Fujitsu brings internal security expertise to Australian market in cloud, managed security services push

Service provider Fujitsu Australia will leverage its long-term investment in local cloud-computing capabilities and deeply embedded security skills to build out a local Security Operations Centre (SOC) in support of an aggressive push into Australia's burgeoning managed security services (MSS) that will also leverage the company's domestic cloud capabilities to bring new hosted security services to market.

Announced at the Fujitsu World Tour 2015 conference in Melbourne this week, the repositioning exercise will see the company branding its range of security services – predominantly delivered to the company's largely high-end and government clientele – under a new practice called Fujitsu Security Services (FSS).

FSS will see the company's 47-strong internal security team – based at the SOC in the Sydney suburb of Homebush – engaging with new clients outside the company's traditional scope of works, which has been focused on government and high-end corporate clients.

“We have always had a degree of professional services, but have never taken them to market,” CISO and FSS manager Brendan Smith told CSO Australia.

“We're going to be spending more time going out and delivering security as a distinct service rather than just as a little bit of a contract. Whereas in the past we have been very focused on infrastructure security, now we're doing more of the intelligence side of securit".

The newly empowered security team will also draw on cross-functional capabilities by drawing on the expertise of business units such as Fujitsu's application team and its broad range of products, such as the Palmsecure/Biometrics scanners used in Fujitsu contracts with immigration authorities around the world.

The Australian FSS operation joins similar business units in the US, UK, Ireland and Japanese markets, which have also pushed into the MSS market as part of the company's Global Security Initiative.

Yet Fujitsu Australia's “very strong service heritage” is quite different to its businesses overseas, Smith said, noting the company's strong product focus in Japan, its defence strength in the UK, and its focus on telecommunications infrastructure in the US market.

That pedigree should help it ramp up its MSS delivery in Australia relatively quickly, Smith said, noting that Fujitsu's extensive domestic cloud capabilities are already operational and ready to support new MSS offerings as well as new infrastructure-as-a-service (IaaS) capabilities such as identity and access management (IAM), managed intrusion protection services (IPS) and security information and event management (SIEM).

Read more: ISACA guides skills-challenged SMBs towards security governance

“I don't like the term 'security as a service',” Smith says, “but there are distinct service offerings that we're looking at where we think we can build a platform within the Fujitsu IaaS service and then outsource it.”

Earlier this month, Fujitsu announced that it would invest $10 million in its Malaga, WA data centre to achieve Uptime Institute Tier IV certification. The company currently operates seven data centres across Australia, including several with formal NABERS energy-efficiency certification, which support long-term contracts such as a long-term support contract with the Department of Defence that was last year extended through 2017 to the tune of $170m; a managed-services deal with Salmat; and a major contract with the Department of Foreign Affairs and Trade (DFAT) for issuing Australian passports.

The ongoing requirement for security within these and other existing contracts will make the transition to external service delivery relatively smooth, Smith added: “We've always seen ourselves as having to deliver within some pretty tight constraints because of the requirements of our security contracts,” he said.

“A lot of the things we do have to be set off for the delivery team, and we've always had a function to internally audit their delivery. This has made for some very interesting conversations in the past.“

Read more: Security Watch: Fujitsu launches Security Services practice

The team’s delivery is compliant with standards such as AS27001 and AS27002 as well as assisting clients to meet the requirements of the government-driven Protective Standards Policy Framework (PSPF), Information Security Manual (ISM), and Australian Privacy Principles (APP).

This article is brought to you by Enex TestLab, content directors for CSO Australia.

Feeling social? Follow us on Twitter and LinkedIn Now!

Join the CSO newsletter!

Error: Please check your email address.

Tags Fujitsu World Tour 2015Brendan SmithAustraliaFujitsu Security Services (FSS)#CSOAustraliaSecurity operations centre (SOC)governmentFujitsuCSO Australiainternal securitymanaged security services (MSS)Cloud

More about BiometricsCSODepartment of DefenceDepartment of Foreign Affairs and TradeEnex TestLabFujitsu AustraliaIPSISMSalmatTwitter

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by David Braue

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts