledge

I have worked in a variety of roles including sales, revenue management and performance evaluation. With the launch of the Information Security Administrator Examination (merged with other examinations in 2008), I was interested in information security, because I thought the public will become more concerned about security. After more than 10 years of self-education and working in a non-security related job, I finally moved to the information security department three years ago, and I realised the need for practical knowledge. Two people from our company have previously studied here and are now working in security within the company. I wanted to learn as much as they did, so I kept asking to the company for support, and with the help of my boss, I was able to enrol as part of the company's education programme.

Learn about the human element of security in a variety of interactions

Before entering IISEC, I thought that information security was a system-based business with a technical focus, such as cryptography. At IISEC, I learned that "this field has a strong human element, which is influenced by ethics and organisational behaviour". This knowledge broadened my horizons and I am now actively studying management subjects as well. I also attended joint lectures using a video conferencing system, with students from other universities, such as Keio University, as well as special lectures by people in charge of security departments at companies, which gave me a broader knowledge. In addition, Prof. Harada's research lab, to which I belong, has a customary overnight seminar camp, and both current and former students attend. One of the great advantages of this graduate school is that it opens up a wide variety of interactions that you cannot find in your company.

My dissertation examines the PCI DSS, the unified standard for the card industry, from a practitioner's perspective

I entered IISEC through my company's programme, so I chose a topic for my Master's dissertation that is directly related to my work. The credit card industry is currently in the process of implementing the PCI DSS, a unified standard for the secure handling of member data, which requires very strict requirements. I intend to write a practical dissertation on the subject, examining the standard from a practitioner's point of view, whether they are practically feasible and whether the shortcomings can be compensated by other mechanisms. Credit cards will become ever more important for the 2020 Olympics. I would like to study hard and apply my knowledge to make Japan a safer place to use credit cards.