English 
In recent years, as the attack surface for cyber attacks has expanded due to the use of cloud services and teleworking, more and more companies are introducing measures based on the concept of “zero trust security”. However, as cyber attacks have become larger and more sophisticated, and new zero trust guidelines have been enacted by the government and other organizations, companies that have introduced these measures are being forced to reconsider their existing measures and plans.
ゼロトラストでは、事業特性や経営戦略、セキュリティポリシー、既存のITインフラ環境、スタッフの知識や運用体制、IT予算などによって、どこまで対策を講じるべきか、統制変更の範囲やレベルなど、最適解が異なります。現状の進捗状況や取るべき対策が把握できず、目標設定や計画の見直しができない」「ゼロトラストを導入したものの、その機能を十分に活用できていない」「対策やシステムのコストに過不足がある」といった課題を抱える企業が増えています。
こちらもお読みください: NECとNECセキュリティ、軽量プログラム改ざん検知ソフトの対応OSをWindowsとWindows IoTに拡大
上記の問題を解決するために、本サービスでは NRIセキュア consultants will assess a company’s degree of zero trust achievement in five areas – identity (authentication), devices, networks, applications/workloads, and data – and three cross-functional functions – visualization and analysis, automation and integration, and governance – in line with the “Zero Trust Maturity Model” of the U.S. Cybersecurity and Infrastructure Security Agency (CISA). Based on this, we will consider the target company’s desired goal setting and measures, and develop a roadmap for achieving the goals.
ソース PRタイムズ
日本語