Alex Shim is an associate managing director and Cyber Risk practice leader for Japan and Korea at Kroll, based in Tokyo. Alex leverages more than 19 years of experience in digital forensics and incident response (DFIR), security information and event management (SIEM) integrations, vulnerability assessments, network security engineering and cyber security consulting. He is an expert in enterprise-wide advanced persistence threats (APT) and developing bespoke threat intelligence systems.
Before joining Kroll, Alex was director, security consulting for Japan and Asia Pacific at Blackberry Cylance, where he played a key role in building the practice, leading internal and channel sales partners. Prior to this, he worked at Mandiant, a FireEye company, where he helped establish the company’s security consulting practice in Japan and Korea reaching consistent revenue growth in the double and triple digits. He has previously worked at Ahnlab.
During his career, Alex developed and managed a variety of security systems, services and tools. In particular, Alex has extensive expertise leveraging modern Endpoint Detection and Response (EDR) tools to fight complex, persistent threats impacting organizations in Japan and Asia Pacific and provide greater visibility and assurance to clients in times of crisis. With frontline insight from leading enterprise-scale incident response teams, Alex can effectively guide organizations in the deployment of proactive solutions such as continuous monitoring, threat intelligence and training to significantly reduce cyber risk exposure.
At Cylance, he led enterprise-scale APT incident response (IR) engagements for up to 50,000 endpoints in Japan and Asia Pacific. He also developed an automated IR/threat intelligence system that helped organizations identify, respond and contain threats of all complexities using various open source forensic tools such as GRR Rapid Response, Plaso and Timesketch in a Kubernetes platform. In his role at Ahnlab, Alex built and managed a 24x7x365 security operations center (SOC), developed the company’s network and host security monitoring program and an inhouse threat intelligence system. Alex brings this unique mix of technical and business experience to assist clients in testing and boosting their cyber security resilience.
Computer Forensics
Kroll's computer forensics experts ensure that no digital evidence is overlooked and assist at any stage of an investigation or litigation, regardless of the number or location of data sources.
24x7 Endpoint Detection and Response
Intelligent Endpoint detection and response: Maximum confidence in data security
Virtual CISO (vCISO) Advisory Services
Kroll’s Virtual CISO (vCISO) services help executives, security and technology teams safeguard information assets while supporting business operations with augmented cyber expertise to reduce business risk, signal commitment to data security and enhance overall security posture.
