NEC Corporation and Mitsubishi Corporation to Form Information Security Joint Venture

*** For immediate use December 25, 2013


Tokyo, December 25, 2013 - NEC Corporation, (NEC), Mitsubishi Corporation (MC) and Infosec Corporation (Infosec), a wholly owned subsidiary of MC, have reached an agreement in which NEC will acquire a 60% equity interest in Infosec. As a result of this transaction, Infosec will be jointly managed by NEC and MC from February 2014. As both companies strengthen their presence in the rapidly growing cyber security services field, the move will also reinforce Infosec's capacities on both its consulting services and technical services fronts, and transform it into one of the top information security companies in Japan.

Cyber attacks, including Advanced Persistent Threats (APT), do not only target large enterprises and public institutions, but increasingly affect small and medium-sized organizations as well. The need to strengthen the level of information security within such organizations has been increasing as they seek to reduce business continuity risks. In such an environment, businesses that can provide overall information security services ranging from consulting services through to technical services, including consultancy for planning strategy and implementation, vulnerability assessment of IT systems, as well as the design, development, integration and operation of security systems and managed security services, are still gravely insufficient.

Infosec has an outstanding team of professional consultants and engineers, and has already been delivering top-level security services to meet a variety of customer security requirements in a range of fields. Services currently provided by Infosec include security management consulting, secure technology consulting, development and operation of security systems(*1), and managed security services(*2).

This joint venture will combine Infosec's solid foundation in the cyber security business and its top-level security consulting and engineering capacity with MC's business management expertise and global information gathering capabilities. This will be further combined with the advanced knowledge and project management capabilities that NEC has built up over the years through security solutions provided for governments and other social infrastructure enterprises, as well as the know-how gained through the NEC Cyber Security Factory(*3). Brought together, this impressive range of expertise will greatly enhance Infosec's status as a force to be reckoned with in the information security business.

Through provision of the most comprehensive and sophisticated cyber security solutions, the three companies are aiming to reduce the threat of cyber attacks on customers while at the same time contribute to establishing a safe and secure society.

[Outline of Joint Venture]

Notes:

(*1) Development of security systems: The business of developing IT systems for customers seeking to ensure security by integrating firewalls, intrusion detection systems (IDS), intrusion prevention systems (IPS), antivirus software, security log management software, etc.

(*2) Managed security service: A service that provides operational monitoring of unauthorized access to network security devices such as firewalls and IDS's/IPS's on behalf of customers. These services are provided mainly through Security Operations Centers (SOC) owned by service providers. Customers can therefore avoid the hassle of recruiting their own staff for these purposes, and still benefit from high quality services by entrusting these tasks to security experts who have all the relevant information and knowledge.

(*3) Cyber Security Factory: An organization established by NEC in November, 2012 for the purpose of fostering greater coordination among information security-related departments within NEC as well as among other information security-related companies in Japan. The organization is seeking to achieve more effective accumulation and sharing of technology and know-how in relation to breaches of security and unauthorized access by analyzing the constantly changing information about cyber attacks, thereby enhancing capacity to develop new solutions for guarding against such attacks.