Fujitsu Launches Consulting Service to Meet Security Standard for Nonfederal US Organizations and IT Systems
2017年10月19日 - 10:52AM
JCN Newswire (英)
Fujitsu Limited has announced the Japan launch of an assessment
consulting service to help customers meet the requirements of NIST
Special Publication 800-171, a publication from the National
Institute of Standards and Technology (NIST) which sets out the US
security standards for nonfederal information systems and
organizations handling controlled unclassified information. This
consulting service, available from today in Japan, will provide
insight into the status of customer systems' compliance with NIST
SP800-171 security measures and will formulate policies needed to
support the standard.
The assessment consulting service will provide customers with a
low-cost, rapid assessment of the state of their compliance with
NIST SP800-171 security measures. Moreover, based on the results of
the assessment, it will also offer everything from system
integration meeting the individualized requirements of each
customer, to 24/7/365 monitoring and operations of customer systems
through its Fujitsu Security Solution Global Managed Security
Service and system recovery in the event of an incident. This
represents total support for NIST SP800-171 security measures for
customer systems.
Fujitsu will also bring its Fujitsu Cloud Service K5 into
compliance with the security standards of the NIST SP800 series
during fiscal 2018, offering highly secure and reliable cloud
services.
Going forward, Fujitsu will accelerate support for a variety of
international rules, and for Japan's supply chain as well, will
implement security measures that offer safety and stability, thus
contributing to the expansion of Japanese industry in international
society.
Background
NIST SP800-171, published by NIST in June 2015, sets out the US
requirements for security measures for Controlled Unclassified
Information (CUI) being handled by Nonfederal Organizations. There
are just over 100 requirements, including technical as well as
non-technical requirements.
In recent years, there has been an accelerating movement in the US
requiring NIST SP800-171 compliance, as seen, for example, when the
US Department of Defense (DoD) published a notice about US defense
equipment procurement(1) requiring that all Nonfederal
Organizations around the world supplying defense and other
equipment to the DoD support the security measure standards set out
in NIST SP800-171 by December 31, 2017. Going forward, it is
expected that security measures complying with NIST SP800-171 will
be required not just for defense-related industries, but for other
industries as well. In the same way, a movement is also expected in
Japan to set up CUI protection technologies similar to those
required in NIST SP800-171 in private companies, not just for
companies that are in US supply chains.
In order to comply with NIST SP800-171, however, companies may have
to shoulder a significant cost and operations burden in order to
set up security measures that meet the standards.
For this reason, together with Fujitsu Research Institute and
Deloitte Tohmatsu Consulting LLC, on October 19 Fujitsu launched
the assessment consulting service in Japan to provide insight into
the status of customer systems' security measures with regard to
NIST SP800-171, and to formulate measures to improve them. In
addition, Fujitsu will offer total support for NIST
SP800-171-compliant security measures for customer systems through
its system integration handling development and its Global Managed
Security Service providing operations and monitoring services,
according to the needs of each individual customer.
Features of the Assessment Consulting Service
This service provides everything from insight into customer
system's compliance with NIST SP800-171 to the formulation of
policies to achieve compliance, through cooperation between Fujitsu
Research Institute, which has abundant knowledge and experience
from consulting on topics such as formulating business continuity
plans, and Deloitte Tohmatsu Consulting, which has experience with
cutting-edge cybersecurity and can collect information on the
latest developments at NIST as soon as it is available. With this
service, it is now possible for customers to quickly and optimally
handle such tasks as the formulation of strategy for managing
resources and risks when supporting NIST SP800-171, which is
difficult to handle on their own. Thereafter, Fujitsu will provide
total support suited to the customer's needs, including system
building, operations, and recovery support.
http://www.acnnewswire.com/topimg/Low_Fujitsu101917NIST.jpg
Figure: Overview of solutions for NIST SP800-171 support
Future Plans
The launch of this solution for supporting NIST SP800-171 is the
first in a series of services that Fujitsu will offer going
forward, meeting the requirements set out in FedRAMP, a set of
cloud procurement standards for the Japanese government currently
under discussion, and supporting customers by helping Japanese
businesses expand globally and ensuring safe and stable security
measures in the Japanese supply chain.
Retail Pricing and Availability
http://www.acnnewswire.com/topimg/Low_Fujitsu101917Pricing.jpg
Comment from Norihiko Shibuya, Partner, Deloitte Tohmatsu
Consulting LLC
Deloitte Tohmatsu Consulting enthusiastically welcomes the launch
of this service from Fujitsu Limited supporting the NIST SP800-171
cybersecurity rules, which will contribute significantly to
accelerating the expansion of Japanese companies globally.
The assessment consulting service, provided jointly with Fujitsu,
will certainly enhance and support our clients' compliance with
international rules and respond to as-yet unknown cyber threats,
given Deloitte Tohmatsu Group's world-class know-how and experience
in cybersecurity, our grasp of the latest developments at NIST, and
the global Deloitte network.
Going forward, we will continue to work with Fujitsu on initiatives
that support Japanese companies with the cybersecurity they need to
compete on a global stage, based on the latest information.
(1) Notice about US defense equipment procurement
DFARS 252.204-7012 Safeguarding Covered Defense Information and
Cyber Incident Reporting, published October 2016.
About Fujitsu Ltd
Fujitsu is the leading Japanese information and communication
technology (ICT) company, offering a full range of technology
products, solutions, and services. Approximately 155,000 Fujitsu
people support customers in more than 100 countries. We use our
experience and the power of ICT to shape the future of society with
our customers. Fujitsu Limited (TSE:6702) reported consolidated
revenues of 4.5 trillion yen (US$40 billion) for the fiscal year
ended March 31, 2017. For more information, please see
http://www.fujitsu.com.
* Please see this press release, with images, at:
http://www.fujitsu.com/global/about/resources/news/press-releases/
Source: Fujitsu Ltd
Contact:
Fujitsu Limited
Public and Investor Relations
Tel: +81-3-6252-2176
URL: www.fujitsu.com/global/news/contacts/
Copyright 2017 JCN Newswire . All rights reserved.