Identify, Protect, Defend, Respond are the four key components to ensure safer digital environments. Here, Fujitsu provide insight
A decade ago, primary security concerns were satisfied by deploying and maintaining an effective firewall, in addition to keeping the permissions for devices and physical locations up to date. While organisations used the internet to maintain a website and for communications, an online presence wasn’t as ubiquitous as it has become today.
How things have changed! Today users expect to access information and departments on any device – and to do so from almost anywhere, at any time. Information really has become the new currency – and it’s available 24×7. It is commonplace today that employees bring their own devices into the organisation’s network, download and install software they have selected, and interact with corporate data on their own personal devices. What’s more, these devices are taken outside the workplace – still carrying access to valuable and sensitive data.
Citizens want to be empowered to reach services as and when they desire which creates huge challenges for national and local bodies to provide platforms that are resilient and information that is protected. The issues of data management, storage, access, and rights need to be paramount within any business or organisation where there is a transaction of information.
This new level of being interconnected brings untold benefits but it also creates new security challenges.
Against this backdrop, Fujitsu’s Global Cyber Security business protects government departments around the world against cybercrime of all kinds, strengthening their resilience against cyber-attack, as part of a globally-integrated security offering.
Fujitsu provides Managed Security Services from Security Operation Centres (SOCs) in Japan, North America, UK, Germany, Finland, and Spain, and aims to bring to market a wider range of security solutions, upgrading its SOCs to Advanced Cyber Threat Centres.
Our philosophy: Identify, Protect, Defend, Respond
Fujitsu’s portfolio of security solutions and services provides public sector organisations with peace of mind that their security is in good hands while they get on with running their business. Fujitsu aims to be the trusted digital security services provider, helping its customers predict and respond to cyber threats to protect their business reputation with an intelligence-led approach. Our key services lie in 3 areas:
- Predictive intelligent threat detection;
- Trusted delivery – expert-led professional and managed security services;
- Global 24×7 monitoring & response.
- Managed Security
One key service that Fujitsu offers to address this lack of time and skills is a fully managed security service. A key feature of this is continuous system monitoring that constantly keeps a watchful eye on internet traffic, looking out for potential attacks before they can do harm.
Fujitsu takes an intelligence led-approach to cyber security. Artificial intelligence systems monitor customers’ internet traffic for potential risks. Once identified, the team of experts located in one of the global SOCs can help customers rapidly take action.
Advanced Biometrics
Security challenges are not limited to the cyber world and the implications of sensitive information falling into the wrong hands remain significant. The most basic level of prevention involves controlling physical access to hardware or facilities. Traditionally, access to doors, devices, computers, and border controls have been managed by PIN code entry systems or by door tags – both systems which can be easily lost, shared, or stolen.
Fujitsu’s answer to the challenge lies in sophisticated biometric authentication – which can be applied to gain access to physical locations such as office buildings, server rooms or even to access personal mail boxes. Devices such as laptops can also deploy biometric authentication. The authentication is deployed in the easy-to-use form of palm vein readers. Called PalmSecure, this technology that is uniquely offered by Fujitsu, takes advantage of the fact that everybody has a unique pattern of veins in their body which can be used for highly secure authentication. It is hygienic, as no contact is required – users just need to wave their hands in front of the sensor. And of course, vein patterns can’t be lost or stolen and are only visible when blood is flowing through them.
Fujitsu Identity Access as a Service
Users of public systems today have dozens if not hundreds of usernames and passwords that allow them to log-on to countless on-premise systems and cloud services. Fujitsu’s identity as a Service is designed to reduce this complexity and to help businesses prevent hacks or fraud, by ensuring that only verified users can access selected systems, applications, data, and resources.
The browser-based service makes it easy to manage, create, adjust, and remove permissions from any connected device or location. It incorporates a variety of strong authentication methods, including user ID and password, Windows desktop login, single sign-on (SSO), CallSign authentication (based on a phone call and PIN code) and biometric authentication.
As well as the recent growth of ransomware, there are a number of trends that we expect to see in the near future which illustrates the increasing sophistication of cyberattacks:
- Many systems have ‘a blind spot’ – this lies in the encrypted channels that are designed to give remote workers easier access to networks. If taken over by a cyber-criminal, these channels can essentially provide access to the heart of a critical computing system and mean that nefarious activities are largely undetectable.
- Our state-of-the-art Fujitsu SOCs also expect to see cybercriminals continue to target financial applications. In particular, our experts predict that the SWIFT global payment network will be targeted, in addition to further growth in banking Trojans that are targeting older, more vulnerable back office applications. Although SWIFT is moving to establish mandatory controls, we still think it is a window of opportunity for cybercriminals.
- Smart cities will also find themselves targeted – many of the protocols designed for smart connected devices have their own potential flaws and vulnerabilities. The implications of this are wide-ranging and could include allowing hackers to disable power supplies or other infrastructure services. This would plunge entire cities not only into darkness but into disarray – because it’s also likely that phone systems would stop working – and could even impact on water supplies.
“Did you know?”
Fujitsu uncovered a massive ‘hit list’ of 385 million email addresses including many from government agencies and banks on a server hosted in Russia as part of its activity tracking a Dridex Trojan. The server was found in 2015, by following a trail of major customers who had fallen victim to hackers. For more information, see this video.
Further information:
The Fujitsu 2017 Security Predictions report.
Inside the Security Operations Centre:
Secure thinking: When it comes to cyber security there will always be vulnerabilities. How can you be confident that your information is protected?
Inside the Gates – The Banking Trojan Threat (Dridex Case study).
Phil Skelton
Cyber Security Specialist
+44 7867 835336
https://twitter.com/FujitsuSecurity
www.fujitsu.com/uk/services/infrastructure/security/
Please note: this is a commercial profile