Toyotsu Syscom

Develops enterprise security service
with integrated protection against
targeted attacks

 

Challenge

Toyotsu Syscom was separated from Toyota Tsusho, a general trading company of the Toyota Group, and established independently. The company provides IT services and solutions to solve operational issues for enterprises both inside and outside of the Toyota Group.

One such service is its integrated security service for enterprises, “IT Police.” This service provides essential capabilities for data security, including client/server/gateway countermeasures, and user education and training. “Cyber Shield 24,” the company’s marquee solution, provides protection against targeted attacks, a major threat in recent years. It installs monitoring tools at entry/exit points and inside networks to detect malicious behavior within customers’ IT environments. Furthermore, the dedicated SEs of Toyotsu Syscom provide total support which includes monitoring, log analysis, and proposals for improvements.

“The biggest problem with some targeted attack countermeasures is the extremely large workload they can create to monitor and analyze threats. For an IT department busy with daily operational work, it is exceedingly difficult to continually monitor attacks that can occur at any time, and to implement timely countermeasures. For this reason, we don’t merely provide tools. We also take on the tasks of monitoring, analyzing, and diagnosing, and we propose effective countermeasures based on our analysis. In this way, we help our customers strengthen their security while also reducing their operational overhead,” explains Toyotsu Syscom’s Takahiro Tetsumoto.

Solution

Trend Micro™ Deep Discovery™ Inspector provides the threat-detection capabilities of Cyber Shield 24. It combines custom sandbox analysis with a static analysis engine based on the experience and data that Trend Micro has accumulated in over 25 years of threat analysis to detect threats without relying solely on pattern files.

Because it targets the communications made by malicious files and not only the malicious files themselves, it can identify specific network-connected devices that may become sources of infection. It also has a built-in engine to detect the attack code that targets vulnerabilities in many common document formats. These functions work together to detect attacks at their initial stage and help stop damage from spreading.

“We evaluated the highly accurate detection functions and the substantial report functions and decided to adopt Deep Discovery Inspector. Many of our customers are already using Trend Micro™ OfficeScan™ for endpoint countermeasures, and these two Trend Micro products are able to share information, so that endpoint pattern files reflect the latest input from Deep Discovery Inspector. The ability to construct solid security became a decisive factor,” says the company’s Rie Takahashi.

Because Deep Discovery Inspector monitors with packet mirroring, there is no need to revise existing network and the effect on business operations is minimized in the event that a fault occurs in the monitoring system, another point that Toyotsu Syscom singled out for praise. Trend Micro’s friendly support system was yet another major factor in the selection.

As Cyber Shield 24 supports everything up to the operational aspects of countermeasures for targeted attacks, the knowledge and skill of dedicated engineers has a significant effect on the quality of service. “Trend Micro supports the development of human resources through training programs that provide expertise that helps customers get the greatest benefit from Deep Discovery Inspector. Trend Micro™ Premium Support™ provides us with a partnership system whenever we request support, such as when we discover an unknown threat. We have built a system through which we can provide services with confidence,” explains Toyotsu Syscom’s Kazumasa Kitamura.

"We are truly thankful for the full support that we received from Trend Micro in regards to the biggest issue that we faced when we developed Cyber Shield 24—development of human resources." 

Takahiro Tetsumoto,
General Manager, Advanced IT Division, System Support Department,
Toyotsu Syscom

Results

After being implemented at several enterprises, Cyber Shield 24 is already producing some excellent outcomes. “The greatest achievement is that we can provide it to customers with peace of mind,” says Tetsumoto. “It has led to customers becoming more aware of the threat of targeted attacks. Once the problems with traditional countermeasures become clear, we can propose more effective, improved countermeasures,” Takahashi continues.

There is also high praise for Trend Micro’s support. Toyotsu Syscom holds regular meetings and information-sharing sessions with Trend Micro so that it can always be prepared for the latest threats. “At these meetings, Trend Micro provides us with practical know-how such as log analysis methods and effective ways to utilize sandboxing capabilities. This has already led to us accumulating a wealth of knowledge and improvements in our level of service,” adds Kitamura.

Toyotsu Syscom is now proposing Cyber Shield 24 to an even broader range of customers. This is because the company provides a selection of service offerings that are able to support a variety of needs. These include “The Stakeout,” which performs constant monitoring and diagnosis; “The Investigation,” which operates for approximately one month to survey the current situation; and “The Arrest,” which provides countermeasures and removes threats when they are detected.

Additionally, the company can foresee an expansion from the domestic market into overseas markets. “There are many examples of customers who have bases overseas who are anxious about support when an incident arises at those locations. With Cyber Shield 24, we can concentrate monitoring at our surveillance center and respond immediately,” says Takahashi. Through coordination with Trend Micro, Cyber Shield 24 eliminates the difficulties of operating targeted attack countermeasures.

"By undergoing the Trend Micro training program, we attained skills and expertise to effectively interpret logs and alerts generated by Deep Discovery Inspector.

Kazumasa Kitamura,
Toyotsu Syscom