Cyber Security

What is Cybersecurity?

To strengthen cybersecurity is the essential issue that should be addressed by the entire country as cyberattack is increasingly complicated and sophisticated. In recent years, conventional technology such as installing antivirus software or firewall is no longer effective to fend off cyberattack and in fact the damages caused by cyberattack is increasing dramatically these years.

Organizations and companies are required to work on many types of countermeasures such as technical measures, maintenance and operational measures, as well as take proactive action and enhance the awareness of top management are also important to defend cyberattack.

Actions against Cyberattack

Cyberattack is a technical attack carried out literally in cyberspace. The control of cyberattack by authorities become strict due to the number of damages caused of cyberattack is increasing recently. For example, in the finance industry, while updating the guidelines such as safety measures standards issued (aimed at) for major financial organizations, in which additional description regarding “Proactive/reactive Action Against cyberattack” will be included.

Cyberattack Defense Structure in Finance Organization

Based on “Report of the review meeting from the expert regarding action against cyberattack”, establish and arrange the appropriate correspondence such as; proactive measures, heuristic measures, reactive measures and set up criteria for education and training. Also, operational standards and technical standards in which involved preventive measures for illegal money transfer via internet banking or/and precautions for users will be revised.

(Separate from FISC Security Guidelines on Computer Systems for Banking and Related Financial Institutions , gathered information referred to cyberattack technique, case studies of cyberattack damage and examples of good countermeasures will be provided to the finance organization for well-understanding of the action against cyberattack.)

Guideline for using cloud services at finance organization

Based on “Report of the review meeting from the expert regarding using Cloud Services at finance organization”, < operational standards No.108 (Standard of Using Cloud Services)> will be revised thoroughly from the following points:

- Clarification of cloud provider selecting procedure
- Clarification of the agreement contents with cloud provider regarding safety measures
- Preventive measures for information leak in services currently use
- Preventive measures for information leak in termination of the services
- Prepare and conduct the on-site audit and monitoring

To review the case studies regarding unauthorized information transporting by outsourced contractor

Based on countermeasure from hearing survey regarding case studies of unauthorized information transporting, in this revision as temporary correspondence, review the technical measures is as target measure.

As for governance of outsourced contractor management, in which discussed next year with expert and will be reviewed based on it

Reviewed contents in the temporary response
- Example measures for access restrictions to important data
- Example measures of restrictions to use external storage media, bring-in and bring-out
- adapted from: The Center for Financial Industry Information System and FISC Security Guidelines on Computer Systems for Banking and Related Financial Institutions

What need for organizations?

To protect against cyberattack, organization required to take multiple countermeasures.

Mentioned at the beginning that exploit techniques of cyberattack become more and more cunning and one of the traditional attack is “targeted e-mail attack”

Targeted e-mail attack is the specific attack to break net-work security of the organization by means of opening an attachment form an email which contained a virus. Upon determined the target, send emails in which titled credible for target and assumed as if it was an important notice then force receiver open the unauthorized attachment form.

This example shows that techniques of cyberattack is increasingly improved and sophisticated.

It is difficult to defend cyberattack completely with technical measures, therefore, take effective measures from multiple prospective is essential to against threats of cyberattack.

There are various types of measures against cyberattack will be found from multiple viewpoints.

As for defending current cyberattack, it is commonly said that taking an exit counter-measure (measure for communication from inside of the network to outside) is important than just only take entry counter-measure (measure for communication form the outside to inside of the network). Additionally, for example Bow-tie-Analysis is also effective approach to defend cyberattack. (refer to below figure). Taking this measure make possible to analyze the cause and result from the both side.

Our Cyber Security Support Service

Interests in cybersecurity is increasing and Newton Consulting provides variety types of cyber security systems to defend cyberattack and ensure customer’s security system

Cybersecurity Assessment Services

Target enterprise	Customers require knowing the effectiveness of current cybersecurity objectively Customers require knowing the gaps between “what is should be” Customers require knowing insufficiency regarding cybersecurity or overdone
Service Outline	Evaluate your correspondence for cybersecurity as an organization from the context of maintenance (document inspection, interview), operational management (on-site inspection, interview) and checking points (evaluate vulnerability, penetration test, cybersecurity exercises) Provide training tool Training exercises Advice for setting up improvement policy, etc..
Term	2-month to 3-month
Deliverables	Cybersecurity Assessment Plan Cybersecurity Assessment Sheet Cybersecurity Assessment Report Road Map
Support Steps	Preliminary research (system environment, the status of establishment of Cyber Attack Defense Manual, Risk Assessment regarding cyberattack) Planning Cybersecurity Assessment Evaluation (documents, interview, on site survey and scanning IT systems) Creating Cybersecurity Assessment Report Hold reporting meeting

Cyber Resilience Improving Services for Finance Organization

Target enterprise	Finance organization who require to know the improvement of cyber resilience objectively
Service Outline	Evaluate your cyber resilience established as organization from the context of maintenance (document inspection, interview), operational management (record confirmation, on-site inspection, interview) and checking points (evaluate vulnerability, cybersecurity exercises) Determine Evaluation Criteria Provide training tool training exercises advice for setting up improvement policy, etc..
Term	2-month to 3-month
Deliverables	Cyber Resilience Evaluation Planning Cyber Resilience Evaluation Sheet Cyber Resilience Evaluation Report
Support Steps	Inspection for current situation Determine the policy for proactive action against cyberattack Clarification of the role of CSIRT and related divisions Clarification of activities in time of peace and emergency Documented information regarding CSIRT operation

CSIRT Development Support Service

Target enterprise	Customers who required to develop CSIRT but doesn’t know specific way of its procedure target:Members compose CSIRT based on IT system division,etc
Service Outline	Support to develop CSIRT effectively such as training and exercises in preparation for cyberattack whenever in time of peace or emergency Support to develop CSIRT operation CSIRT operation support both in time of peace and emergency CSIRT Exercises and Training support
Term	2-month to 3-month
Deliverables	CSIRT Operation Policy Book Set of support tool for CSIRT development CSIRT Operation Manua
Support Steps	Inspection for current situation Determine the policy for proactive action against cyberattack Clarification of the role of CSIRT and related divisions Clarification of activities in time of peace and emergency Documented information regarding CSIRT operation

CSIRT Exercise and Training Support Service

Target enterprise	Customers already developed CSIRT but have concerns whether it works or not Customers require verifying effectiveness of CSIRT exercise and training Customers require finding out the issues of CSIRT through its exercise and training target: CSIRT member
Service Outline	Provide total support from scenario development for exercise and training to facilitation on the day of exercise.
Term	2-month to 3-month
Deliverables	CSIRT exercise and training plan CSIRT exercise and training scenario Set of support tool for CSIRT exercise and training Evaluation report for the result of CSIRT exercise and training
Support Steps	Inspection for current situation Determine the policy for proactive action against cyberattack Clarification of the role of CSIRT and related divisions Clarification of activities in time of peace and emergency Documented information regarding CSIRT operation

Targeted E-mail Attack Training Support Service

Target enterprise	Organizations require implementing Targeted e-mail attack training on a regular basis
Service Outline	Conduct training both physical and logical way to defend targeted e-mail attack which is rapidly increasing these days and verify its effectiveness Training Program Development Provide training tool Training exercises Advice for setting up improvement policy, etc..
Term	2-month to 3-month
Deliverables	Targeted e-mail attack training plan Support tool for Targeted e-mail attack training Report for the result of targeted e-mail attack training
Support Steps	Agreement for enforcement policy (target number of participants, timing for the implementation, etc.) Provide training tool Clarification of the role of CSIRT and related divisions Training exercises Preparation for the report for the result of training

Training Support Services for Proactive action against cyberattack

Target enterprise	Customers who already established countermeasure against cyberattack but never verified its effectiveness Customers never have conducted cyber exercise and training Customers have already conducted cyber exercise and training, still require knowing more effective action plan Customer require to find out the issues from cyber exercise and training
Service Outline	Provide total support from scenario development in which included CSIRT and top management to facilitation on the day of exercise. Training program development based on arranged manuals Prepare training tool Training exercises Support to plan response to training issue
Term	2-month to 3-month
Deliverables	Cyberattack defense exercises, training plan Cyberattack defense exercises, set of support tool for conduct training Cyberattack defense exercises scenario Cyberattack defense exercises, the training result report
Support Steps	Inspection for current situation Determine the policy for cyberattack defence training Develop the training program for cyberattack defense training Prepare cyberattack defense training Conduct cyberattack defense training Compile the result of cyberattack defense training

Cybersecurity Training Program for the Top Management

Target enterprise	Customers require knowing the extent to which involvement of top-management to cyber security Customers require to know how the top-management be involved in cyber security Customers require knowing the case studies of other companiesn
Service Outline	To understand the reason and way of involvement of Top-management to cyber security With introducing the examples of other companies. Current situation of cyber security Case examples of damage, success case study of proper correspondence Simple (basic) Workshop Effective countermeasure Lesson and Conclusion
Term	2hours
Deliverables	Set of training material (current cyber security environment, failed example of other companies, success case study, simple workshop, required-roll for top management, etc.) Questionnaire result
Support Steps	Current situation of addressing cyber security, hearing survey for issues Agreement for the date, process on the day and contents Conduct training Compile the questionnaires, etc

Evaluate Vulnerability Service

Target enterprise	Customers require confirming the vulnerability of their IT system and network
Service Outline	Experienced our consultants with international qualification such as Certified Ethical Hacker or Licensed Penetration Tester evaluate your security level based on global standards. Regarding to newly detected vulnerability, it is possible to evaluate the latest vulnerability as it detected in the most updated data base. Current situation of cyber security Case examples of damage, success case study of proper correspondence Simple (basic) Workshop Effective countermeasure Lesson and Conclusion
Term	1-month to 2-month
Deliverables	Set of training material (current cyber security environment, failed example of other companies, success case study, simple workshop, required-roll for top management, etc.) Questionnaire result
Support Steps	Current situation of addressing cyber security, hearing survey for issues Agreement for the date, process on the day and contents Develop the training program for cyberattack defense training Conduct training Compile the questionnaires, etc

Support services to develop and maintain proactive action against cyberattack

Target enterprise	Customers haven’t developed nor maintained proactive action against cyberattack, or partially not maintained. Customers would like to work on the cyber security with entire the company. Customers require developing PDCA cycle related to cybersecurity
Service Outline	Support services to develop and arrange the risk assessment and introduce regulations, criteria and procedure related to cybersecurity to defend cyberattack as organization
Service Period	2-month to 4-month
Deliverables	Regulations, criteria and manuals related to cybersecurity Cybersecurity Risk Assessment Risk scenario Risk Management Plan
Support Steps	Preliminary research (current countermeasure for system, confirm the gaps within current operation, risk assessment related to cyberattack, etc.) Determine the policy for proactive action against cyberattack Scenario development for proactive action against cyberattack Establish countermeasure against cyberattack and procedure for emergency response Establish Risk management manual or IT-BCP (If necessary)