This paper provides an overview of NEC’s strategy and initiatives for leveraging AI in its cybersecurity services. To address the increasing scale and sophistication of cyberattacks, NEC emphasizes the rigorous implementation of security by design, ensuring that security is integrated throughout every stage of system planning, development, operation, and maintenance. By incorporating the expertise of security professionals into Agentic AI, NEC delivers highly reliable and efficient cybersecurity solutions. The paper also introduces key internal initiatives and showcases examples of customer-facing services that embody these approaches.

1. Introduction

In recent years, incidents such as data breaches caused by IT system vulnerabilities and business disruptions due to cyberattacks have become increasingly widespread, affecting organizations of all sizes and threatening business continuity. At the same time, the shortage of skilled cybersecurity professionals and the emergence of new attack techniques and vulnerabilities have made it essential to implement efficient, AI-driven security measures that can respond comprehensively and in real time.

In response to these circumstances, NEC leverages expertise gained from providing secure products, systems, and services based on the principle of security by design, and combines this with the knowledge of security professionals to develop Agentic AI in collaboration with NEC’s research laboratories. By offering services that utilize these technologies, NEC enhances the sophistication and efficiency of customers’ security operations. The overall framework is shown in Fig. 1. In implementing these Agentic AI solutions, NEC actively utilizes its self-developed core AI technology “NEC cotomi,” to deliver highly reliable and transparent services.

2. NEC’s Internal Adoption Policy and Initiatives

2.1 AI Agent for Guideline Checking

To ensure secure development, compliance with guidelines established for each country and industry must be verified at every stage of the process. However, manually checking each guideline item is time‑consuming and can lead to omissions. NEC has developed the AI Agent for Guideline Checking (Fig. 2) to deliver uniform, high quality checks that reduce dependence on individual expertise, with internal deployment targeted for the second half of fiscal 2025. This agent includes a proprietary function in which the AI agent automatically adds supplementary context—such as the background of the design documents, the system’s environment, and typical usage scenarios—to items being checked. As a result, even industry specific design documents can be reviewed autonomously and with high accuracy, supporting the efficient development of secure IT systems.

2.2 AI Agent for Cyber Intelligence

Cyber threat intelligence (CTI) serves as the foundation for organizational security measures by collecting, aggregating, and analyzing trends in security threats. However, the quality of CTI has traditionally depended on the research methods and expertise of individual analysts, and challenges such as the time required for information gathering and determining the relevance of collected data have persisted (Fig. 3).

To overcome these challenges, NEC has developed an application that utilizes Agentic AI to efficiently generate cyber threat intelligence.¹⁾ One of the key features of this application, called Advanced Search, collects relevant information in response to questions input in natural language, extracts important elements, and outputs summarized and analyzed content in natural language. Fig. 4 shows an example of the output from Advanced Search when the question “What were the proportions of different types of cyberattacks in 2023?” is input, presenting a sample answer on the topic “Main Cyberattacks in 2023.”

The response includes items such as the proportion by attack type and the year on year increase or decrease. Because comprehensive information collection is important in cyber threat intelligence generation, Advanced Search collects as much information as possible and provides it as reference in its answers. In addition, while researchers judge the accuracy of the content provided, Advanced Search has a function that displays text it judges to be related to the question, supporting researchers in their accuracy assessment work.

2.3 Security Testing and Initial IR LLM Applications

When a security incident occurs—such as a system outage caused by ransomware infection or an information leak resulting from unauthorized access—the impact on the affected organization can be severe. To mitigate the effects of such security incidents on customer systems and services, NEC has developed two Large Language Model (LLM) applications, as shown in Fig. 5.

The Security Testing LLM application analyzes input such as source code or binary code and outputs vulnerability findings and verification code. If network scan results are provided as input, the application can also generate recommendations for the next security tests to perform according to the current situation, enabling deeper-level security assessments.

The other application, the initial incident response (IR) LLM, is used in the early stages of an incident and provides guidance on what actions should be taken when an incident occurs. Traditionally, it was necessary to consult extensive company manuals, but with this application, users can simply input what they want to accomplish, and receive step-by-step procedures tailored to their objectives.

3. Initiatives Toward Customer-Facing Services

3.1 AI Agent for System Risk Diagnosis

In order to respond to the increasing number of new attacks and vulnerabilities that threaten business continuity, and to implement appropriate countermeasures, it is essential to identify an organization’s security weaknesses through expert risk assessments. NEC has provided the Cyberattack Route Diagnostics Service, which leverages proprietary automated cyberattack risk assessment technology to visualize system security risks and the effectiveness of countermeasures.²⁾ The AI Agent for System Risk Diagnosis (Fig. 6), which utilizes NEC cotomi, incorporates risk assessment expertise and autonomously performs the entire process—from checking for threats and vulnerabilities, to executing diagnosis and proposing countermeasures, to generating reports with diagrams and visualizations. This enables the agent to deliver results with a quality equivalent to that of a human expert. An example of output generated by the AI Agent for System Risk Diagnosis is shown in Fig. 7.

Within fiscal year 2025, NEC plans to introduce an enhanced option for customer-facing diagnostic services, offering a periodic reporting service in which the Agentic AI will conduct regular risk assessments and provide notifications of any changes or increased risks identified since the previous assessment.

3.2 AI Agent for Information Security Internal Audits

To enhance corporate governance, it is essential to regularly evaluate and improve whether an organization’s security policies and management frameworks are being properly implemented. By leveraging generative AI, NEC has reduced the manual effort required to prepare internal audit reports for group companies by 76% (Fig. 8), while also improving audit quality by minimizing inconsistencies caused by differences in individual skill levels. Building on the proprietary audit knowledge gained through these internal practices, NEC has developed the AI Agent for Information Security Internal Audits.

The AI Agent for Information Security Internal Audits enables users to simply input their responses on the questionnaire screen shown in Fig. 9, with the support of generative AI, and instantly outputs an audit report in the prescribed format (Fig. 10).

NEC plans to launch a service supporting the creation of audit reports using the AI Agent for Information Security Internal Audits within fiscal year 2025.

4. Conclusion

This paper has introduced NEC’s initiatives for realizing security by design through both internal applications and customer-facing services utilizing generative AI and Agentic AI. By systematizing the expertise of security professionals and integrating it into Agentic AI, NEC is achieving greater efficiency and higher quality in security operations. Going forward, NEC will continue to expand efforts that combine AI and cybersecurity, contributing to the creation of a reliable and secure digital society.

References

Authors’ Profiles

Related URL