The number of cyberattacks continues to rise every day. It is virtually impossible to prevent malicious intrusions anymore. Here at Fujitsu, we reviewed our current internal security organization, devised a defense structure and established a system to protect the safety of the organization. The following offers you some of our practical know-how.
Cyber-Attack Threats Unable to Be Manually Removed by Humans
One billion monitored logs per day, two thousand targeted emails and attacks blocked per day - these are the actual numbers and represent the attacks launched against Fujitsu from April to September 2016. The number of attacks has increased dramatically since 2014. Many departments are indiscriminately under attack from both domestic and international sources.
It is utterly impossible for humans to manually repel mass attacks. Although many companies install various security tools, these tools do not handle all threats automatically. Given such a situation, Fujitsu has been implementing a systematic response with a wider perspective.
The Importance of Dividing Security Organization and ICT Department
One difference in Fujitsu's security organization is having a Chief Information Security Officer (CISO) separate from the standard Chief Information Officer (CIO). The CISO formulates security policies, compiles objectives for security control, and heads up security measures. This includes monitoring the implementation status of countermeasures and creating an evaluation system. In addition, the CISO is responsible for educating employees about security.
Why does it have to be a CISO, not a CIO? That is because, a security structure headed by a CIO means that if investment in ICT is curbed, then investment in security may also be curbed. Therefore, dividing the security organization and the ICT department is important to isolate our approaches to security investment and ICT investment.
Our security center is positioned as one of the risk management divisions and located in the General Affairs and Risk Management Headquarters. This is because we identify information security as one of the risks that we need to address as a company, such as product and service issues, disaster prevention and compliance.
Anticipating Invasions with Multilayered Security
Fujitsu's security measures feature multi-layering. We assume that threats to security will enter the company and use multilayer protection to protect important information. What is important is what kind of information is protected and how. The methods of protection differ depending on the contents of the information.
Therefore, Fujitsu adopted measures that revolve around three axes, combining various security measures: (1) information security to protect information, (2) cyber security for defense, and (3) physical security in facilities such as offices and work places
Security is guaranteed by configuring measures in such a multilayered manner and taking organization-based responses based on a clear operational process.
Fujitsu has installed security monitoring devices in branch offices and bases around the world to collect logs. The target being monitored is massive, and PCs alone total hundreds of thousands. Monitored logs can go up to about one billion per day. To deal with these numbers, tools such as firewalls, targeted attack detection devices, antivirus software and DNS are used to automate analysis, and threat bearing logs requiring action are separated from normal communication logs. Therefore, we have been promoting security operations so we won't miss any suspicious events.
Our main focus is on communication between the endpoints of the internal network. The enormous number of endpoints cannot be handled with infiltration tactics - knowing how far to automate is the key. Going forward, the number of devices to be monitored will rapidly increase with the progress of IoT. In these times, it goes without saying that all security technologies must be strengthened - and at the same time, we believe security must be comprehensive, including multilayered security and threat response systems.
Therefore, Fujitsu plans to leverage our expertise gained through our experience providing in-house security solutions, and provide customers with our strengthened total solution package.