Customer Story

Japanese information systems organization uses proactive services to protect infrastructure

JR Tokai Information Systems Company enhances security posture with Mandiant Expertise On Demand

Overview

Protecting the operation and stability of the Shinkansen rail line

JR Tokai Information Systems Company (JTIS) is the information systems company for the JR Tokai Group. It is a system integration company responsible for the development, operation and maintenance of various information systems that JR Tokai and its group companies use. JTIS handles the systems that support railroads, part of critical social infrastructure, the company has a long history of being focused on security measures.

  • Assess response: With Tabletop Exercise benchmarked against global standards
  • Increased knowledge: From threat intelligence reports customized for JR Tokai’s businesses
  • Flexibility: Freedom to choose from many different services, whenever needed

Challenge

Proactively Protecting Critical Infrastructure

JTIS protects and supports the systems responsible for rail lines in Japan. While the company always kept their defense strong, Mr. Katsutaka Ishikawa, General Manager of Nagoya Core Systems Division at JTIS, wanted the company to continue to stay up to date regarding the latest threats and new technologies and to keep improving their security measures and cyber defenses.

“We thought we had been doing everything possible internally, but have we been complacent? I felt that we needed to see how our system appeared to cyber security experts, have an objective assessment, and use the results to make further improvements.”

The company formerly used an external penetration test service. However, Mr. Ishikawa wanted to expand their capabilities with a global organization.

“Most penetration test services use tools to scan for vulnerabilities. However, these are not enough to validate our systems and procedures. We wanted an assessment done by a security company knowledgeable in attacks targeted at critical infrastructures like ours; a company that is good at analyzing the trends of attackers and incidents outside of Japan. We wanted a company with knowledge and experience in actual attacks and incident response. We did not want a company that simply gathers data on mass attacks and sends out alerts,” said Mr. Katsutaka Ishikawa, General Manager of Nagoya Core Systems Division at JTIS.
 

“In the railroad business, serious consideration must be given to security, not only in cyberspace but also in “real” space. That is why we have been focusing on our cyber security measures from our early days.”


-Mr. Katsutaka Ishikawa, General Manager of Nagoya Core Systems Division at JTIS.


Solution

Performing A Tabletop Exercise Simulating an International Sporting Event

Mandiant introduced JITS officials to Mandiant Expertise On Demand, which enabled access to various security services at a flat rate with an annual subscription. This service let users choose services they need from available options, whenever they need them, using “units” that are purchased ahead of time. Options included an assessment of incident response systems and procedures conducted using a tabletop exercise. This was in addition to various information sharing, threat intelligence and training services.

Mr. Ishikawa noted, “We were particularly concerned about increased security threats because of an upcoming international sporting event. We wanted to identify all weaknesses in our security and address them in advance. Mandiant has experience in responding to and analyzing attacks targeted at critical infrastructures outside of Japan. Given their knowledge and experience, we felt it would be effective to conduct a Mandiant Tabletop Exercise.

Using Mandiant’s latest incident-response knowledge and experience, a specific and realistic scenario was developed, from the onset of an incident to its containment. Employees in JTIS Cyber Security Group participated in the exercise. Every detail of the response process was reviewed over the course of an entire day.


Results

Continuing education to increase cyber awareness

The consultants provided the results of the assessment and recommendations for improvement in an online meeting. “We received good feedback overall, and it was reassuring that what we had been doing was not wrong. However, Mandiant consultants pointed out where security was lacking in some areas of our systems, and we immediately addressed the high priority issues. It was easy for us to make specific improvements because they gave us prioritized recommendations,” said Mr. Ishikawa.

Employees who participated in the exercise commented, “Mandiant has a lot of experience in responding to incidents. This experience helped me change the way I work on security. I could see the security process from different perspectives and at a higher level.” The service seems to be helping improve human resource training and development at JTIS.

In addition to the tabletop exercise, JTIS is actively taking advantage of other services available through Expertise On Demand. Mandiant also developed threat intelligence reports customized for JR Tokai.

The Expertise On Demand service is also helping answer critical questions, addressing issues and gathering data on JTIS’ day-to-day operations. For example, when a large-scale security incident was reported in Japan, the company received valuable insights from Mandiant by asking “Do we have the same risk?” In response, Mandiant shared important information in daily reports with JTIS.

JTIS plans on using Mandiant training services through Expertise On Demand to develop and train their security personnel. The variety of services offered through Expertise On Demand has enabled the company to go beyond its initial goal of performing a tabletop exercise. It has dramatically improved JTIS’ security posture, according to Mr. Ishikawa.
 

“Cyber-attacks are becoming more complex and sophisticated. Mandiant has a lot of global knowledge, experience and insights on groups that have malicious intent to attack. They can continue to provide us with advice and specific recommendations to further improve our ability to defend against cyber-attacks.”


-Mr. Katsutaka Ishikawa, General Manager of Nagoya Core Systems Division at JTIS.


Protecting the safety of Shinkansen and conventional railway lines in Japan

As the only information systems company in the JR Tokai Group, JTIS develops, operates and maintains various systems for JR Tokai as well as the operational-management and reservation systems for the Tokaido and Sanyo Shinkansen lines and the conventional railway lines in the Tokai region.

Download the Story