SHIFT Inc., which supports customers in creating software services and products that sell, will begin offering a “Defense Industry Cybersecurity Standards Application System Construction and Audit Response Support Service” to help companies comply with the “Defense Industry Cybersecurity Standards” mandated by the Ministry of Defense and the Defense Acquisition, Technology and Logistics Agency.
SHIFT’s professional team, consisting of security specialists and defense consulting personnel familiar with the defense industry, will support the establishment and operation of application systems and audit responses that comply with the “Defense Industry Cybersecurity Standards,” which are required of companies responsible for the nation’s defense-related procurement and those in its supply chain.
SHIFT was certified by the North Kanto Defense Bureau in 2024 after the implementation of the Defense Industry Cybersecurity Standards, and has a track record of being one of the first companies in the defense industry to comply with the standards. In the future, in cooperation with Japan Aerospace & Defense Consulting Co., Ltd., a defense industry-specific consulting company for the domestic defense industry and the Ministry of Defense, which the SHIFT Group plans to establish in April 2025, we will provide this service in the jurisdiction of the North Kanto Defense Bureau, where many defense-related procurement companies are located.
Also Read: Hitachi Enhances Cloud Migration Support Following Joint Multi-Cloud Verification with Oracle Japan
In the context of the increasingly complex international security environment and the diversification and sophistication of cyber attacks, cyber defense efforts in each country are accelerating, and the nature of cyber defense is shifting from prioritizing defense to taking measures based on the assumption that cyber attacks and intrusions will occur. Based on this approach, the United States has established the security guideline “NIST SP 800-171,” which the Department of Defense requires contractors and companies in its supply chain to comply with. Currently, the transition to the new security guideline “Cybersecurity Maturity Model Certification (CMMC)” established by the Department of Defense is underway, and cyber defense in defense-related supply chains is being further strengthened.
In Japan, the Defense Acquisition, Technology and Logistics Agency has established “Ensuring Information Security in Procurement of Equipment, etc. and Services” and has been operating it after four revisions, but there were issues such as the content being based only on prevention. In response to this background, the Defense Industry Cybersecurity Standard (official name: Special Provisions on Ensuring Information Security in Procurement of Equipment, etc. and Services) was formulated, which requires a security level equivalent to NIST SP 800-171. From 2023 onwards, companies that have business relationships with the Ministry of Defense and the Defense Acquisition, Technology and Logistics Agency, and companies in their supply chains, will be required to establish application systems and respond to audits based on the standard.
SHIFT will begin supporting the Ministry of Defense and other relevant government ministries and defense-related companies from 2022, and was one of the first in the defense industry to complete its response to the standard in 2024 after it went into effect, receiving certification for compliance with the standard from the North Kanto Defense Bureau. In addition, SHIFT has developed rare and highly specialized consulting services in the defense field, including the ” RMF Compliance Support Consulting Service ,” and has utilized the standardization know-how it has cultivated in its original software testing and quality assurance business to help companies in a variety of industries and sectors develop security strategies and support the construction and operation of security systems based on international standards, including the ” EU Cyber Resilience Act Compliance System Construction Support Service .”
By combining our deep understanding of the defense industry’s operations and organizations with our multifaceted knowledge of building and operating security systems, we have decided to begin offering a “Defense Industry Cybersecurity Standards Application System Building and Audit Response Support Service” in order to contribute to further improving the resilience of the domestic defense industry.
SOURCE: PRTimes