The trend of the Cyber Security and the efforts of NEC. December 9 th, 2015 NEC Corporation

Transcription

1 The trend of the Cyber Security and the efforts of NEC December 9 th, 2015 NEC Corporation

2 Agenda 1. NEC Corporate Profile 2. NEC s Activity for Safer-City 3. NEC Cyber Security Solution 3.1 Security Operation Center 3.2 Cyber Intelligence(Operation Support) 3.3 Capacity Building (Cyber Training and Exercise) 4. Collaboration with Global scope

3 1. NEC Corporate Profile

4 Who We Are Leading social value innovator Provides telecommunications, IT and Enterprise business solutions Around 102,000 employees worldwide USD 30.7 billion net sales in FY consolidated subsidiaries Headquarters: Tokyo, Japan 115 years of brand success Business activities in over 167 Countries and territories World's Top 100 Most Innovative Organizations * Fortune Global 500 company * World s Top 100 Most Innovative Organizations for 2013 (Thomson Reuters) 4 NEC Corporation 2015

5 ICT Technology For Social Infrastructure NEC enriches Human Life through improvement of Infrastructure by using state of the art ICT Technology Submarine Cable Seismometer Harbor Ocean Air Navigation Biometrics Security ))) Factory Airport ))) Train ERP e Banking ATM Bank Enterprise Road Digital TV Transmitter e Medical TV Studio )))))) Tower )))))) Broadcast VIP Facility Postal Hospital Administration Logistics Space Communication Satellite Observation Satellite e Government Flood Control Leakage Detection Fire St. Dam/ Water ))) ))) Telecom Retail POS Energy Underwater Surveillance Production Control ITS Train Video Communication Surveillance Post Fleet Management Disaster Automation Prevention Sys NEC s ICT Technology for Social infra & System Broadband Network Smart Energy Next Generation Network Technology High Perform & Reliable IT Platform Technology Sensors & Devices Technology Cyber NEC s focus solutions security Cloud Big data SDN 5 NEC Corporation 2015

6 2.NEC s Activity for Safer-City Global Safety Division

7 NEC s approach for Cyber Security Solution Development NEC established professional organization Global Safety Division " in Singapore (April 2013). Government Military Global customers Police NEC driving force Global Safety Division Project promotion NSS Division <General Manager> Hiroyuki Nagano Well-known Security Operation knowledge. Technical advantages upon implementation at Security related Systems. NECs Other Divisions Strategic planning ASEAN customers Cyber Security Strategy Division Telecom Energy Banking subsidiaries Alliance Partners Cyber Defense institute Infosec inc.. 7 NEC Corporation 2015

8 NEC s Cyber Security Factory Overview NEC has established NEC Security operation Center in June 2014 to accumulate the incident response, malware analysis by cooperating with Japanese specialized security companies. NEC provides security incident monitoring system, operation supporting and training services that based on the security operation know-how. High level security operation company. NEC took over 60% shares from Mitsubishi Corp. in Infosec Corporation - Managed Security Service - SOC System Integration - Penetration Testing National Security Solutions Division Cyber Defense Institute - Penetration Testing - Malware Analysis - CSIRT design - Cyber System Integration (Design & Implementation) Top level white hackers group. NEC acquired 100% shares from Itochu Corp. in Many supply records regarding cyber security system to national security agencies over two decades. 8 NEC Corporation 2015

9 3. NEC Cyber Security Solution

10 Current Issue of Cyber Attack Responding in Asia Cyber attack which attacks vulnerabilities of specified system is mainstream incident instead of visible attack such as DDoS attack. It is very hard to confirm all the damages because of the sophisticated hacking approach. Important tasks to work on are environmental improvement against the threat for the government and Personnel training Threat Year NW attack (DoS/DDoS) Issue Lack of systematic response Attacks are invisible Lack of information Shortage of personnel Spam mail Issues to be addressed Virus/Malware Web hacking Targeted attack Leakage of Internal Info. 10 NEC Corporation 2015

11 Trend of Security incidents in Japan Number of incident 10,000 Scanning 9,000 8,000 Website defacement 7,000 6,000 5,000 Others 4,000 3,000 2,000 1,000 Phishing Malware Infection DoS/DDoS FY2008 FY2009 FY2010 FY2011 FY2012 FY2013 FY2014(-3Q) 3,551 9,944 10,467 8,112 20,083 26,687 14,254 Total number / Year 11 NEC Corporation 2015

12 Sophisticated hacking approach Professional agency invades a specific organization over a long period of time, and attacks obstinately. Unauthorized intrusion Spear phishing Attack Attacker 0. Prepare 3.Remote Control Investigating the specific individual's profiles Attackers (crime group, country) 1.Sending fake Spear phishing C&C server 2. Opening attachments (malware installed) Target Watering hole attack DDoS/DoS Attack Attacker 0. Prepare 3.Remote Control 1. Put a trap into web server. (web server often accessed by the target user. ) Web server C&C server Target 2. Accessing the web server (malware installed) VPN Attacker Even if the security level is high in your organization, attacks may be sent via a company you trust. 12 NEC Corporation 2015

13 Our continuous support for Customer NEC will continuously supports Customer, as a leading organization of Cyber Security in ASEAN 1.Security Operation Center Support of development of SOC 2.Operation Support of operation with our know-how Development of operation team And support the operation process 3.Training Skill development for operators and analysts Expansion of practical exercises scenario content Training and exercise of free scenario (Cyber range) 13 NEC Corporation 2015

14 3. NEC Cyber Security Solution 3.1 Security Operation Center

15 Overview of NEC s Security Operation Center SL NEC provides high-level environment to analyze the threat, that based on the system Integration experience to Japanese government agencies. Monitoring the network of each organization unit/firewall, and internal network by the security sensor constantly. Monitoring the state of the software and adaption patch which implemented on personal computers and servers constantly. Minimizing the damages by the threat analysis from various security management and incident information. Agency A Security Operation FW/IDS Center Agency B Internet Operator (Event Management) Analyst Agency n 15 NEC Corporation 2015 FW/IDS IDS/FW Department a Department b Log Management Department n Server Malware/Virus Detection Security Asset Management Collecting Concerned Info. Wide area Network /VPN Alert/Logs Network Gateway Threat Analysis Server Security Log Collecting Server

16 SOC Design & Development NEC covers all the range of cyber security products and services. NEC Group can offer many cyber security products based on the rich and advanced knowledge / know-how accumulated past / on-going programs 16 NEC Corporation 2015

17 3. NEC Cyber Security Solution 3.2 Cyber Intelligence(Operation Support)

18 2.Cyber Intelligence(Operation Support) Comprehensive cyber security support services provide one-stop services from the implementation to the operation monitoring and the emergency response in 24 hours a day, 365 days a year. Security consulting Vulnerability Assessment Penetration test Security system implementation Installation services Security log monitoring Network packet monitoring & analysis Operation monitoring service Web based malware detection Events unified helpdesk Security Operations Management Improvement support Improvement support Incident Recovery Installation Operation Comprehensive cyber security support services Periodic diagnosis service Security Operations Management PC forensic analysis Network forensic analysis Malware analysis Detailed analysis service Incident ~ Recovery Emergency response service Immediate on-site service for cyber incident 18 NEC Corporation 2015

19 Appendix. Evaluation of Cyber Security Factory NEC was selected as one of the major company of global security consulting market (top ranking in Japanese company in FY2014). Security Consulting Service Market Guide Security Consulting Revenue and Top Revenue-Generating Regions (Millions of Dollars) 19 NEC Corporation 2015 Gartner "Market Guide for Security Consulting Services, Worldwide" Jacqueline Heng et al., 24 August 2015

20 3. NEC Cyber Security Solution 3.3 Capacity Building (Cyber Training and Exercise)

21 Activities at Cyber Security Resources Domain in Japan Subscribe Study Course toward JAIST* *Japan Advanced Institute of Science and Technology Course Name: Cyber Range Structure Contribute against Cyber Security Resources Training (November, 2014) Develop the cyber range platform and exercises contents Joint Research Design exercise scenario Collaboration Implement the cyber exercise environment on large-scale network(starbed) National Institute of Information and Communications Technology Virtual exercises environment 21 NEC Corporation 2015

22 The activity of Cyber Security Response NEC joined Japanese Ministry of Internal Affairs and Communications Project "CYber Defense Exercise with Recurrence(CYDER)", cooperating with government, industry and academia, to train security operator and analyst. This Cyber Exercise provides government and industry IT administrators with Cyber Security Training. Objectives Personnel training of highly integrated Information System administrator Period From July, 2013 to November, 2015 Details Teams of 2-4 people Experience Targeted Attacks under Simulated large networks 2 day training (Lectures on first day morning, the rest is exercise) Practice Scene 22 NEC Corporation 2015

23 Training program NEC s cyber exercise is based on the public and private sectors collaboration practice and platform in Japan. Correspondence to the latest cyber attack Providing scenario contents in procedure of actual correspondence. Select from the several types of pre-order attack scenarios. Experiencing the appropriate corresponding, in addition to understanding the latest attack method. Providing the original step up program Based on the trainee's skill and the purpose of the exercise, select the menu of "Advanced course for analyst" and "Basic course for engineer". The result of evaluating-list checks diagnose each trainee's skill. Supporting the procedures needed for actual incident response. The most suitable trainee's correspondence is experienced under the support of the tutor directly. 23 NEC Corporation 2015

24 4. Collaboration with Global scope

25 Intelligence Control System Security Center (CSSC) Participation to Public/Private project led by Japan Ministry of Economy, Trade and Industry. Activity to secure critical infrastructure and control system. (November 2013) Academic Japan Cybercrime Control Center (JC3) Industrial end-user JC3 Industrial Security related Japanese version of US led National Cyber-Forensics & Training Alliance (NC-FTA) Public/private and academia joins forces to neutralize the cyber threats and crimes Police NEC Executive VP is the JC3 Representative Director. NEC leads this effort. (Established/Joined November, 2014) Collaboration with Cyber Attack information service companies Collaboration with Cyber Attack Information Service company Norse in order to reinforce proactive cyber security focusing on information and speed. (December. 2014) 25 NEC Corporation 2015

26 Partnership and Collaboration with INTERPOL INTERPOL and NEC signed partnership agreement to enhance Global Cyber Security. NEC provides Cyber Security Technologies which includes Engineers, Systems, and Knowledge for IGCI, Interpol Global Complex for Innovation in Singapore. INTERPOL Secretary with NEC (Awarded December, 2014) INTERPOL Global Complex for Innovation (IGCI) in Singapore (image) 26 NEC Corporation 2015

27 NEC brings together and integrates technology and expertise to create the ICT-enabled society of tomorrow. We collaborate closely with partners and customers around the world, orchestrating each project to ensure all its parts are fine-tuned to local needs. Every day, our innovative solutions for society contribute to greater safety, security, efficiency and equality, and enable people to live brighter lives.

28