NTT DATA Global Efforts to Increase Cybersecurity Professionals

NTT DATA is striving to increase the number of cybersecurity professionals globally based on the new global cybersecurity strategy announced in December 2023. As part of this initiative, we developed a cybersecurity talent development program and launched the first global program internally in January 2024. This article outlines the purpose of the cybersecurity talent development program within our company and the process of developing such a program.

Why is a Cybersecurity Talent Development Program Necessary?

In December 2023, NTT DATA announced a new unified global cybersecurity strategy*1. This strategy is aimed at providing end-to-end support for clients in confronting increasingly sophisticated cyber threats to accelerate their business transformation. To achieve this, NTT DATA needs to further enhance its cybersecurity capabilities and expand its expertise across the world.

Considering this situation, NTT DATA has launched a cybersecurity talent development program aimed at developing professionals with advanced incident response capabilities amid a global shortage of cybersecurity human resources. The program specifically aims to:

  • Maintain a pool of cybersecurity professionals needed to provide services to numerous customers
    Amid a global shortage of cybersecurity human resources, we aim to increase cybersecurity professionals through our internal talent development program.
  • Develop global cybersecurity skills essential for unified global service delivery
    We aim to provide a consistent level of security services to our multinational clients, devoid of regional disparities.
  • Increase the retention rate of cybersecurity professionals needed to continuously provide high-quality services
    As part of our cybersecurity talent development program, we aim to improve the retention rate while facilitating communication as a global team by engaging in exchanges between high-skilled professionals.

Overview of Talent Development Program

As shown in Figure 1, NTT DATA's new strategy consists of 4 service types — Consulting Services, Technology Integration, Unified Managed Detection & Response (UMDR), and Crisis Response — along with 15 technology domains such as Security Architectures, Governance, and Infrastructure Security. These service types and technology domains are designed to integrate seamlessly, providing clients with flexible cybersecurity solutions.

Unified Managed Detection and Response (UMDR) is an end-to-end global service that consistently delivers from strategy to security implementation, managed services, and crisis response. This service helps companies facing challenges such as language barriers, cultural differences, regulations, the complexity of security solutions integration and operations, and a shortage of skilled cybersecurity professionals, as they try to enhance security across diverse locations.

Figure 1 NTT DATA's global cybersecurity services portfolio

This talent development program will be based on the content necessary to follow this new strategy. In particular, the UMDR service requires advanced security skills such as prioritizing security alerts, identifying incidents, and collecting evidence in the case of incidents. Therefore, we have defined a talent definition model called Incident Handler, Security Analyst, and Forensic Investigator, which are essential for delivering the UMDR service. We are committed to developing the necessary content tailored to each of these roles.

In addition, we have established skill levels for each training content so that we can provide a program that meets the level and needs of each student. For instance, the Incident Handler course outlines lessons and skill levels as depicted in Figure 2, thus enabling us to provide a targeted training program.

Figure 2 Sample lessons from Incident Handler course syllabus

How to Develop Training Contents

NTT DATA recognizes the urgency of increasing the number of security professionals necessary to provide UMDR services and has started to develop training programs for UMDR services.

Figure 3 shows the process for creating training contents.

Figure 3 The Flow leading to the creation of training program

NTT Data has a large number of security specialists worldwide who provide SOC and CSIRT managed services to clients. Initially, we interviewed these professionals in their actual work and defined the skills required as security specialists to provide UMDR services, formalizing these into requirements. We then categorized these skill requirements into levels from 1 to 4, helping us create clear talent definitions. In addition, we organized the lessons needed to acquire skills in the form of syllabus and prepared the necessary content. As for the training content, we restructured the global standards based on the content that NTT DATA bases had been using to develop local cybersecurity professionals and created our company's original training content by integrating real-world examples drawn from years of practical experience.

First Global Program was launched internally

Based on the preparation described above, NTT DATA rolled out the first global Incident Handler Level3 training program internally in January 2024. This program was specifically intended for security professionals engaged in actual SOC and CSIRT managed services.

Figure 4 Participants of the training program held in January 2024

Several instructors and students from Japan, Europe, and North America region participated in the program.
Professionals, who have been delivering actual SOC/CSIRT managed services to clients hailing from various industries in their respective countries, took on the role of instructor. Meanwhile, selected members from each country joined as students. It is expected that these students will continue to serve as security specialists and take the lead in local talent development.

The program is a blend of self-paced video lessons and interactive sessions. In the interactive sessions, students deepen their understanding through Q&A sessions related to the videos they have studied, supplementary explanations from instructors, and live demonstrations. The aim of the interactive sessions is not only to acquire cybersecurity skills, but also to unify security skills globally, and to stimulate communication between instructors and students. Students who have completed the program can also hold local talent development programs as instructors at NTT DATA local sites. Through this cyclic approach, we aim to promote efficient cybersecurity talent development.


This article highlights NTT DATA's global cybersecurity talent development program. Going forward, we will develop training content for each combination of technology domain and service type represented in the service categories in Figure 1. We will also provide training content on strategies and portfolios that all employees involved in NTT DATA's cybersecurity business should know.

NTT DATA will expand this talent development program across various cybersecurity technology domains, with a view of offering this program to clients in the future. By maintaining a team of high-level cybersecurity professionals, NTT DATA will continue to deliver global security services to our clients.

Yurika Sagawa

Yurika Sagawa

After joining NTT DATA, Yurika worked on the in-house operation of security solutions such as security information and event management (SIEM), user and entity behavior analytics (UEBA), and security orchestration, automation and response (SOAR), and the implementation of security products such as security service edge (SSE) and endpoint detection and response (EDR) to achieve Zero Trust in IT environments. Currently responsible for global strategy and service planning in OT/IIoT security and Automotive security.