NTT Security, the specialised security company of NTT Group, has announced the formation of the Global Threat Intelligence Centre (GTIC) to replace what was formerly known as the Security Engineering and Research Team, which last year transitioned under the NTT Security brand.
The concept of the GTIC was formed with the understanding that, to stay ahead and address today’s widespread security threats, NTT Security must bring together all of its international threat intelligence assets under one roof to work together across regional lines. Using a threat-driven approach, the newly-formed GTIC will strengthen the collaboration and co-ordination of the company’s intelligence resources by leveraging the power of existing capabilities throughout the world in order to address the latest security challenges.
The GTIC will serve as the primary focal point within NTT Security for contextualising, enhancing and enriching threat intelligence-related information throughout NTT Security and for its clients. Working in conjunction with NTT-CERT (an internal security entity within NTT) on joint experiments and research activities, the GTIC is uniquely situated to empower front line Managed Security Services SOC analysts, research analysts, network security engineers, professional security service consultants and incident response handlers to successfully gather, share and apply threat-related information. Through applied threat intelligence, NTT Security’s customers realise the actual and not just the theoretical protection of threat intelligence.
Jun Sawada, global CEO for NTT Security, commented: “Given the explosive growth of endpoint devices and large-scale and fast-changing network infrastructures, in tandem with the Internet of Things, operational technology and cloud services adoption, the cyber threat environment and level of criminal activity has changed. By their very nature, cyber threats are global. Our threat intelligence capabilities will now reflect this, offering a global view of the threat landscape, but with regional delivery.”
Centralised and shared approach
As NTT Security moves towards strengthening its global presence as a full services threat intelligence provider, leveraging backbone data, advanced analytics and machine learning technology, the newly-formed GTIC provides a centralised and shared approach to threat intelligence solutions for customers. The GTIC’s mission is to apply actionable and comprehensive insight that reduces risk and operational effort for clients and customers alike.
With a unified approach towards threat intelligence, the goal is to provide relevant, actionable, timely and transparent intelligence that’s both verifiable and ‘customisable’. NTT Security will continue to enhance its defensive technologies and techniques in order to help customers protect assets and improve global visibility.
Steven Bullitt (vice-president of threat intelligence and investigation for NTT Security) stated: “NTT Security is proactively addressing the global nature of the cyber security landscape by providing a global presence for intelligence that’s regionally executed. The formation of the GTIC involves transformational change in the way in which we combat cyber crime, applying advanced regional countermeasures to protect our clients, while at the same time understanding that the threats are borderless and have no boundaries.”
Comprehensive threat intelligence
The GTIC will focus on comprehensive threat intelligence that proactively stops the threats and contextualises information in NTT Security’s Managed Security Services to help reduce problems, while also augmenting the company’s incident response capabilities to help in quickly responding to and resolving any attacks.
Threat Intelligence Research and Vulnerabilities
Overseeing the threat intelligence platform while gathering, analysing, enriching and normalising data is key. Tracking down existing and emerging cyber threats and vulnerabilities is a further task, as is following threat actors, targets, campaigns, tactics, techniques and procedures. There’s also a requirement for the orchestration, analysis and processing of information into threat intelligence.
Interaction and workflow between the GTIC and Managed Security Services. Responsible for taking actionable intelligence and indicators and applying it into threat detection and countermeasures for the SOCs. Overseeing the process of feeding relevant, timely and actionable information to Operations. 24/7 intelligence output to the SOC on a global scale. Maximising the application of intelligence internally.
Oversees the processes, procedures and policy. Defining procedures for gathering, analysing and applying intelligence. Co-ordination of escalated SOC events to the GTIC and incident response teams. Managing the common workflow of communication and process across the NTT Security global organisation. Making intelligence readily available to clients with the continued development of security bulletins, bi-monthly, monthly, quarterly and annual threat reports.
*NTT Security’s next annual Global Threat Intelligence Report – which analyses global threat trends based on log, event, attack, incident and vulnerability data from clients – will be issued at the end of April. The 2017 report analyses 6.2 billion attacks containing approximately 3.5 trillion logs. For those who wish to download the report, pre-registration is now available by clicking here