Top of Page

Links to move inside this page.
  1. HOME
  2. About IIJ
  3. News / CSR
  4. Press Releases
  5. 2021
  6. IIJ Opens IIJ Security Training School, Unique Education Program to Nurture Security Specialists

IIJ Opens IIJ Security Training School, Unique Education Program to Nurture Security Specialists

Providing a practical program based on knowledge accumulated through own security service operation and incident handling

December 20, 2021
Internet Initiative Japan Inc.

PDF [575KB]PDF / Japanese

TOKYO - December 20, 2021 - Internet Initiative Japan Inc. (TSE1: 3774), one of Japan's leading Internet access and comprehensive network solutions providers, today announced that it will launch its own unique education program "IIJ Security Training School" as a project to nurture security specialists.
IIJ Security Training School is an education program to be provided to security personnel in information system departments or personnel for CSIRT(*1) departments in companies. Based on knowledge gained through incident handling and service operation at IIJ's Security Operation Center (SOC), the training enables learning from basic to applied knowledge in a systematic manner. With exercises structured with actual operation in mind, this will nurture human resources that can appropriately judge and handle issues as security specialists when an incident occurs at a company.
As the first step, IIJ will launch "Incident Handling Practical Course" in January 2022. For Registered Information Security Specialists (RISS)(*2), this course also acts as a specified training(*3) prescribed in an ordinance of the Ministry of Economy, Trade, and Industry (Specified Training No. 21-007-022).
Following the education program, IIJ plans to launch "Understanding/Defensing Against Attack Techniques: APT(*4) Countermeasures Basic Course (Tentative Name)" in March 2022 and will sequentially expand the program thereafter.

  • (*1)CSIRT: Abbreviation for Computer Security Incident Response Team and the collective name for organizations that deal with computer security incidents.
  • (*2) RISS is a national qualification indicating that the registered individuals are specialists who have the latest knowledge and skills in the field of security and can support companies and organizations in securing cybersecurity.
  • (*3)Specified training is a training course provided by private businesses, etc. as a lecture that RISS are obligated to take and is prescribed in an ordinance of the Ministry of Economy, Trade, and Industry as a training course that has the same effect as or higher effect than the training course on cybersecurity conducted by IPA (Information-technology Promotion Agency).
  • (*4)APT: Abbreviation for Advanced Persistent Threat. Cyberattacks which invade a network of a specific company and steal information or conduct disrupting activities for an extended period are called APT attacks.

Background

As cyberattacks advance day by day, the Japanese government recommends in the "Cybersecurity Management Guidelines" that private companies and various organizations establish a "system for incident response (preparation of emergency contacts and initial response manual as well as execution of practical drills)" in the case of a cyberattack. On the other hand, the lack of security personnel and skill has become a major issue at companies and demand for education services that support the nurturing of security personnel is increasing. In particular, in order to nurture the security engineers needed for dealing with incidents on-site, demand for programs in the form of practical drills including simulation of security incidents that have actually occurred is rising. IIJ is to provide a program that enables learning highly practical knowledge and skills based on experience and expertise accumulated at the forefront, its Security Operation Center (SOC).

Features of IIJ Security Training School

Provide systematic programs from basic to applied and advanced levels

Based on knowledge accumulated over more than 20 years of conducting security service operations and dealing with incidents at SOC as well as the educational track record of nurturing security analysts in-house, IIJ offers a program that systematically enables learning knowledge that is actually needed on-site by classifying it into the levels of "basic," "applied" and "advanced." From the basic level wherein one can learn basic knowledge to the highly practical applied and advanced levels for specific fields, attendees can efficiently acquire knowledge and skills according to their required level.

Able to acquire immediately useful knowledge and skills through practical drills

Providing not only bookish classroom lectures but also practical drills assuming actual handling of incidents based on what IIJ has dealt with at its SOC, attendees can acquire knowledge and skills that are immediately useful on-site. Not limited to incident response such as log analysis, identifying incidents and dealing with them, attendees can acquire knowledge and techniques required of security department employees to conduct appropriate initial response including assumption of impact within the organization and how to report.

Lectures given directly by engineers who handle incidents on-site

Lecturers who have many years of experience in teaching security inside and outside IIJ and IIJ's security engineers who handle incidents will give lectures, making use of their own experience. In addition, lectures by IIJ's security engineers who have given a number of lectures and lessons both in Japan and abroad are scheduled to be held. In particular, IIJ plans to provide opportunities to learn the highest level of security-handling techniques from engineers who was the first Japanese person chosen to be a training lecturer at Black Hat USA(*5).

  • (*5)Black Hat USA: A world-leading security conference that has been held since 1997. Security engineers as well as hackers and researchers around the globe participate in the event.

    • Program element overview

    Program element overview

    Program overview

    Incident Handling Practical Course

    Program details
    1. Lecture on basic knowledge
    2. Lecture on latest security trends
    3. Workflow of incident handling and practical drill (log analysis and separation)
    4. Review practical drill
    Acquire skills Learn knowledge and skills required for incident handling such as methods for dealing with incidents from reporting of occurrence to closure as well as appropriate initial response methods upon occurrence of incidents by dealing with false incidents created based on incidents IIJ handled at its SOC.
    Training period 1 day (10:00 a.m. to 6:00 p.m.)
    Attendees At least four attendees
    Price JPY80,000 (inclusive of tax)/person
    Provision start January 2022

    Understanding/Protecting Against Attack Techniques: APT Countermeasures Basic Course (tentative name)

    Program details
    1. Lecture on basic knowledge
    2. Lecture on latest security cases
    3. Explanation of server/terminal attack techniques
    4. Log examination of attack/consideration of countermeasures
    Acquire skills Through practical drills based on the latest attack methods and organized by incident response specialists, attendees learn how to look at logs, consider security countermeasures as well as appropriate initial response methods for when incidents occur and other practical detection/protection methods immediately useful on-site.
    Training period 1 day (10:00 a.m. to 6:00 p.m.)
    Attendees At least four attendees
    Price To be determined
    Provision start March 2022
    • (*)To be held with thorough COVID-19 countermeasures in place. Please refer to the following website describing details of the service for the countermeasures.

    In order to promote social infrastructure through which anyone can safely use the Internet, IIJ continues to employ its wizSafe brand, a security business brand based on the idea of "making safety a matter of course."

    About IIJ

    Founded in 1992, IIJ is one of Japan's leading Internet-access and comprehensive network solutions providers. IIJ and its group companies provide total network solutions that mainly cater to high-end corporate customers. IIJ's services include high-quality Internet connectivity services, systems integration, cloud computing services, security services and mobile services. Moreover, IIJ has built one of the largest Internet backbone networks in Japan that is connected to the United States, the United Kingdom and Asia. IIJ was listed on the First Section of the Tokyo Stock Exchange in 2006.

    The statements within this release contain forward-looking statements about our future plans that involve risk and uncertainty. These statements may differ materially from actual future events or results.

    For inquiries, contact

    IIJ Corporate Communications

    • (*) All company names and service names used in this press release are the trademarks or registered trademarks of their respective owners.

    Get Adobe Acrobat Reader

End of the page.

Top of Page