[Introduction example] Building a “Nagasaki Prefecture CSIRT” that collaborates with Local Government Information Security Cloud

SoftBank Technology Corp. (Headquarters: Shinjuku-ku, Tokyo, President ＆ CEO: Shinichi Ata, hereinafter referred to as SBT) has been appointed to the Nagasaki Prefectural Office (Location: Nagasaki City, Nagasaki Prefecture, Governor: Norimichi Nakamura, hereinafter referred to as Nagasaki Prefecture). We have established a CSIRT (Computer Security Incident Response Team) that monitors security events and analyzes the cause and investigates the scope of impact when an incident occurs.
As a result, we have improved security through early detection and prevention of incidents caused by cyber attacks, and improved efficiency through systematic organizational responses when incidents occur.

■Background of introduction

In Nagasaki Prefecture, in accordance with the Ministry of Internal Affairs and Communications' notification in December 2015 regarding the "drastic strengthening of new local government information security measures," the prefecture has implemented measures such as separating the internal network from the internet environment, prohibiting the taking out of information from areas that handle specific personal information, and We have been promoting security measures such as building the Nagasaki Prefecture Local Government Information Security Cloud, which consolidates internet connection points in cities and towns to strengthen security measures.
However, when we re-evaluated our response to security incidents, we found that there are no systematic standards of conduct regarding how to share information with related parties and what kind of response is required when it comes to incidents caused by cyber attacks. It has become clear that what we have done so far is not enough.
In order to resolve such incident response issues, refer to the "Guidelines for Information Security Policies in Local Governments" revised by the Ministry of Internal Affairs and Communications in 2018, and refer to the "Guidelines for Information Security Policies in Local Governments" that were revised by the Ministry of Internal Affairs and Communications in 2018. In addition to the review, we decided to establish the Nagasaki Prefecture CSIRT, an organization that will handle incident response. In addition, with the goal of being able to respond appropriately to cyber attacks, it was necessary to adapt to the requirements and actual circumstances of Nagasaki Prefecture, and to collaborate with the CSIRT and the Nagasaki Prefecture Local Government Information Security Cloud.

■Effects of introduction

Since January 2019, when the implementation was completed, it has become possible to detect events that may be a sign of an incident, such as receiving suspicious emails, which had not been fully detected in the past. Security has also improved from a preventive and preventive perspective. In addition, by systematizing the response, it became clear which jurisdictions should be coordinated in the event of an incident, which had the effect of reducing wasteful administrative procedures due to omissions in information sharing and lack of coordination.

Going forward, Nagasaki Prefecture will share the know-how it has cultivated through CSIRT operations with each city and town, and will work to make the entire prefecture a secure municipality. SBT will continue to support the operation of Local Government Information Security Cloud, the continued development of the Nagasaki Prefecture CSIRT, and the improvement of security throughout Nagasaki Prefecture.

▼ Click here for details on this case.
https://www.softbanktech.co.jp/case/list/nagasaki/

• *The company names, product names, and service names mentioned in this release are trademarks or registered trademarks of our company or each company or organization.