Continuous Security Enhancement

Continuous Security Enhancement Continuous Security Enhancement

In response to the spread of digital devices and increasingly sophisticated cyberattacks, we strive to continuously strengthen security by adopting the latest technologies, improve the security mindset of our employees through education, and train specialists in the field of security.

Technological measures

Monitoring technology

Monitoring technology Monitoring technology

While the early detection of incidents is becoming increasingly difficult due to the growing complexity of attack techniques in recent years, the number of detected incidents is on the rise each day. SoftBank strives to improve the quality of monitoring by continuously upgrading detection methods, implementing analysis and solutions by referring to threat intelligence (information useful to detecting and blocking attacks), and automating response operations so that no signs of attack are missed.

Monitoring of
threats and attacks

By monitoring communication log data collected from digital devices, such PCs and smartphones, and machines such as servers, we anticipate and determine threats from multiple angles: suspicious communications inside or outside of our organization, potential malware infections, and others. We have built information sharing processes with security organizations we belong to and with security vendors to ensure we are aware of the latest trends by reviewing incidents at other companies and reports on vulnerabilities and attacks.

We aim to detect sophisticated and complex attacks as early as possible by implementing Security Information and Event Management (SIEM), a tool to detect the latest attacks, whereby various data logs can be collected and correlation analysis be performed.

Monitoring of
telecommunication networks security

Since telecommunications networks serve as social infrastructure, expectations for their reliability and quality are higher than ever before. SoftBank, as a telecommunications provider, performs different kinds of monitoring to provide a stable telecommunications network. Monitoring security is one part of this effort.

What 5G networks can bring include not only higher speeds but also ultra-low latency and massive device connectivity. It is expected that 5G will enable a variety of use cases like remote operations and autonomous driving. SoftBank is building an even more stringent security monitoring system to respond to changes in data traffic caused by DDoS attacks and to counter cyberattackers’ attempts to access 5G equipment.

Use cases of 5G network features
Ultra-low latency Remotely-controlled robots, autonomous driving, telemedicine - all previously considered difficult due to latency.
Massive device connectivity Accelerated power of IoT that will revolutionize industries and society, with more things and sensors connected to networks.

Security testing

If SoftBank launches services with deficient equipment or latent vulnerabilities, our network and system could be subject to attacks, potentially resulting in harm to customers. Our security engineer team carries out complete vulnerability testing and issues instructions to address any vulnerabilities detected so that we can provide safe services.

Since new vulnerabilities can emerge even after the release of a service we continue vulnerability testing and follow-ups to minimize security risks.

  • Security testing Security testing

Enhancement of
internal security environment

We address increasingly sophisticated attacks by proactively adopting the most advanced technologies, such as Mobile Device Management (MDM) and Endpoint Detection and Response (EDR), which are becoming standard security solutions. Additionally, we carry out t simulation exercises on targeted attack e-mails, to help strengthen our internal network security.

Some solutions and technologies that we have internally implemented and verified effectiveness are offered to enterprise customers as security services.

People-led enhancements

Employee training

Employee training Employee training

In order to ensure appropriate handling of information at the workplace as well as to raise awareness of information and cyber security, we provide classroom training, e-learning programs, security drills to executives and employees while constantly updating security rules.

With a focus on protecting personal information and communication secrecy at our internal training, we continue to work on improving our employees’ knowledge and ethics.

Useful materials and educational videos on information security are available on the company intranet portal for employees to access at any time.

Training of
Security Experts

Our security experts work hard not only to collect and share information on threats and solutions but also to improve their technical skills and knowledge so that they can guard against ever-changing security threats. SoftBank encourages them to obtain security qualifications to build their expertise.

Qualifications held by our security experts

CISSP, Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Registered Information Security Specialist (RISS), GIAC qualifications, CEH, AWS Certified Security - Specialty, among others.

Training of Security Experts Training of Security Experts

Security experts are expected to understand trends in security solutions, analyze information on evolving cyberattack techniques and vulnerabilities, and to work together to examine how to protect an organization from cyberattacks and how quickly they can be detected.

SoftBank is actively recruiting skilled workers with sufficient experience and technical expertise, young people with exceptional skills, and new graduates willing to try new things.