Information Security Bulletin

Strengthening China's IT Security

17 May 12:59

CPCNet, a wholly owned subsidiary of CITIC Pacific, and Cybertrust have unveiled plans to offer an Integrated Suite of Information Security Services to companies operating in Greater China. Grouped under the name TrustCSI the new services will be driven out of a Security Operations Centre (SOC) in Hong Kong that will open at the end of June.

TrustCSI will enable companies to address the security challenges they face in Greater China, and particularly within the People's Republic of China (PRC), where the current IT security levels often most need to be improved. Through a broad range of TrustCSI solutions flexible enough to meet the varying needs of different types of organizations, customers will benefit from 24 by 7 device monitoring and threat tracking, security analysis, reporting and compliance.

According to a survey carried out by Information Week Research and Accenture, Chinese companies suffer more viruses, worms, denial-of-service attacks, and identity thefts than their U.S. counterparts. These companies also face this onslaught of attacks on limited budgets with fewer protections in place.

The TrustCSI SOC is being built in collaboration with Cybertrust on top of CPCNet's carrier-grade Network Operations Centre (NOC) and fully leverages Cybertrust's global security expertise and intelligence. Cybertrust is training staff and creating the necessary policies, procedures and processes to ensure service delivery to high quality and world-class standards. CPCNet will manage the new SOC and provide first-line TrustCSI customer support, with Cybertrust providing back-end support. TrustCSI is vendor and technology neutral, meaning the services can be adapted to support any type of IT infrastructure.

The results of a recent IDC survey conducted in PRC showed that attitudes to security in large enterprises is maturing and they are taking practical approaches when making IT security investments. 46.7 per cent of the respondents have implemented some form of IT security at the operational level and 15 per cent of the respondents view IT security as a strategic business issue. The ratio of investments in IT security services to products in China is around 1:9 compared to the worldwide norm, which is typically close to 1:1.

The TrustCSI portfolio is made up of sets of service elements: Compliance Management Services (Trust-C) Managed Security Services (Trust-S) and Forensic Investigation Services (Trust-I). Together these enable customers to gain visibility and control of their information security risks.

Trust-C services enables organizations to address, measure and demonstrate compliance with most government regulations, industry standards and directives including Basel II, BS7799/ISO27001, European Union Data Protection Directive (EUDPD), Sarbanes-Oxley, Health Insurance Portability and Accountability Act (HIPAA), Payment Card Industry (PCI) Data Security Standard, SAFE, Gramm-Leach-Bliley, corporate governance and others.

Trust-S services encompass monitoring and management of security devices and applications, including firewalls, routers, VPN servers, proxy servers, anti-virus systems and intrusion detection and prevention systems.

Trust-I services help minimize loss due to security breaches by proactively applying a proven methodology for incident and forensics, helping companies quickly regain control of their IT assets.

CPCNet's SOC composed of Cybertrust's SEAM (State and Event Analysis Machine) technology collects, processes and analyzes millions of events, highlighting only those that may pose a security risk. SEAM, delivered via Cybertrust's majority owned subsidiary Ubizen, allows CPCNet's security analysts to take corrective action before an attack can cause damage to customers' business systems. Through the on-line dashboard, customers get a real-time view of their security posture and the effectiveness of security devices at every level - from the big-picture view all the way down to the details of an individual security incident.

[This is an initiative which must be welcomed. It will hopefully succeed in raising infosec awareness in China, the largest "supplier" of zombie attack machines in the world. --Ed].

Related links: (Open in a new window.)
www.cybertrust.com
www.CPCNet.com

View printable version (opens in new window)
Back

Search ISB News:

Not yet sure you want to subscribe? Download a free sample copy!

Download the much quoted October Editorial

Portal Frontpage
Web Editorial
About This Portal
Contact Info

IS Alerts
General News
Product News
Vendor News
People News
Literature
Events
CHI News

Subscribe Online
About ISB
Publishing in ISB
Advertising in ISB
PR Information

In the current issue:

Security Management
The Importance of Adaptability
Steve Purser

From the Trenches
Reversing Perimeter Defences – a Case Study
Søren Maigaard

Security Architectures
The Self Defending Network: New Trends In ICT Security Infrastructures
Drs. Ing. René Pluis

Subscribe Online!