Fujitsu Launches New Total Support Service for Security Management, Opens Advanced Security Analysis Facilities
Nov 18, 2015
Hybrid-cloud compatible service responds to diversifying cyber attacks
Tokyo, November 18, 2015
Fujitsu today announced the availability of FUJITSU Security Solution Global Managed Security Service, along with four entry-level security services, as part of its FUJITSU Security Initiative, a coordinated set of security-related products and services. Global Managed Security Service will provide integrated security-management support for the diversified ICT environments of its customers.
Global Managed Security Service is built on the knowledge Fujitsu has gained through its own operations. It includes real-time monitoring of cyber attacks using proprietary malware-detection technology developed in the Fujitsu Group, and advanced incident response and continuous security management to provide total support from deployment onward. This service will be implemented as part of the operational platform for FUJITSU Digital Business Platform MetaArc to provide high-quality services quickly and globally.
Fujitsu is also introducing new entry-level services that enable customers to incrementally deploy cyber-attack countermeasures, including the ability to easily detect malware infections on PCs and identify the nature of the damage.
Furthermore, on November 18 the company opened two locations of the FUJITSU Advanced Artifact Analysis Laboratory, in Tokyo and Yokohama, which collect up-to-date security information from around the globe and perform advanced analyses.
Fujitsu will remain committed to using a wide range of security products and technologies, globally offering integrated services and solutions that help its customers maintain optimum levels of security, and helping its customers and society stay safe and secure.
As all organizations rely increasingly on ICT for their operations, many organizations are confronting the problem of keeping themselves and their ICT infrastructure secure in the face of increasingly sophisticated and elaborate cyber attacks, with a special emphasis on rapid detection and response in security management.
Most organizations do not have the people with the expertise to combine different security products and respond quickly and assuredly to proliferating cyber attacks. Fujitsu is filling this need with the new service, which builds on the store of knowledge the company has accumulated to provide optimized security management for customer ICT environments.
About Global Managed Security Service
As a first step, Global Managed Security Service provides total assistance to customers in Japan and to Japanese companies around the world. It begins with a setup service, in which the customer's existing system is audited and weak spots are identified. This is necessary before engaging the security-management service, which handles cyber attacks by providing 24 hours a day, all year round monitoring in real-time, incident response, and ongoing security-management assistance such as training.
In the event of a major incident, highly skilled experts will conduct a security-violation investigation, which includes a malware and log-file analysis and a digital forensic examination of the collection and analysis of traces left in the system.
- Based on Fujitsu's in-house practical knowledge Global Managed Security Service uses the knowledge that Fujitsu has gained from running an internal network that connects approximately160,000 people in the Fujitsu Group around the globe, as well as from maintaining stable operations in global services such as MetaArc.
The security-management deployment template that is based on this knowledge takes at least 1.5 months to complete, from understanding the state of the current ICT environment to beginning the security-management service. Based on what it learns in its internal practices, Fujitsu will continually enhance the functions and quality of the Global Managed Security Service.
- Accurate malware detection using proprietary technology Using the Malicious Intrusion Process Scan, a technology developed by PFU Limited to detect targeted cyber attacks, the service can detect in real time cyber attacks that might slip past existing countermeasures such as sandboxing(1) , reducing the risk of targeted cyber attacks.
This technology uses an "attacker behavioral-transition model," which is built on observations of the behavioral processes of attackers that have penetrated organizations, and compares activities to the flow of attack behaviors immediately after a penetration to achieve a high degree of accuracy in detections.
- Cloud-friendly Global Managed Security Service is designed to work well with multi-cloud environments and hybrid cloud environments. In customer systems that use Fujitsu's cloud services, a highly skilled expert will determine the extent and urgency of incidents when they occur, and will work with the customer to switch cloud environments to minimize the operational impact of the incident. In the event of a major incident, experts will conduct log-file analyses and forensic analyses to identify the attack methods and the severity and extent of damage, including cloud environments.
FUJITSU Security Solution Global Managed Security Service
Four New Entry-Level Security Services
In Japan, Fujitsu is also offering four new entry-level services to support customers with different levels of cyber-attack countermeasures.
1. FUJITSU Managed Infrastructure Service Hidden Malware Survey Service (PC log analysis)
Using technologies from Fujitsu Laboratories, this service can easily investigate malware-infected PCs and the damage status.
A service engineer uses Fujitsu's proprietary inspection tools onsite to check for the presence and spread of malware. Customers do not need to install any tools or prepare their network, and can quickly identify PCs most at risk of malware infection, and get advice on removing and avoiding infections.
2. FUJITSU Security Solution Malware Survey Service (Network log analysis)
With this reporting service, sensors are installed on the customer's network that include Malicious Intrusion Process Scan, which is technology that detects targeted cyber attacks, and traffic on the customer's network is monitored to look for malware infections or potential infections. The service takes roughly 1.5 months from when it begins until the first reports, and customers can quickly get a status overview of the current system, and are able to swiftly develop countermeasures.
3. FUJITSU Security Solution Incident Response Training
This service provides training in responding to incidents based on current trends in cyber attacks, as well as changes in day-to-day security management, the external environment, and attack methods. Using the countermeasures from the training will help customers continuously improve the robustness of their security management.
4. FUJITSU Security Solution Targeted E-mail Attack Drill
In line with training objectives, this service covers developing and carrying out training plans, including examinations of the contents of mock attack e-mail messages. Support includes information on issues that arise during training and support for handling them based on past experience, trends in training results and suggestions for improving them.
FUJITSU Advanced Artifact Analysis Laboratory
In collaboration with PFU Limited, Fujitsu opened the FUJITSU Advanced Artifact Analysis Laboratory in Tokyo and Yokohama on November 18 to collect security information from around the globe and perform advanced analyses.
The facilities will have environments for performing malware and digital-forensic analyses, will analyze security incidents and malware found with Global Managed Security Service, and will use multiple sources of information about threats to discover and analyze new attack methods. New insights resulting from these analyses will be fed back into Global Managed Security Service to improve intrusion detection, analysis, and response.
Security Home Doctor
In the second half of 2015, Fujitsu FSAS Inc. began rolling out across Japan an initiative known as Security Home Doctor that provides one-on-one consultation to support customers who have not been able to take the time to collect information on security measures or implement them, who do not know what to do or how far to go, and who do not know how to respond appropriately to infections. It provides the customer with proposals based on the security profile of the customer's organization and ICT environment, an investigation of system vulnerabilities, and things to do in the event of an infection.
Fujitsu FSAS aims to expand Security Home Doctor staff numbers to 1,000 in Japan within fiscal 2017.
FUJITSU Security Initiative Larger View (91 KB)
Stay up to date with the latest industry developments: sign up to receive TelecomTV's top news and videos plus exclusive subscriber-only content direct to your inbox – including our daily news briefing and weekly wrap.