NSK enhances security for smooth supply chain operations

Enhancing security management and compliance
Founded in 1916 in Japan, global company NSK has been developing and manufacturing bearings and precision machinery for more than 100 years. It works closely with the automotive industry, supplying manufacturers with a range of bearings to meet their specific requirements.

“NSK plays an important role in the vehicle supply chain. It’s our mission to make sure that customers’ production lines never grind to a halt, and we do that by placing a strong emphasis on cybersecurity”, says Yasushi Kazawa, Group Manager of the Information Security Department, ICT Headquarters at NSK Ltd.

The Information Security Department is responsible for ensuring that NSK follows security and compliance regulations set by overseas automobile associations as well as individual manufacturers.

To meet these requirements, incident response reports need to be provided as evidence that the company is compliant. NSK needed a new SecOps management tool with the functionality to demonstrate compliance without having to create reports manually.

A leading global SecOps and IT service operations solution
NSK adopted ServiceNow Security Operations to strengthen security management. Security Operations enables a dedicated team to identify and eliminate vulnerabilities in enterprise systems while also protecting the environment against a growing number of cyberattacks each year. This is vital to reduce the risk of an attack disrupting business continuity or damaging NSK’s reputation.

Security Operations tracks incident history, such as how vulnerabilities are detected and resolved, and automatically creates a knowledge base. This provides a full history that the company can present to customers to demonstrate compliance with regulations and that it is keeping data secure. This saves the team from having to manually collate reports in response to requests from customers.

“We chose ServiceNow Security Operations over several other solutions because it’s the leading global platform for IT service operations and security”, Kazawa says, “We can also deploy the solution to our overseas offices to streamline security operations across the entire NSK Group”.

Managing growing numbers of incidents and reports
The Information Security Department had established rules and procedures for responding to vulnerabilities and security incidents prior to the introduction of the system. However, as Kazawa recalls: “We were struggling to respond to the volume of incidents, which increased every day”.

Security incident reports from domestic and overseas locations were generated 24/7 by security software alerts, emergency phone calls and emails. Managing this ever-increasing number of reports with a limited headcount was a major challenge for NSK.

“Checking the progress, status and resolution of every incident was a huge task. To make sure that nothing was missed, I considered creating a spreadsheet to record and manage them all, but the volume was just too vast”, says Kazawa.

Risk-based prioritisation of incidents
In October 2020, NSK rolled out the Vulnerability Response feature, followed by Security Incident Response two months later.

Adopting Security Incident Response immediately solved this issue. Staff receive automatic notifications of any incidents from security and monitoring applications. Incidents are tracked in Security Incident Response and assigned an identification number.

SecOps staff can proactively check the incident report and assign each case to the IT team with the identification number, which helps to track the incident through to resolution and makes sure that nothing is missed.

The solution also prioritises responses based on the level of impact the issue would have on the business, so even with a limited team, the company has swift and efficient protection against outages.

“We no longer need to exchange endless emails and it’s much easier to see the status of each incident”, says Kazawa.

Zero major security incidents in FY21
With ServiceNow, the time taken to resolve low- and medium-risk incidents detected in Japan has almost halved. The solution also accumulates a history of responses and incidents as a knowledge base that can be used to standardise operations.

“We can now delegate simple incidents to less-experienced personnel or contractors, reducing the work our highly-skilled SecOps team needs to handle by approximately 80%”, says Kazawa, “This frees them up for higher value work that requires more skills, such as performing a detailed analysis of vulnerabilities and incidents so they can strengthen our management system”.

Security Operations also generates alerts in Japan for vulnerabilities and incidents detected at NSK’s overseas sites. “Our policy is to assume that individual sites haven’t noticed incident alerts, so we request a response to the alerts from our Japanese team by email or other channels”, explains Jiadi Cao, Manager of Security Operations for Overseas Locations, Information Security Department at NSK Ltd, “Once again, we can track the status of these incidents using the identification number to make sure that nothing is missed”.

Reinforcing governance risk compliance
To strengthen its internal security system, the Information Security Department set up a single point of contact for staff to get reports and book a consultation. In September 2022, it launched a dedicated portal for internal security enquiries using ServiceNow functionality.

“Many employees didn’t know who to contact if they receive a suspicious external email or notice irregularities in the system”, says Tatsuya Fujimoto, who works on the Information Security team and was involved in developing the portal, “Now, they have a central portal to simplify submitting enquiries and speed up response times. Staff get faster, more reliable information around security with less effort”.

Going forward, NSK plans to use ServiceNow technology to improve risk management across all areas, not just for security.

“We’re considering rolling out ServiceNow Integrated Risk Management (IRM) for governance, risk and compliance (GRC). This will help to ensure we’re operating in line with the correct rules and policies”, Kazawa concludes, “Building trust with stakeholders is a top priority for us. NSK will be proactively looking at new processes and technologies to adopt to keep our systems secure”.

In the fiscal year 2021, the team eliminated serious security incidents. ServiceNow Security Operations also helped the Information Security Department achieve three of its missions: responding to cybersecurity threats, managing information assets appropriately and gaining the trust of customers, society and affiliated organisations in Japan and overseas.

Download PDF