On June 11, 2025, Mercari launched its internal talk session series “Leaders Talk! AI/LLM Behind the Scenes Open Door.” The sixth and final session of this radio-style series featured CISO Naohisa Ichihara (@ichihara) as the guest and was moderated by Gomi Hayakawa (@gomichan) from the AI/LLM Office.

The two engaged in a lively, casual discussion about Mercari’s security initiatives in the AI/LLM era.

Over the course of their one-hour talk, @ichihara channeled his background of playing in a band and, in sharing his philosophy, drew parallels between security and the spirit of rock n’ roll. In this article, we take a look behind the scenes at the philosophy and approach driving Mercari’s security teams in the age of AI.

*This article was composed and written using AI tools based on the day’s audio recording. This English version was translated from Japanese using a custom generative AI model interface trained using Mercari style guides, glossaries, and past Mercan articles.

The role of the CISO as a “mixed martial artist”

@gomichan: To start off, what exactly does a CISO do, and what responsibilities does the role entail?

@ichihara: CISO is short for Chief Information Security Officer. At organizations worldwide, those responsible for security typically hold the title of CISO.
The scope of my role covers almost everything—from the product to the product environment, to IT systems, tools like Slack and Google, and even contracts. I handle everything from determining what data is used and where personal information is stored, to establishing governance rules and conducting ongoing monitoring.

@gomichan: That sounds like an incredibly wide scope of responsibility!

@ichihara: That’s it exactly. Because the role involves so many disciplines, people tend to describe it as a form of “mixed martial arts.” That’s why our organization is divided into about seven or eight teams, each with its own area of expertise.

A “rock n’ roll-style” approach to security

@ichihara: I often talk about wanting to be an enabler¹, not a blocker. When I talk to CISOs or other security leads at different companies, including those doing PoCs, there still aren’t many that use AI as extensively as Mercari does.

1. In this context, an enabler is someone who helps bring ideas to life.

@gomichan: It’s rare to see a company take such a company-wide, decisive approach to transformation.

@ichihara: Conventionally, security and privacy reviews often begin by blocking things to avoid risk, and that’s widely accepted as the norm, which literally makes us something akin to blockers. But I think being an enabler means taking a proactive stance—it’s got that rock n’ roll spirit that favors the bold, energetic, and dynamic.

Even as we enable new things, there are always unknown risks—things even we can’t predict. That’s why we also need to act like firefighters who monitor for and respond to potential sparks before they turn into flames. This “firefighter mindset” perfectly captures the stance of Mercari’s security teams. Instead of waiting until everything is perfectly safe, we move forward with an awareness of the risks, monitor constantly, and act swiftly when something happens.

Three key principles behind Mercari’s approach to security

@ichihara: Our Security & Privacy division operates under three guiding principles: “By Design,” “By Default,” and “At Scale.”

The first principle, “By Design,” means incorporating security from the very beginning—thinking through risks, running simulations, and addressing issues before implementation. It’s the idea of building security and privacy into a system’s design from the start—what’s often referred to as “Security by Design” or “Privacy by Design.” Rather than adding safety features later, this approach ensures more reliable and efficient security by embedding it in the design phase.

The second principle, “By Default,” is closely tied to how we use AI. Customarily, teams were required to go through certain steps or approvals to ensure security—but that often slowed down workflows. Instead, we aim for a state where security happens naturally—where risk mitigation processes are built in from the start so that teams can work safely without having to be consciously aware that their safety is being protected.

The third principle, “At Scale,” is about scalability. As the business grows and the number of people and devices increases, we aim to build systems that can scale without adding more headcount. If our systems can scale without needing to rely on more outsourcing, we can avoid becoming a cost bottleneck. Not many companies have achieved all three of these principles. It’s an ambitious challenge, and we’re proud to be taking it on.

Real-world AI applications of security teams

@ichihara: As of August 2025, we’ve put about a dozen AI-powered tools into active use. One of these tools was developed last year by our team member @simon. It supports peer reviews and self-assessments.

Simply put, when you specify a date range—for example, from January to the end of June—the tool uses AI to summarize Slack conversations during that period, surfacing contributions and involvement in specific projects. In June alone, when we reran our evaluation cycle, it was used over 9,600 times, and the cost is surprisingly low. It’s remarkable to have a company-wide tool that delivers such high performance for such a minimal cost.

@gomichan: What are some of the other areas where you’re using AI tools?

@ichihara: We’ve also used generative AI to develop training materials that teach privacy concepts in an engaging manga comic format. Honestly, traditional e-learning material—delivered through slides or text and bearing a due date—can be a bit dull (laughs). We first tried video content, and from there came the idea that material created in a manga format could make learning more fun, so we made it happen.

We’ve also achieved great results by automating external service reviews. Tasks that previously required us to check websites manually are now handled using AI, cutting the workload roughly by half.

“We want to be a team people can turn to freely”—the launch of Mercari’s AI Security Team and what lies ahead

@ichihara: Not too long ago, we officially launched a new AI Security Team; that happened in July. In addition to creating AI risk assessment standards and streamlining review processes, the team also addresses technical risk factors. One of its key missions is to clearly articulate technical risks, which are often difficult for non-specialists to grasp, and to establish balanced monitoring systems.

We often remind people that “it’s faster to ask” than to use AI tools in silence. There have already been a few close-calls caused by people using AI tools without consulting us, so we always encourage everyone to reach out to us. Above all, we ask that people check in with us before they use a new AI tool.

@gomichan: So basically, you’re saying, “We’re not here to scold anyone,” right?

@ichihara: Yeah, that’s exactly it. It’s more like, “Don’t worry—we’ve got you.” Incidents are easy to foresee when there’s no prior consultation. That’s why we see our open, supportive approach as a vital element of our competitive strength.

For Mercari to thrive as an AI-native company in this new era, first and foremost, we have to stick to one rule: Don’t let incidents happen. A major incident would force us to strengthen governance to maximum levels, which would make the organization heavy and sluggish.

Some people say they get nervous when a security team member shows up. I get it—we’re the team that activates when incidents happen—but honestly, we’re all outgoing, rock n’ rollers! So please feel free to talk to us anytime. We’d love for everyone to get to know us better (laughs).