Cybersecurity
In this digital age, securing systems and organizations is one of the biggest risks facing all businesses. With proven experience and a next-generation cybersecurity portfolio, we are trusted advisors guiding your businesses' secure transformation.
Secure Adaptive Workforce
Cyber threats are increasing in frequency and potency, and organizations need to establish cyber resilience to secure their businesses and customers.
NTT DATA has innovative security experts and cutting-edge technologies at our disposal. We can provide security solutions that align with your business goals and meet your cost and regulatory requirements by leveraging our considerable experience working for clients in all industries. We bring together our strategic network of Security Operations Centers (SOCs) and delivery centers and substantial R&D resources to aid your goals.
Zero Trust: Never trust, always verify
Improve cybersecurity for your Company in the digital age
NTT DATA has built our Adaptive Workforce upon the foundation of Zero Trust architecture.
Zero Trust is a security model based on the principle of “never trust, always verify”. If you want to implement the Zero Trust security model, you’ll need to rethink the way you run your business. You’ll need intelligent processes and modern technologies to rearrange and manage cybersecurity threats in your organization.
Zero Trust enables companies to get rid of tedious and expensive security controls and build a more dynamic and efficient technological platform that is tailored to their customers and business needs.
NTT DATA helps you implement a Zero Trust security model based on proven technologies that are suitable for your company.
Cybersecurity Services
We offer a comprehensive range of services encompassing strategy and technical consulting, security measure implementation, and managed security services.
Our global team of cyber security experts with experience in all industries can help you achieve a secure business transformation.
Governance Risk and Compliance
Understand current risk exposure and impacts of regulatory compliance and ensure security projects and investments are sustainable.
Digital Workplace Security
The nature of work has changed, and the modern enterprise collaborates with business partners and customers, alongside IoT and AI to empower the adaptive enterprise. NTT DATA empowers your organization to be able to work securely from anywhere and on any device.
Intelligent Network Security
Design processes and leverage services and technology to improve your security posture for your network.
Cloud Security
Leverage security frameworks, data protection, and security infrastructure for success — no matter where you are on your cloud journey.
Identity & Access Management
Secure business transformation through digital identity management and ensure your people have appropriate access to resources.
Application Security
Combine elements of application testing and technical consulting to improve the maturity of your software development lifecycle and improve your application security posture.
Data Security
Prevent data leakage, gain unprecedented visibility and protect sensitive information from falling into the wrong hands.
Managed Detection and Response
Secure your enterprise with our modern security operations center capabilities that is focused on quickly detecting, investigating and actively mitigating incidents.
Cybersecurity Expertise
Number of cybersecurity professionals
5,500+
NTT DATA currently employs more than 5,500 security professionals highly specialized in various industries and technologies around the world.
Number of security services clients served / year
290+
NTT DATA delivers a comprehensive range of services encompassing strategy and technical consulting, security measure implementation, and managed security services to clients globally.
Number of Security Operations Centers (SOCs)
8
Security Operations Centers in strategic locations so NTT DATA can solution to meet cost and regulatory compliance requirements.
Managed Security Services
Global healthcare solutions company that incorporates product manufacturing, distribution support, and innovative technology services. FORTUNE 500 company with operations located across North America, Asia, Europe, and Latin America with 15,000 employees.
- Business need:
-
- - Consolidate multiple Business Unit’s into one secure infrastructure
- - Business Partner who is not just an “Order Taker”
- - Complex enterprise operating?environments, different process, capability & taxonomy
- - Different security solutions within Business Units
- - Reduction in circuit costs, software and hardware licenses and support
- Solution:
-
- - Reviewed list of solutions and recommended tool consolidation or transformation to next generation solutions such as SASE
- - Provided Information Security Manager to provide Service Delivery Management, contract governance and thought leadership
- - Migrated current infrastructure to Hybrid Cloud
- - Reviewed current processes and improved and expanded capabilities at a lower cost
- - Solutions include IAM, SOC/SIEM, Threat Hunting, Incident Response, Vulnerability Management, Key Management, Azure AD, SSO, MFA, Cert Management, EDR, PAM, WAF, Next Gen Firewalls, VPN, SASE and UAA
- Outcomes:
-
- - Significant savings in reduction of circuit costs with implementation of SDWAN/SASE
- - Cost reduction by tool consolidation
- - Next Generation solutions/improved security posture
- - Improved Support Model
- - Thought Leadership and Innovation
- - Service Level Improvements
- - Operational Improvement
- - Improved Incident Handling and Response
Customer Identity and Access Management Solution for Banking Services
Leading Italian banking group with approximately 25,000 employees and 5,000,000 retail customers. Implementation of SCA, 3DS, SCA functionalities through the adoption of commercial security solutions
- Business need:
-
- - Enable customers access control infrastructure in compliance with the PSD2 directive and other compliance requirements
- - Support and protect credit cards payment mechanisms (3DS and 3DS2)
- - Introduce Strong Customer Authentication (SCA) and Dynamic Linking mechanisms for transactions
- - Support more than one SCA methodology including Fallback solutions
- - Increase security levels by replacing custom components with market solutions
- - Make the solution easily scalable in order to handle a growing workload.
- - Migration from the current custom solution to the identified solution
- Solution:
-
- - Implementation of the new access control infrastructure and Strong Customer Authentication solution. Modification of the new onboarding processes of the new infrastructure.
- - Use of ForgeRock Access Manager to handle access control and of Entrust IdentityGuard for SCA
- - Introduction of the Dynamic Linking feature on all devices
- - Risk-based authentication: Integration with the anti-fraud engine both during the authentication (login) and authorization phases (including handling of additional authentication factors if needed)
- - Introduction of standard protocols such as OpenID and SAML
- Outcomes:
-
- - Decrease of login time with a 5:1 ratio between custom and commercial product.
- - Increase of security and decrease of operating costs through the adoption of market solutions.
- - Simplification of patch management processes
- - Decrease of go-to-market times for access control and authentication features
- - Fulfillment of compliance and auditing functionalities already considered for commercial products
Network Visibility and Threat Detection in OT
Leading chemical and pharma company based in Germany. It operates about 60 production sites globally for pharma and crop science and has more than 99,000 employees
- Business need:
-
- - Significant increase of cyber attacks
- - Regularity requirements as part of European critical infrastructure
- - Business requirement to improve the visibility and transparency of the complex Operational Technology (OT) environment
- - Regulatory requirement to improve security of pharma production sites.
- - Strategic goal of extending Industry 4.0 architectures and resulting increase in cybersecurity risks
- - Different OT technologies in different countries
- - Lack of security know-how in factories.
- - No global OT security alignment
- Solution:
-
- - Global rollout of OT threat detection solution including: Architecture, Site preparation, Shipping support incl. tax handling, Local installation and configuration, Alert tuning, Local training of sites, SOC connectivity
- - Global collaboration of NTT DATA’s OT security teams
- - Local support in more than 20 countries
- - Asset discovery, risk assessment, vulnerability assessment for the production site
- - Analysis of traffic flow
- - Connectivity to customers SOC and implementation of OT SOC processes
- Outcomes:
-
- - NTT DATA finished global rollout of OT threat detection and visibility solution
- - Complete Assets inventory (Visibility) in OT of all production sites
- - OT Threat Detection incl. SOC alerting up and running
- - Operational SOC services for all OT sites.
- - OT Security improvements
- - Technical risk assessment
- - Risk mitigation strategy
- - Fulfilment of regulatory requirements
Design and implementation of Vehicle Security Operation Center, V-SOC
Our customer is one of the largest suppliers of premium and luxury cars and one of the world's largest commercial vehicle manufacturers. They offer financing, leasing, fleet management, investments, insurance brokerage and innovative mobility services.
- Business need:
-
- - The establishment of a V-SOC to monitor vehicle fleets against potential hacker attacks.
- - In order to properly receive data from the vehicle and take into account the data protection requirements of customers (ex. anonymization), a micro-service must be developed to "translate" data.
- - In order to also be able to reverse anonymized data in the event of a real attack.
- Solution:
-
- - Design and implementation of a V-SOC for the client:
- - Implementation of on-board IDS systems.
- - Creation of processes, runbooks, etc. to respond to incidents in the SOC.
- - Definition of threat intelligence for early threat detection.
- - Development of a hash function for the anonymization and de-anonymization of data.
- - Development of functions for translating in-car data into a readable human and SIEM-readable format
- Outcomes:
-
- - Attacks on vehicles are detected at an early stage and can be stopped.
- - Protection against fleet attacks with high financial damage and reputational damage.
- - Prehensive detection of vulnerabilities leads to more efficient remediation.
- - Data protection requirements are taken into account.
- - Cryptic CAN data is easy for humans to read.
- - Lean Micro-Service solution is cost and maintenance efficient.
Workforce Identity & Access Management Solution for Banking Services
Implementation of Identity Governance, Web Access, PAM, and Strong Authentication through the adoption of commercial security solutions for a leading Italian banking group with approximately 25,000 employees.
- Business need:
-
- - Audit compliance and comply with the European Banking Authority (EBA) guidelines and internal regulations.
- - Automation of assigning user entitlements.
- - Migration from the current custom solution to the identified solution.
- - SSO and access control to simplify user access.
- - Apply strong authentication on all external perimeters during the pandemic.
- - Introduce a PAM solution for all the administrators and critical platforms.
- Solution:
-
- - Enabling Identity Governance on all target systems in the infrastructure with connected (80) and disconnected (300) target systems. Enable RBAC process (4000 automatic rules) with Oracle Identity Governance
- - Implementation of a Workforce Access Management for employees based on ForgeRock Access Manager
- - Implementing strong authentication with Entrust IdentityGuard for all external perimeters and access to PCs and mobiles
- - Implement a PAM solution for all administrators, RPA users, and system accounts based on CyberArk to manage privileged access to the entire infrastructure
- Outcomes:
-
- - Enable full governance of users, entitlements, and roles
- - Using Web SSO (with only 1 account) for all users from Internet and Intranet to access all applications including branch applications
- - Review of all business processes related to identity and access management
- - Fulfilment of compliance and auditing requirements with functionalities included in selected products
- - Increased security and subsequent reduction of operational costs through the adoption of leading IAM solutions
Success stories
UNECE R156 Consulting, Process Design and Implementation
Customer is a European commercial vehicle manufacturer for heavy duty and medium commercial vehicle classes, as well as for buses. In addition, the company produces and sells engines, both for vehicles, but also for generators or maritime propulsion systems.
- Business need:
-
Customer needs to follow and get certified in UNECE Regulation(R156) regarding SUMS(Software Update Management System), to be able to sell cars from 07/24 onwards.
Therefore, the customer was supported by NTTDATA to provide a gap analysis from its current to the desired target state, to define, design and implement the target processes, roles and methodologies and perform the audit. Goal is to be compliant with the regulations and pass the audit. - Solution:
-
- - Assess current processes, roles, methods, tools used by the customer
- - Alignment against regulatory requirements
- - Identification of gaps and proposal of countermeasures to close these
- - Design and define processes, roles and tools needed for regulatory compliance
- - Implementation of processes
- - Support customer in technical audit
- Outcomes:
-
- - Fast and detailed overview of gaps in organizational process landscape
- - Roadmap to bring process landscape to audit maturity
- - State-of-the-art know-how of how to define and design compliance processes, roles and methods
Bayer brings its manufacturing operations' OT security up to date
In collaboration with Bayer AG, we enhance cybersecurity for their global Pharmaceuticals Division's complex operational technology (OT) environment. Using Guardian appliances and Central Management Console from Nozomi Networks, our experts boosted asset visibility and protected critical infrastructure. We expanded asset availability across 15 major sites in globally.
READ MORE
Workforce Identity & Access Management Solution for Banking Services
Implementation of Identity Governance, Web Access, PAM, and Strong Authentication through the adoption of commercial security solutions for a leading Italian banking group with approximately 25,000 employees.
READ MORE
UNECE R156 Consulting, Process Design and Implementation
Customer is a European commercial vehicle manufacturer for heavy duty and medium commercial vehicle classes, as well as for buses. In addition, the company produces and sells engines, both for vehicles, but also for generators or maritime propulsion systems.
READ MORE
Design and implementation of Vehicle Security Operation Center, V-SOC
Our customer is one of the largest suppliers of premium and luxury cars and one of the world's largest commercial vehicle manufacturers. They offer financing, leasing, fleet management, investments, insurance brokerage and innovative mobility services.
READ MORE
For an International automobile manufacturer, design and delivery of a solution for Plant Security
One of the largest Japan's automobile manufacturer with about 1,000 subsidiary companies and affiliates involved in the production of automobiles, automobile parts, and commercial and industrial vehicles.
READ MORE
Cloud Security Migration
North American FORTUNE 200 company that is one of the world's largest consumer products companies. It operates worldwide and is supported by an employee base of approximately 7,000 employees.
READ MORE
Managed Security Services
Global healthcare solutions company that incorporates product manufacturing, distribution support, and innovative technology services. FORTUNE 500 company with operations located across North America, Asia, Europe, and Latin America with 15,000 employees.
READ MORE
Customer Identity and Access Management Solution for Banking Services
Leading Italian banking group with approximately 25,000 employees and 5,000,000 retail customers. Implementation of SCA, 3DS, SCA functionalities through the adoption of commercial security solutions
READ MORE
Network Visibility and Threat Detection in OT
Leading chemical and pharma company based in Germany. It operates about 60 production sites globally for pharma and crop science and has more than 99,000 employees
READ MORE
MORE
Cloud Security Migration
North American FORTUNE 200 company that is one of the world’s largest consumer products companies. It operates worldwide and is supported by an employee base of approximately 7,000 employees.
- Business need:
-
- - Securely architected Azure Cloud instance
- - Migration to the Cloud
- - Accommodation of Client’s architecture and core technologies to enable Client’s Cloud strategies, agile adoption, and?automation focus, while complying with Client’s security, risk management, and governance policies.
- - Cloud Security Managed Services
- Solution:
-
- - NTT DATA provided Architecture design of secure Azure Cloud
- - Securely configured and implemented new Azure Cloud instance for Client.
- - Providing Cloud Managed Services including Security Managed Services
- - Cloud Security Managed Services include Azure AD, Key Vault, Secure Configurations, Microsoft Defender for End Point, Microsoft Defender for Cloud, Container Security/Encryption, Managed Firewalls, VPN, Compliance and Remediation, Network Access Control
- - In the process of deploying Microsoft Defender for Identity
- - Implemented best practices to optimize SOP
- - Providing Security Architecture Services
- Outcomes:
-
- - Automate remediation/self-healing
- - Service Level Improvements
- - Shift left/improve resolution timeframes
- - Decrease support costs and helpdesk tickets
- - Next Generation solutions/improved security posture
- - Support model optimization
- - Scalable growth
- - Protection of hybrid environment
- - Thought leadership and innovation through continuous improvement process
- - Reduction/Prevention of Shadow IT
Videos
V-SOC – Effectively and efficiently, protect networked vehicles against cyber attacks(2:40)
Global Partner Ecosystem
Cybersecurity Community Involvement
ISACA values NTT DATA’s work within the cybersecurity community. NTT DATA’s support for talent enablement and diversity in cybersecurity education/careers through OneInTech helps us prepare the generation of today for the problems of tomorrow.
Working groups are the foundation of the way that we solve cybersecurity challenges. The research from NTT DATA, Marymount University and CSA enriches our understanding of the existing landscape of risks, defenses, attacks, and adversaries. CSA values the partnership, research and contributions by NTT DATA to the community on cloud security.
Jim Reavis, co-founder and CEO, Cloud Security Alliance
The collaboration between Marymount researchers, NTT R&D and NTT DATA has helped push the boundaries of our capability to detect, protect and respond to cyberattacks in the new digital enterprise. Marymount University appreciates working together with NTT DATA in partnership to build a better, more secure world
Diane R Murphy, PhD
Director, School of Technology and Innovation
Blogs
You can only protect what you know - The importance of OT environment visualization
READ MORE
How to Adopt Modern IDS and VSOC for Your Vehicle’s Security
READ MORE
VSOC Is the New Safety Gear for You and Your Vehicles
READ MORE
The Human Side of Risk
READ MORE
Strengthening Security Programs Through a Human-Centric Focus
READ MORE
MORE
Quarterly Report on Global Security Trends
This report is the result of surveys and analysis by NTTDATA-CERT on quarterly global trends from its own perspective based on cybersecurity-related information collected during the period.
- 2022
- 2021
- 2020
- 2019
- 2018
-
- Quarterly Report on Global Security Trends (4th Quarter of 2018)(PDF:2.2MB)
- Quarterly Report on Global Security Trends (3rd Quarter of 2018)(PDF:3.0MB)
- Quarterly Report on Global Security Trends (2Q/FY2018)(PDF:1.8MB)
- NTTDATA-CERT Global Security Quarterly Report: April - June 2018(PDF:1.4MB)
- NTTDATA-CERT Global Security Quarterly Report:January - March 2018(PDF:1.1MB)
- - 2017
-
- NTTDATA-CERT Global Security Trend Quarterly Report: October - December 2017(PDF:1.0MB)
- NTTDATA-CERT Global Security Quarterly Report: July - September 2017(PDF:1.1MB)
- Information Security Report 2016(PDF:2.3MB)
- Information Security Report 2014(PDF:14.9MB)
- Information Security Report 2012(PDF:9.9MB)
News Release
-
July 24, 2023
-
April 19, 2023
Technology Focus Areas
- Cloud
- Cybersecurity
- Data & Intelligence
- Salesforce
- SAP
- ServiceNow®
- Application Development & Management
- Introducing NTT DATA's technologies to help clients achieve business transformation
- NTT DATA's Technology
For an International automobile manufacturer, design and delivery of a solution for Plant Security
One of the largest Japan’s automobile manufacturer with about 1,000 subsidiary companies and affiliates involved in the production of automobiles, automobile parts, and commercial and industrial vehicles.
- Business need:
-
- - Focus on the design, implementation and operation of cyber security controls for the European plants.
- - Security Maturity Assessment of 8 plants across Europe.
- - Analysis of cybersecurity impacts on human lives, operations and product quality.
- - Define policies and management procedures for Asset Management.
- - Define roles and responsibilities for operations activities.
- - Design the architecture to allow secure remote access support.
- - Define monitoring perimeter and OT Detection solution.
- - Implementation of Incident Management practices.
- Solution:
-
- - NTT DATA has gathered an international team with specialists from various European countries to meet the customer's needs which Italy plays a key role.
- - Highly challenging project demanded multidisciplinary skills involving the fields of industrial automation, safety and security.
- - NTT DATA accredited as a company capable of covering the gap between business needs and production aspects.
- - Demonstrated in-depth knowledge of industry security standards, specifically ISA/IEC 62443 and NIST 800-82r2.
- Outcomes:
-
- - Enable transformative Industry 4.0 innovation technologies to increase productivity and operational efficiency in a secure manner.
- - Enable a secure integration between OT and IT systems (Manufacturing Execution System and Enterprise Resource planning).
- - Better understanding of the causes that can lead to a disruption and its possible impacts.
- - Accurate, centralized and automatically updated inventory of company assets.
- - Proactive cyber risk detection and effective incident response.
- - Secure remote working with managed and monitored infrastructure access.