2020/03/05Press Release
~Reduce 99.9% of vulnerability threats*1 Support ongoing cyber hygiene management~
Digital Arts Consulting, Inc. (headquartered in Chiyoda-ku, Tokyo; Tadao Matsumoto, President; hereinafter "Digital Arts Consulting"), a CISO service (security consulting service) for enterprise environments that require advanced cybersecurity measures, has signed a distributorship agreement with Tenable, Inc to provide "Cyber Hygiene Construction Support Service" utilizing "Cyber Exposure," a comprehensive platform for vulnerability assessment and compliance checking offered by Tenable.
With the Tokyo Olympics coming up in 2020, cyber-attacks have become significantly more sophisticated and diverse, and large-scale information leakage incidents have been frequent in Japan. Comprehensive corporate security measures have become an urgent need regardless of industry or company size, and organizations have been faced with the need to introduce, manage, and operate multiple security products and functions. However, with the spread of cloud computing environments, the expansion of IT asset storage areas, and the increase in the number of terminals owned by organizations, monitoring and protecting everything from corporate networks and servers to terminals requires an enormous amount of security personnel and costs, and there are also limits to measures such as strengthening organizational structures and educating employee literacy. Many companies and organizations are still at a standstill.
Under these circumstances, "cyber hygiene," a continuous security measure to keep an organization's IT environment, Internet connection environment, PCs, and other terminals in a healthy state, has been attracting attention recently as a measure to eliminate the risk of information leakage, system tampering, and service disruption due to any external attacks. Cyber hygiene has been attracting attention in recent years. Among the guidelines (CIS Controls*3 (formerly SANS Top 20 Critical Security Controls)) compiled by the SANS Institute*2 in the U.S., cyber hygiene is positioned as one of the top six highest priority measures, and it is important to manage and promptly apply patch information. Research has shown that managing patch information and promptly applying cyber hygiene controls can reduce vulnerability threats by up to 99.9%.
Based on the company's vulnerability management assessment technology, Tenable's Cyber Exposure is a platform that not only enables comprehensive cyber hygiene measures, but also provides "IT asset inventory and management," "vulnerability diagnosis," "threat analysis," and "prioritization of company assets" under network connection management, enabling comparison of industry standards and This platform enables comparison of in-house risk values and visualization of the highest risk within a company. However, in order to operate such a platform, it is necessary to secure personnel who have a high level of knowledge of cyber security and are capable of organizing and proposing improvements to operations in line with the realities of the client's business.
Digital Arts Consulting will start offering "Cyber Hygiene Construction Support Service" utilizing Tenable's "Cyber Exposure" based on the consulting experience and knowledge in the field of cyber security that we have conducted in a variety of companies. By providing this service, we will build an optimal cyber hygiene environment for our clients and accurately identify cyber risks to realize high quality and continuous security measures.
Digital Arts Consulting consultants will organize the Fit & Gap between the client's security guidelines, basic information security policy, etc., and current operations, IT assets, and operating systems. Then, a solution architect will join the service to visualize the state of cyber hygiene through Tenable's Cyber Exposure and conduct a corporate risk analysis considering vulnerabilities, real-time threats, and the priority of the company's IT assets. We visualize the current situation, organize the customer's requirements and present a solution (hypothesis development) in consideration of the actual business.
For cyber security measures, it is important to take a "security-by-design" approach to introduce high-security-conscious functions and design operations according to the customer's business environment and operational characteristics from the planning and design stages.Digital Arts Consulting supports the implementation of security solutions based on "Security by Design" by leveraging our abundant experience in business improvement consulting and our knowledge of cyber security.
Solution architects from Digital Arts Consulting will provide Proof of Value (POV) support for the hypotheses organized in the risk assessment service, visualize customer value in consideration of actual business, and formulate a conceptual design for implementation. Then, our implementation and support engineers provide implementation and operation design, construction, and maintenance/operation services based on the following items (1) to (5), which are necessary to build cyber hygiene.
Account management, monitoring, and operation of accounts connected to networks that exist within the organization
Key security settings that are effective in protecting systems within the organization
Controlling the use of administrative privileges that enable security settings
Management and operation of application, software, and OS updates
⑤Repetition
Support for regular operation of the above (1) - (4) (documentation, training, system building support)
・Tenable's Cyber Exposure
Cyber Exposure" is based on the assessment technology based on the vulnerability management platform "Nessus" and realizes a comprehensive portfolio adapted to various organizations. It provides services to accurately identify and reduce cyber risks by properly managing and measuring modern attack surfaces.
Always possessing the latest information, vulnerability assessment x Real-time threat analysis x Risk analysis from a business perspective based on the priority of the company's IT assets, the solution both reduces corporate risk and eases the burden on administrators.
Visualize not only servers and NW devices, but also all IT assets from public clouds such as AWS and Azure to OT devices. It is also possible to grasp the risk status of these assets.
Through the provision of this cyber hygiene construction support service, Digital Arts Consulting aims to strengthen security in corporate systems, which will become increasingly important in the future, and to propose an optimal management environment through the utilization of ICT.
*1 According to a Verizon study, "2015 Verizon Data Breach Investigations Report (DBIR)"), "99.9% of the exploited vulnerabilities were compromised more than one year after the Common Vulnerability Identifier (CVE) was released, according to the study . This means that up to 99.9% of vulnerability threats can be reduced through cyber hygiene practices that manage and promptly apply patch information created after CVEs are released.
*2 The SANS Institute was established in 1989 (headquarters: Washington, DC, USA) to conduct research among governments, companies, and organizations, and to educate their employees about IT security. It is one of the world's leading security research and education organizations, providing information security education programs and a forum for the exchange of security information and opinions to more than 165,000 security professionals, information system auditors, system administrators, network administrators, and others, while continually seeking solutions to the problems they face.
*3 The guidelines were compiled by the SANS Institute, a U.S. security professional organization, based on joint research by the National Security Agency (NSA) and other U.S. public agencies and companies specializing in information security. The guidelines focus on technical security controls that are believed to be effective in thwarting currently recognizedattacks, including advanced attacks such as APT, as well as attacks that are expected to occur in the near future.
Tenable®, Inc. is a provider of Cyber Exposure solutions. The creator of Nessus®, Tenable has expanded its vulnerability expertise with Tenable.io®, the world's first security platform for managing and protecting vulnerabilities in any information asset or device. Tenable's customers include more than half of the Fortune 500, more than 25% of the Global 2000, and large government organizations. For more information, visit tenable.com.
https://tenable.com/
https://tenable.com/
・About Digital Arts Consulting, Inc.
Digital Arts Consulting, Inc. was established on April 1, 2016 as a strategic subsidiary of Digital Arts, Inc. by bringing together members who specialize in IT strategy consulting to management divisions.
In recent years, cyber-attacks against companies and government agencies from outside and leaks of confidential information from within have become recognized as serious problems not only in Japan but also worldwide, and the need for support for the introduction of security products has been increasing. In order to respond flexibly and promptly to the needs of the market, Digital Arts mainly provides support for the introduction of cyber security measures, especially for major companies in the manufacturing, financial, and pharmaceutical industries, while leveraging its customer base and know-how cultivated in the information security industry.
https://con.daj.jp/
https://con.daj.jp/
*Digital Arts Consulting, DigitalArtsConsulting, and various logos and icons related to the Company and its products are trademarks or registered trademarks of Digital Arts Consulting, Inc.す。
*Other company and product names mentioned above are trademarks or registered trademarks of their respective companies.