NTT Advanced Technology Corporation will begin offering the “OsecT Operations Support Service”, which supports security monitoring for “OsecT” provided by NTT Communications Corporation.
This service supports customers’ security monitoring by sending customized alert notification emails that allow information to be understood at a glance, responding to inquiries about the alert contents by security experts, and sending push-type monthly report notifications. Since security operations using OsecT were expected to be operated by customers themselves, customers were required to secure security personnel, but there was an issue that it was difficult to secure personnel due to a shortage of personnel.
By providing this service, NTT-AT will contribute to solving the issues faced by industrial customers who are struggling to secure personnel for security monitoring.
Also Read: NODE X secures 830 million yen in pre-Series A to tackle social issues with IoT and security
In recent years, the promotion of digital transformation (DX) in the industrial sector has resulted in an increase in connections to information systems and the Internet. As a result, not only IT devices but also OT/IoT devices are now viewed as new targets for cyber attacks.
In this situation, as part of international standardization efforts, the International Society of Automation (ISA)/International Electrotechnical Commission (IEC) has issued ISA/IEC62443, an international standard for security measures in industrial control systems, and domestically, the Ministry of Economy, Trade and Industry’s Industrial Cybersecurity Study Group’s Factory Security Sub-Working Group announced the “Guidelines for Cyber-Physical Security Measures in Factory Systems” in November 2022.
In the future, companies that use OT equipment, including those in manufacturing and building maintenance, will need to implement information security measures in accordance with these guidelines.
Until now, there was an air gap between ICS (Industrial Control Systems) and SCADA (Supervisory Control and Data Acquisition Systems) and networks, but now that this has been removed and these systems are connected to IT systems and ultimately the Internet, these systems are exposed to expanding threats. One example of a cyber incident related to a control system is an attack on a nuclear fuel facility, where malware targeting the control system was brought in.
This service can be introduced without affecting existing OT/IoT networks (customers only need to configure existing switches to send mirroring packets) so that risks in OT environments can be understood. In addition, because the burden on customers is low, it can be provided even to small business establishments.
SOURCE: PRTimes
