Service provider Fujitsu Australia will leverage its long-term investment in local cloud-computing capabilities and deeply embedded security skills to build out a local Security Operations Centre (SOC) in support of an aggressive push into Australia's burgeoning managed security services (MSS) that will also leverage the company's domestic cloud capabilities to bring new hosted security services to market.
Announced at the Fujitsu World Tour 2015 conference in Melbourne this week, the repositioning exercise will see the company branding its range of security services – predominantly delivered to the company's largely high-end and government clientele – under a new practice called Fujitsu Security Services (FSS).
FSS will see the company's 47-strong internal security team – based at the SOC in the Sydney suburb of Homebush – engaging with new clients outside the company's traditional scope of works, which has been focused on government and high-end corporate clients.
“We have always had a degree of professional services, but have never taken them to market,” CISO and FSS manager Brendan Smith told CSO Australia.
“We're going to be spending more time going out and delivering security as a distinct service rather than just as a little bit of a contract. Whereas in the past we have been very focused on infrastructure security, now we're doing more of the intelligence side of securit".
The newly empowered security team will also draw on cross-functional capabilities by drawing on the expertise of business units such as Fujitsu's application team and its broad range of products, such as the Palmsecure/Biometrics scanners used in Fujitsu contracts with immigration authorities around the world.
The Australian FSS operation joins similar business units in the US, UK, Ireland and Japanese markets, which have also pushed into the MSS market as part of the company's Global Security Initiative.
Yet Fujitsu Australia's “very strong service heritage” is quite different to its businesses overseas, Smith said, noting the company's strong product focus in Japan, its defence strength in the UK, and its focus on telecommunications infrastructure in the US market.
That pedigree should help it ramp up its MSS delivery in Australia relatively quickly, Smith said, noting that Fujitsu's extensive domestic cloud capabilities are already operational and ready to support new MSS offerings as well as new infrastructure-as-a-service (IaaS) capabilities such as identity and access management (IAM), managed intrusion protection services (IPS) and security information and event management (SIEM).Read more:ISACA guides skills-challenged SMBs towards security governance
“I don't like the term 'security as a service',” Smith says, “but there are distinct service offerings that we're looking at where we think we can build a platform within the Fujitsu IaaS service and then outsource it.”
Earlier this month, Fujitsu announced that it would invest $10 million in its Malaga, WA data centre to achieve Uptime Institute Tier IV certification. The company currently operates seven data centres across Australia, including several with formal NABERS energy-efficiency certification, which support long-term contracts such as a long-term support contract with the Department of Defence that was last year extended through 2017 to the tune of $170m; a managed-services deal with Salmat; and a major contract with the Department of Foreign Affairs and Trade (DFAT) for issuing Australian passports.
The ongoing requirement for security within these and other existing contracts will make the transition to external service delivery relatively smooth, Smith added: “We've always seen ourselves as having to deliver within some pretty tight constraints because of the requirements of our security contracts,” he said.
“A lot of the things we do have to be set off for the delivery team, and we've always had a function to internally audit their delivery. This has made for some very interesting conversations in the past.“Read more:Security Watch: Fujitsu launches Security Services practice
The team’s delivery is compliant with standards such as AS27001 and AS27002 as well as assisting clients to meet the requirements of the government-driven Protective Standards Policy Framework (PSPF), Information Security Manual (ISM), and Australian Privacy Principles (APP).
This article is brought to you by Enex TestLab, content directors for CSO Australia.
- The DARK Web
- Cyber Attacks rising from the ashes of Communism
- Security Watch: HP and FireEye team up for threat detection
- Australia Post, Canadian immigration walk a fine line between data-driven customer service and security, privacy
- Parliament given the go ahead on new piracy law
- The week in security: Building the open-source SOC; 215m Aussie malware hits last year