Fujitsu Cyber Threat Intelligence Service
Cyber security has become one of the leading boardroom issues. According to a recent report1by global insurer Lloyds of London, attacks on computer operating systems run by a large number of businesses around the world could cause losses of $28.7 billion in terms of their financial, economic and insurance impact.
Fujitsu announced the availability of its Cyber Threat Intelligence(CTI) service in Europe, the Middle East, India and Africa (EMEIA) region. Fujitsu’sCyber Threat Intelligence teams perform thorough, ongoing monitoring and assessment of the threat landscape, bringing together threat intelligence data from a broad range of sources.
Rob Norris, Head of Enterprise and Cyber Security at Fujitsu in EMEIA, said :“Being online is the lifeblood for all organizations today and it is critical to remain online, and protect the integrity of your systems and your data even when you’re under attack from cyber criminals. Nobody should underestimate the catastrophic damage that a cyberattack can cause starting with a simple slip, such as opening an infected email. The nature and scale of cyber threats is changing so fast that traditional security solutions on their own are no longer enough to provide adequate protection. What we give our customers with the CTI service is a comprehensive view of their security posture, thorough analysis of security risks and actionable information because today, being unprepared for a cyber attack can easily put a company out of business.”
- What challenges customers are facing in cyber security?
Today we have more target attacks in terms of specific individuals certainly, the more sophisticated attackers would identify key people and they would go after them. What the hackers do is doing a lot of research before attacking specific people. This situation probably account for 3-4% of the attacks, but the majority of attacks are still random. Therefore, cyber-attacks are normally done via official emails or by scanning the network structure and looking for defence entry. What we see in terms of attacks are the small businesses because of the easiness of launching a cyber-attack. It is as easy going on the web and purchase procurement target organization. Attacking small businesses and individuals and more they are after their financial information and personal information they can actually sell on the the dark web. You can pay as little as 5$ for some financial information up to 30-40$ for personal information.
- What about cyber security and cloud services?
There are the same risk using cloud services. With cloud services, I need to know where the data reside and if the data are encrypted. Certainly, these are the principal questions we have to ask to our self in terms of how secure are the data and we need to ask the same questions to the cloud host provider.
- Recently Fujitsu won a European projects on the framework of Horizon 2020 on the theme of Industrial IT and cyber security.
We have a factory in Augsburg where we are working specifically on IoT security and we have our own Iot competencies centre settled in Germany. With the European Parliament, we are looking in terms on what we are able to do on Cyber security. We are leading a European project with a number of organisations where we are looking on IoT security. One of the Key things would be weather there is a legislation or not and we need to settle certain security standard with IoT devices apply to everybody. For example, when you buy a device and you go on internet you need from the first day to change a password. Simple standards would help in terms of security of IoT devices.
- How important is the education on data protection?
I think that is very important. If you look on data protection and the work you need to do in terms of protecting data, I think it is only now that people start to understand the importance of data protection. It is like an insurance policy. Many organisations think cyber-attack could happen to somebody else while it could happen to them. The organizations need to understand and carefully manage the risk of threat exposure and constantly test and make sure their defences are continually up to date. Preparation is the key. In the event of a cyber-attack, a response and recovery plan makes all the difference in minimizing the impact of the attack. What personal data they hold on individuals? Where is that data be stored? In the Cloud, in the country that operate? Can I easily access to that information? Is that information encrypted? These are the principles of data protection that need to be enforced.