NEC Joins U.S. Department of Homeland Security "AIS" Initiative for Sharing Cyber Threat Indicators
Tokyo, March 15, 2017
- NEC Corporation
(NEC; TSE: 6701) today announced its participation in the "Automated Indicator Sharing" (AIS) initiative implemented by the United States Department of Homeland Security (DHS) that swiftly shares cyber threat indicators between the government and the private sectors, aligning technologies and human resources in the cyber security businesses and bolstering cyber intelligence as an important source of information.
AIS enables the swift sharing of indicators on threats from cyber attacks (such as IP addresses, domain names, sender addresses of phishing emails) between the United States Federal Government and private companies and organizations in the United States and abroad. This is accomplished via the information system provided by the National Cybersecurity and Communications Integration Center (NCCIC) under the umbrella of the DHS. Threat indicators are shared in Structured Threat Information eXpression（STIX）format, which enables a threat from the latest cyber attack to be swiftly identified, preventing the damage of a particular threat from spreading. Currently, more than 100 organizations have joined AIS, and NEC is the first company in Japan to participate in the initiative.
Damage from sophisticated cyber attacks on government organizations and private companies worldwide are increasingly widespread and severe, and the strengthening of cross-field security countermeasures through cooperation between the public and private sectors is becoming ever more important.
NEC is strengthening its cyber intelligence with the aim of predicting attacks from adversaries through a proactive approach to cyber security that emphasizes information and speed. NEC will bolster the security countermeasures of its information systems by utilizing threat information obtained from AIS. The company will also investigate how to effectively apply threat information in its state-of-the-art security products and services, including the company's "Cyber Security Factory" security monitoring service, which acts as the core hub that supports the introduction and operation of cyber attack countermeasures, as well as in the development of human resources.
NEC is contributing to the STIX format specification design and to the promotion of its widespread use by participating in the Cyber Threat Intelligence (CTI) Technical Committee of an international standards body, the Organization for the Advancement of Structured Information Standards (OASIS).
"As part of NEC's focus on the Solutions for Society businesses, we are reinforcing the safety business as one of the pillars of our global growth strategy, including cyber security. Going forward, NEC will continue to contribute to the realization of a safe, secure, and affluent society by delivering initiatives, products, and services that bolster security countermeasures," said Kozo Matsuo, General Manager, Cyber Security Strategy Division, NEC Corporation.
About NEC Corporation
NEC Corporation is a leader in the integration of IT and network technologies that benefit businesses and people around the world. By providing a combination of products and solutions that cross utilize the company's experience and global resources, NEC's advanced technologies meet the complex and ever-changing needs of its customers. NEC brings more than 100 years of expertise in technological innovation to empower people, businesses and society. For more information, visit NEC at http://www.nec.com.
The NEC Group globally provides "Solutions for Society" that promote the safety, security, efficiency and equality of society. Under the company's corporate message of "Orchestrating a brighter world," NEC aims to help solve a wide range of challenging issues and to create new social value for the changing world of tomorrow. For more information, please visit