Professional Documents
Culture Documents
ProjectReport SecurityStrategyPlanning 0324
ProjectReport SecurityStrategyPlanning 0324
【 Project Report 】
Security Strategy Planning
2021.3.24
ESM Chihiro, Otsu
Agenda Enterprise Information Solu
5. Summary
2/ n
Agenda Enterprise Information Solu
5. Summary
3/ n
Global Security Enhancement Enterprise Information Solu
( NTKAO) Security
Critical CR
Investigati
on
( COS ) ADH/
* ADH/PAW is the enhancement of NTKAO domain controller
Medium/ PAW*
Low
Phase 3
Global
Security
Deployment of security enhancement
Assessment
Global
Global IP address Diagnosis
Phase 1 : Security Investigation Phase 2 : Global Security Assessment Phase 3 : Deployment of Security
( COS ) for Japan/Asia Confirm the current security level and Enhancement
Using Cybersecurity Operation create “Security Strategy Planning” to Deploy security enhancement based
Serivce(COS) tool to identify and 2025 on the Security Strategy Planning
analyze the current threats
Complete Complete
4/ n
Global Security Enhancement Enterprise Information Solu
( NTKAO) Security
Critical CR
Investigati
on
( COS ) ADH/
* ADH/PAW is the enhancement of NTKAO domain controller
Medium/ PAW*
Low
Phase 3
Global
Security
Assessment
Today
Deployment of security enhancement
Global
Global IP address Diagnosis
Phase 1 : Security Investigation Phase 2 : Global Security Assessment Phase 3 : Deployment of Security
( COS ) for Japan/Asia Confirm the current security level and Enhancement
Using Cybersecurity Operation create “Security Strategy Planning” to Deploy security enhancement based
Serivce(COS) tool to identify and 2025 on the Security Strategy Planning
analyze the current threats
Complete Complete
5/ n
Agenda Enterprise Information Solu
5. Summary
6/ n
Global Security Assessment Enterprise Information Solu
Incident
Strategy organization Technical Response
7/ n
Assessment results Enterprise Information Solu
Co un te rme s u re c o ve r le ve l(%) 201 7 IT s e c urity
Co mpa ny Ra nk S c o re
Ide ntify Pro te c t De te c t Re s po n s e Re c o ve ry As s e s s e mn t
P T Ka o In don e s ia 951 98 91 97 96 100 81 (4t h ) Very high level
Ka ne bo Cos m e t ics Rus LLC 870 100 85 86 100 100 N/ A (Above "770", average of major companies*1)
Ka o S p e cia lt ie s Am e rica s LLC 817 44 48 30 53 50 72 (11t h )
KP SS Ta iwa n Lt d . 797 94 79 86 93 100 22 (2 1th ) There is room for sophistication
P ilipina s Ka o, Inc. 755 75 76 58 50 50 81 (3rd ) (Above "509“, average of Manufacturing*2 )
Qu imi- Ka o S.A. d e C.V. 743 68 71 91 87 100 61 (18t h )
KAO CHIMIGRAF, SOCIEDAD LIMITADA 739 77 69 27 50 50 69 (12t h ) Measures required
Ka o Che m ica ls Gm bH 738 77 74 58 46 50 85 (1 位) (Below “509“, average of Manufacturing*2 )
Ka ne bo Cos m e t ics Ita ly S .p.A 736 93 71 38 21 0 N/ A
Ka o (Ma la ys ia ) S d n. Bh d. 730 70 76 50 87 100 64 (15t h )
Ka o (Ta iwa n ) Corp ora tion 724 94 78 38 84 100 67 (13t h ) *1: Sales of 1 trillion yen or more, more than
Ka o Corp ora t ion 721 68 70 52 50 50 76 (9t h ) 10,000 employees, excluding the financial
P T Ka o In don e s ia Ch e mica ls 692 81 74 61 53 50 84 (2n d ) industry
Ka ne bo Cos m e t ics Korea Co., Lt d. 678 65 60 77 84 100 44 (2 0th ) *2: About 1,600 companies data from Secure
Ka o USA In c. 668 63 65 55 56 50 N/ A Sketch
Ka o S in ga pore P riva t e Limit e d - Con s um e r 649 68 70 30 78 100 80 (6t h )
Ka o Vie t n a m Co., Lt d. 615 55 62 36 50 50 61 (17t h )
Ka o In du s t ria l (Th a ila n d) Co.,Lt d. 581 37 42 61 53 50 61 (16t h )
Ka o Collins Inc. 581 58 62 41 53 50 75 (10t h ) Companies that conducted individual
Ka ne bo Cos m e t ics De ut s chla nd Gmb H 580 63 61 41 12 0 N/ A follow-up on IT assessment results
Ka o d o Bra s il Re p re s e nt a ca o Com e rcia l Lt da . 561 24 50 75 50 50 N/ A conducted in 2017 have shown the
Ka ne bo Cos m e t ics (Eu rope ) Lt d. 560 55 53 52 46 50 N/ A effectiveness of the measures
Ka o (Hon g Kong) Lim it e d 522 22 47 44 12 0 76 (8t h )
Ka o (Chin a ) Hold in g Co., Lt d . 505 32 47 33 40 50 66 (14t h ) 2018: KPSS Taiwan Infrastructure Re-
Ka o Corp ora t ion S.A. 499 44 48 30 53 50 7 7 (7th ) development
Paris La b 446 46 43 22 9 0 N/ A
2019: KC Korea Domain Integration
KPS S Ho n g Kon g Ltd . 437 34 39 25 3 0 54 (19t h )
Wa s hing S ys te m s Inte rme diate Holding s , In c . 437 31 53 16 12 0 N/ A
Fa t ty Ch e m ica l (Ma la ys ia ) Sdn . Bh d. 375 39 35 16 9 0 8 0 (5th )
Equipe UK 365 22 39 22 43 50 N/ A
a ve 63 6 60 61 48 51 52
Kao's overall average score of "636" is above the manufacturing average of "509", but below the major corporation average "770".
There are 7 “rank C” sites and 4 sites are the new companies. 8/ n
Analysis Result Enterprise Information Solu
Methods
Method (1) Strengthening security governance (responding to issues (1) to (3))
Review of security policies and check systems to raise the level of security measures for the Kao Group as a whole
Security It is necessary to establish a process for identifying and correcting system vulnerabilities (weaknesses), employee education, etc.
Strategy
Method (2) Countermeasures against ‘highly sophisticated cyber attacks ' with new security technologies (response to issues (4))
Planning Implement new security technologies by enhancing unknown malware protection, account management, and enhancing the mechanism for
detecting attacks
Need to take care of risks such as improving remote access environments, abuse/unsafe use of cloud services, and direct access to the
Internet in a changing environment
9/ n
Agenda Enterprise Information Solu
5. Summary
10/ n
The way of thinking about Security Strategy Planning Enterprise Information Solu
Security
Cyber Information
Assets Incident
Attack (Business Loss)
Identify Protect Detect Response & Recovery
Spoofing / Injection Risk assessment to avoid Access control and training Monitoring and detect events Analysis, Improvements, Data leakage /
business impacts and return to normal Business suspension
Operations logs Penetration Antivirus
management testing software Bastion
EDR
Method 2: Countermeasures against highly sophisticated cyber attacks
IR training
Network (CASB) VPN VDI Zero trust web security (SWG)
Security
Cyber Information
Assets Incident
Attack (Business Loss)
Identify Protect Detect Response & Recovery
Spoofing / Injection Risk assessment to avoid Access control and training Monitoring and detect events Analysis, Improvements, Data leakage /
business impacts and return to normal Business suspension
Operations logs Penetration Antivirus Graph legend
management testing software Bastion
EDR
IR training
Network (CASB) VPN VDI Zero trust web security (SWG) Done by 2025
12/ n
Zero Trust Rollout Plan Enterprise Information Solu
Security
Cyber Information
Assets Incident
Attack (Business Loss)
Identify Protect Detect Response & Recovery
Spoofing / Injection Risk assessment to avoid Access control and training Monitoring and detect events Analysis, Improvements, Data leakage /
business impacts and return to normal Business suspension
Operations logs Penetration Antivirus STEP3: Graph legend
management testing software Bastion
Deploy
EDR
Cloud STEP3:
access control
Proxy Email Security Enhancement(DMARC) ZeroSOCTrust Done by 2023
High:
IR training
Network Deploy(CASB)
Zero Trust VPN VDI Zero trust web security (SWG) infrastructure Done by 2025
Solutions : TBD
Remote access for external By accessing a virtual environment without having to take Kao’s standard computers to
partners external party’s environment, prevents data leakage. Japan Domestic 1Q 2021
【 Defense 】 (Virtual Desktop external partner (Done)
Preventing a threat Infrastructure) Solution(FIXED): Windows Virtual Desktop /Microsoft
from becoming a Implement functions that prevent virus infection when accessed via the Internet at home as
Group companies
real accident Improvement of well as in the office.
in Japan 2Q 2021
Symantec's function
(Domestic only)
Solution: TBD
EDR detects intrusions and respond quickly by AI tools etc. and reduce the spread of infection.
【 Recovery 】 Malware detection and Minimize post-infection damage and establish a system that can respond quickly. All Group
Recovering from a Prevention of the spread of Solutions (Under Discussion): Companies
15 n
2Q 2021/
Security PDCA Cycle Until December 31, 9
Enterprise Information Solu
SecureSketCH SecureSketCH
1月 2月 3月 4月 5月 6月
【 C 】 Check:Vulnerability Diagnosis
Scan Scan
5. Summary
17/ n
The requests for IT Manager Until December 31, 9
Enterprise Information Solu
Request
There are some local challenges not include global security countermeasures.
I will share the feedback report for each sites, please consider the countermeasures depends
on priorities.
Global challenges
Assessment Challenges Global Security Countermeasures
Local challenges
Local Security Countermeasures Priority
“Top”
Priority “Hight”
18/ n
Sample of the feedback report Until December 31, 9
Enterprise Information Solu
19/ n
Sample of the feedback report Until December 31, 9
Enterprise Information Solu
20/ n
Security enhance of VPN Until December 31, 9
Enterprise Information Solu
09-7. If remote access is allowed from the outside to the inside of the company, collect security patch information for terminators that
accept remote access and apply the patch at the latest within one month after release.
Answer Counts of branch Name of branch
Kao (Taiwan) Corporation
Kao Singapore Private Limited - Consumer
Kao (Malaysia) Sdn. Bhd.
Kao (China) Holding Co., Ltd.
Kao Corporation S.A.
Conducted 10 Kanebo Cosmetics Deutschland GmbH
Kanebo Cosmetics Italy S.p.A
Kanebo Cosmetics Rus LLC
Quimi-Kao S.A. de C.V.
Kao Specialties Americas LLC
Kao Corporation There’s a risk to having some
Fatty Chemical (Malaysia) Sdn. Bhd. vulnerabilities in VPN
Kao Vietnam Co., Ltd.
Kao do Brasil Representacao Comercial Ltda.
Kao Chemicals GmbH
Partially conducted 11 KPSS Hong Kong Ltd.
KPSS Taiwan Ltd.
Kao USA Inc.
Kao Collins Inc.
Washing Systems Intermediate Holdings, Inc.
KAO CHIMIGRAF, SOCIEDAD LIMITADA
Kao Industrial (Thailand) Co.,Ltd.
Kao (Hong Kong) Limited
Pilipinas Kao, Inc.
Not conducted 6 PT Kao Indonesia Chemicals
Kanebo Cosmetics (Europe) Ltd.
EquipeUK
21/ n
Security enhance of VPN Until December 31, 9
Enterprise Information Solu
12-8.If remote access from the outside to the inside of the company is permitted, introduce multi-factor authentication for remote access.
Requests
1.Regular patching of VPN products ⇒ not make vulnerabilities
Collect vulnerability information and apply patches regularly
2. Introducing multi-factor authentication for VPN ⇒ not allow access impersonation
Add element to authentication, not allow to login only passwords
23/ n
Sample of the feedback report Until December 31, 9
Enterprise Information Solu
24/ n
Procedures for reference of best practice Enterprise Information Solu
1. 3.
2. 4.
SecureSketCH
https://app.secure-sketch.com/users/sign_in
25/ n
Agenda Enterprise Information Solu
5. Summary
26/ 178
Each companies voice Until December 31, 9
Enterprise Information Solu
Q: What do you consider to be a security risk? (Optional answer)
- Ransomeware Risks to merging chemical and consumer product companies into a
single domain with disjointed support, security, and processes.
- User and password not two factor authentication Unmanaged cloud applications (shadow IT).
Kao Thailand - Information leak to outside
The risk of Work from home.
- Disaster recovery plan
Additional privacy and compliance requirements of tools and
- Give security knowledge to end users applications for Germany.
1. IDS /IPS KAO US
Need to invest to keep up with early detection and monitor tools.
Kao Taiwan 2.EDR Harden defenses continually. SOC service or people to monitor and
3. Database and file encryption take action. Global SOC NOC to protect all Kao companies in
KPSS Taiwan Internet, web site, data copy, USB a consistent process with the same tools.
Kao Singapore BYOD A global security strategy.
Covid19 make half of employee use notebooks, we need to upgrade - Cyber attacks in the operational systems (OT Systems, FA
Kao Indonesia
notebook to have bitlocker function
KCSA networks)- Increase of cyber attacks during the pandemic due to
remote work (people working from home)
Kao Malaysia New viruses or new Ransomware where there is still don't have
- Data leak
the remedy for it. Home office firewall and switches that are end of life. Budgeting for
replacement in 2021.
Information is an asset. Any IT Assets/Device that have the capability to WSI Potential for loss of company information through the use of
KIC
receiving or sending information are vulnerable. unmanaged cloud apps.
- in the future, own annual PEN test; we are currently planning a proxy
company data possible to share out without awareness .
FCM KC Germany server; we are currently planning to expand IT monitoring to detect
Internet and email access expose to vulnerability attack. attacks.
File server can be sharing, copy, upload to other website,..
専門的な知識も持ち合わせていない中でセキュリティを強化していくためには、 フォーマット
Kao Vietnam Users are not being trained well about security and can be Equipe UK 化されたプロセスがシェアーされ、それに従ってワークしていくこと で、問題が
attacked. 一つづつクリアーしていけるようになると有難いと思います。
KC Korea We have no idea
The idea of improving security is the same,Kao
butbrasil
theincrease
way ofofsecurity
thinking
incidentsis
duedifferent
to people working from home
27/ n
How to think about security in the future Until December 31, 9
Enterprise Information Solu
Goal
Email
Nothing.
Security!
No problem!
Remote Cloud
Work is dangerous! Thorough management!
Virus
Infection control!
Don't understand..
28/ n
Global Security Enhancement 追加
Enterprise Information Solu
30/ n
Enterprise Information Solu
特定 防御 検知 復旧
31/ n