Intranet and Endpoint Security by Expanding its Global Managed Security Service
damage done by targeted cyberattacks
Newswire) – Fujitsu announces its high-speed forensic technology(1) to identify
the extent of damage targeted cyberattacks cause to an organization’s intranet.
The new technology, developed by Fujitsu Laboratories Ltd. and to be made
available in Japan from June 2017, will accelerate time required to identify
damage, from several weeks with conventional technology to several tens of
minutes.
Fujitsu will offer the new technology as a
function added to its Fujitsu Security Solution Global Managed Security
Service, which provides integrated lifecycle support to strengthen security
resilience, mitigate risks and minimize damage of cyberattacks.
Fujitsu has also signed an agreement with
US-based Dtex Systems to launch solutions in Japan that combine Fujitsu’s
services with Dtex Systems’ advanced user behavior intelligence technology that
looks at the ordinary behavior of users at endpoints(2) such as PCs, and then
detects and analyzes behavior that suggests internal wrongdoing. The solutions
will detect and analyze risks of internal impropriety that could lead to
information leaks. These solutions will be made available and represent Dtex
Systems’ first collaboration in Japan.
Going forward, Fujitsu will continue to
contribute to the creation of a networked society in which everyone can feel
safe and at ease, and will support the business continuity of customers by
further strengthening its Global Managed Security Service using cutting-edge
security technology.
Background
The Cybersecurity Management Guidelines(3),
published by Japan’s Ministry for Economy, Trade and Industry and the
Information-technology Promotion Agency (IPA), call for companies to take such
steps as preparing an emergency response system if one is the victim of a cyberattack,
and preparing a system for rapid disclosure after damage has been discovered.
When subjected to a targeted cyberattack, it is important to prevent the damage
from spreading by taking rapid initial countermeasures such as identifying
where the attack has penetrated and removing attacked devices from the network,
but identifying the extent of an attack on an intranet requires advanced
technology and several weeks, making it difficult to rapidly determine attack
status and disclose it.
In addition, intentional internal wrongdoing by
someone related to an organization is one of the main causes of information
leaks, alongside targeted cyberattacks, and companies also face issues in
discovering this type of activity.
In order to resolve these issues, Fujitsu is
offering functionality that can rapidly identify the extent of damage from a
targeted cyberattack, and is expanding its Global Managed Security Service to
detect the risk of internal impropriety through its collaboration with Dtex
Systems. This will work to strengthen security on the boundaries between the
internet and an intranet, and also within intranets and endpoints.
Figure 1: Strengthened areas of the Global
Managed Security Service
New Functionality to Rapidly Identify the Extent
of Damage
A proprietary high-speed forensic technology
developed by Fujitsu Laboratories enables the rapid determination of the extent
of damage from an attack by detecting and analyzing only behaviors unique to
targeted attacks from internet communications data. With this new
functionality, the Global Managed Security Service monitors a customer’s
intranet 24 hours a day, 365 days a year from the Security Operation Center(4).
When an external intrusion from a targeted attack is detected, Fujitsu’s
security experts determine the extent of the damage in several tens of minutes,
using the high-speed forensic technology developed by Fujitsu Laboratories,
enabling rapid reporting to the customer.
With this functionality, customers can rapidly
grasp the infection pathway used by the malware sent by the attacker, and which
devices are infected. This means they can not only prevent the spread of the
infection by removing only infected devices from the network, enabling early
restoration of the attacked network environment, but they can also take
immediate countermeasures aimed at business continuity, minimizing the damage.
Figure 2: New functions utilizing high-speed
forensic technology
About the Collaboration with Dtex Systems
Dtex Systems provides technology that collects
metadata(5) of users’ ordinary behavior in business, such as usage status and
communications with outside parties, from endpoints such as PCs, and uses
machine learning to understand the pattern of action in ordinary times. With
this technology, it is possible to detect and notify supervisors of actions
deviating from ordinary activity patterns.
Fujitsu is now set to collaborate with Dtex
Systems in its first deal in Japan to offer solutions. Fujitsu’s security
experts will analyze the risks of internal impropriety leading to intentional
information leaks and other potential harm, supporting rapid countermeasures by
customers.
Comment from Christy Wyatt, CEO of Dtex Systems
“Insider incidents represent a majority of
data breaches globally, which makes understanding user behavior critical to
preventing data loss. We are thrilled to partner with Fujitsu, a trusted
industry leader, to offer comprehensive and scalable security solutions that
provide deep, contextual understanding of user behavior in Japan.”
Sales Targets
Sales of security-related products and services
of 300 billion yen per year in fiscal 2019.
(1) Forensic technology
Technology that collects and analyzes logs kept
on electronic devices such as PCs, providing clear evidence of unauthorized
access and information leaks.
(2) Endpoint
A computer or information device connected to a
wireless network or network device.
(3) Cybersecurity Management Guidelines
A document incorporating three principles
managers should recognize, and ten instructions they should give their Chief
Information Security Officers (CISO), in order for companies to promote
cybersecurity countermeasures under the leadership of management. This was
first formulated in December of 2015, and revised in December 2016.
(4) Security Operation Center
An organization that monitors and analyzes logs,
such as from security products, network devices, and servers, and detects and
notifies customers of cyberattacks.
(5) Metadata
Data (information) that provides information
about other data.
For the LATEST tech updates,
FOLLOW us on our Twitter
LIKE us on our FaceBook
SUBSCRIBE to us on our YouTube Channel!
