Fujitsu Enhances Global Managed Security Service To Minimize Cyber-Attack Damage To Businesses

Provides new service to strengthen responsiveness to cyber-attacks and improve business continuity for companies and organizations

Fujitsu today announced that it has enhanced its Global Managed Security Service, which provides unified support in response to cyber-attacks across the lifecycle, including detection and prevention, analysis and countermeasures, and enhanced security resilience. Fujitsu will also provide the new FUJITSU Security Solution Security Resilience Enhancement Support Service from June in Japan, which will improve business continuity for companies.

The Resilience Enhancement Support Service, based on the Fujitsu Group’s track record and knowledge of business continuity gained by consulting for over 1,000 companies, helps customers set medium-term security countermeasure plans from the perspective of business continuity. This is achieved through simulated scenarios based on the customer’s industry and business conditions, and by quantifying the expected financial cost of damage to business caused by a cyber-attack. It also uses comparisons with the security countermeasure levels of other companies of the same scale in the same industry.

In addition, Fujitsu has signed a memorandum of understanding (MOU) with US-based Menlo Security, which has unique technology to clear out malware infections from websites and email. Through this collaboration, Fujitsu will strengthen the cyber-attack detection and prevention functions of its Global Managed Security Service with the aim of reducing customers’ risk of being the victim of a cyber-attack.

Using its cutting-edge security technology, Fujitsu will contribute to the safety and security of its customers and society by further strengthening its Global Managed Security Service.

Background

In recent years, as the momentum of digital transformation has picked up pace within companies and organizations, the areas where ICT is used have dramatically expanded. At the same time, however, the risk that a cyber-attack threat will impact business has also increased. Cyber-attack methods are becoming more sophisticated by the day, and because it is difficult to completely prevent all attacks, on the premise that an incident will occur, it is essential to quickly analyze the extent of a cyber-attack’s impact and its origins, deploy countermeasures, and strengthen organizational security resilience focused on cyber-attacks.

Because analysis must be left to experts when a cyber-attack occurs, however, it is difficult to grasp the status or extent of the damage in a short period of time. In addition, many of Fujitsu’s customers have raised the issue that they do not know what to do in order to strengthen resistance to cyber-attacks as an organization. Fujitsu is continuing to strengthen its Global Managed Security Service to resolve these sorts of issues.

New Resilience Enhancement Support Service

In order for management responsible for business decisions, as well as CSIRTs(1) and others, to respond quickly and appropriately in the event damage occurs as the result of a cyber-attack, Fujitsu carries out simulations, quantifies business damage, and visualizes security countermeasure levels based on the Fujitsu Group’s track record and know-how in business continuity consulting for over 1,000 companies. Through these methods, Fujitsu supports medium-term security countermeasure planning from the perspectives of business continuity and return on investment.

1. Identifying issues through cyber-attack simulations

As part of this service, Fujitsu creates scenarios of a variety of situations that can occur after a cyber-attack is detected, and carries out simulations to study how the customer should respond in that situation. This simulation of situations that occur when a company is the victim of a cyber-attack, and the impact of the attack on various stakeholders both inside and outside the company, can clarify existing issues in the response process and the policies that are necessary to be put in place.

This simulation is carried out on the basis of highly realistic scenarios based on the company’s industry and business conditions. Because it is a practical simulation, where customers are not informed of the content of the simulation ahead of time, it can more easily clarify the customer’s current situation. These simulations are also available to multiple customers as a simplified simulation in seminar form.

2. Quantifying the impact on business of cyber-attack damage and visualizing security countermeasure levels

By organizing the relationships between the customer’s system architecture and business processes, and clarifying the businesses and tasks impacted when a system stops due to a cyber-attack, Fujitsu can quantitatively calculate the expected cost of the damage.

Fujitsu will also visualize customers’ security countermeasure levels in comparison to the level of security countermeasures of similarly sized companies in the same industry, based on Cyber Security Management Guidelines stipulated by the Information-technology Promotion Agency and Japan’s Ministry of Economy, Trade and Industry, and on a wide variety of information security countermeasure benchmarks.

3. Setting medium-term security countermeasure plans

On the basis of the issues found through simulations, the quantified cost of damage, and the company’s current security countermeasure situation, Fujitsu will comprehensively analyze the customer’s optimal security countermeasure level, and support customers in setting medium-term security countermeasure plans with clear returns on investment that are highly effective for a specific customer.

With Menlo Security and its Unique Technology to Cut Malware Infections from Websites, Email

Fujitsu has signed an MOU to collaborate with US-based Menlo Security, which has unique technology to cut the risk of malware infections by eliminating illicit content intrusions from malicious websites and emails in an isolated virtualization environment before they reach users’ digital devices. Through this collaboration, Fujitsu is combining Menlo Security’s technology with the FUJITSU Digital Business Platform MetaArc, offering gateway-type(2) solutions that can automatically eliminate the risk of malware infection.

In addition, Fujitsu will further expand its FUJITSU Advanced Artifact Analysis Laboratory, opening a new location in California in the second quarter of fiscal 2016. At the laboratory, established in November 2015 in Tokyo and Yokohama, with the goal of aggregating and analyzing all sorts of information related to cyber security on a global scale, Fujitsu aims to collect, evaluate, and study information related to cutting-edge technology and products, deepen its global links with companies that possess advanced security-related technology, and continually strengthen its Global Managed Security Service by frequently incorporating cutting-edge technology.

(1) CSIRT                                                                                             Computer security incident response team. A general term for organizations that primarily monitor computers and networks for security problems, as well as analyzing the causes and investigating the extent of the impact if a problem were to happen.

(2) Gateway-type

Devices or software that relay connections between networks.