In this paper we introduce a practical example in which NEC has used the company-wide cybersecurity dashboard to address management issues related to governance, accountability, and awareness in a data-driven manner. This dashboard enables visualizing the status of risks, threats, and management, and with actions based on KPIs and automated follow-up, we have been able to more than double the speed of responses to these issues and the risk of ransomware incidents has been reduced to less than one-sixth of what it was. Additionally, visualizing third-party evaluations and investment effects has improved clarity and transparency in explanations and has been utilized to facilitate dialogue with stakeholders. Also, visualizing training results and sharing security news has served to foster a sense of participation among all employees and established a platform for a common language enabling conversations between everyone from the president to general personnel. These initiatives have also received high praise externally, resulting in accolades such as wining the Grand Prize at the Japan Security Awards 2024.

1. Introduction

Cyber threats are increasing every year, and addressing them is becoming increasingly difficult. Companies like NEC that operate a wide range of businesses are likely to become the target of these attacks, making company-wide governance and robust security measures essential.

NEC spent approximately six years establishing a system of governance based on a globally unified policy and rebuilt its security architecture with consideration for useability. As a result, we have made strides in reducing risks across its entire supply chain. We have also strengthened our cyber defense system utilizing threat intelligence. Since 2018, NEC has raised its threat alert level in preparation for large-scale international events and established a dedicated intelligence team to advance preemptive defense and proactive information gathering (Fig. 1).

In addition, a Red Team conducted a global cyber risk assessment and deployed four main types of assessment packages: third-party evaluation, credential assessments, urgent risk investigation of externally exposed assets, and attack assessment. From identifying risks to taking countermeasures, both management and front line personnel work together to operate a management cycle that supports business continuity (Fig. 2).

However, the management cycle did not function this smoothly initially. The issues can be summarized into three main points: (1) governance, (2) accountability, and (3) awareness. In terms of the first point, governance, unified management did not extend across the entire global organization, resulting in delays and inconsistencies in thoroughly addressing vulnerabilities at each location. Regarding the second point, accountability, it was difficult to communicate investment results to stakeholders, making it difficult to gain understanding from those both within and outside the company. For the third point, awareness, the intangible nature of threats led to varying levels of concern, resulting in a general lack of personal engagement with the issue (Fig. 3).

The key to solving these issues was making the transformation to a data-driven security culture. Quantifying risks and outcomes and conducting objective evaluations based on KPIs, clarifies priorities and leads to enhanced accountability and more informed investment decisions. As a result, communication is accelerated between frontline personnel and management, which starts the operation of an autonomous management cycle.

2. Cybersecurity Dashboard Enabling Comprehensive Security Management

2.1 Cybersecurity dashboard

At NEC, in order to solve the management issues mentioned in the previous section (Fig. 3), we utilize the cybersecurity dashboard. It is structured to be a clearly understandable visualization of the situation, enabling everyone from the president to general personnel to share the same facts using an evidence-based common language (Fig. 4).

The dashboard is composed of three perspectives: risk, threat, and management, each serving a different role. 

2.2 Security culture transformation and its effects

In terms of governance, the number of neglected vulnerable systems has rapidly decreased, and the speed of risk response has more than doubled, resulting in a reduction in ransomware-related damage risk to less than one-sixth¹⁾ of its previous level. Moreover, not only NEC but also affiliated subsidiaries have been autonomously utilizing the dashboard to continuously address risks within their own organizations. Additionally, at global meetings attended by IT managers from various international locations, discussions on KPIs and organizational positioning are held with the dashboard as a central point, thus promoting widespread adoption across the entire global organization (Fig. 8).

In terms of accountability, dialogue with stakeholders such as outside directors, relevant government ministries, and shareholders is continuously conducted using the dashboard, which has received high praise for making the investment effects easy to understand.

NEC’s efforts in security have also achieved results in objective third-party evaluations. For four consecutive years, NEC has ranked first within its sector in the Dow Jones Sustainability Index (DJSI), a key indicator for ESG investment, and for four consecutive years has also received the highest rating in the Japan Federation of IT Organizations’ “Cyber Index Corporate Survey” (Fig. 9). These initiatives have increased transparency in accountability and continuously gained consensus for investment decisions, earning trust both within and outside the company.

Additionally, in August 2025, we launched the signage for the Security Executive Dashboard (Fig. 10), which fully utilizes AI to integrate images, videos, music, audio, and text, allowing executives to immediately grasp the internal and external security landscape at a glance.

In terms of awareness, a foundation has been established for each employee to proactively engage with security, leading to a steady improvement in the organization’s overall consciousness. Under the philosophy of “security participation by all,” NEC is implementing a variety of initiatives based on the dashboard.

First, to open up the gateway to security and make it feel more familiar, we conducted a “10 Question Series,” which interactively answers the simple questions from new employees. The dashboard is also utilized in security discussions held in each department, and as a result, the crisis awareness regarding incidents has now increased to 96%.

In addition, to ensure that employees can take action when necessary, we conducted a company-wide phishing e-mail training, and the results were published on the dashboard. Each organization reviewed their own status and continued to make improvements, which resulted in a decrease of over 15% in suspicious URL click rates and an increase in escalation rates. We also utilized generative AI²⁾ to create the content for the training e-mails, achieving approximately 90% efficiency improvements.

Furthermore, in order to integrate security into everyday life, we deliver automated news updates and audio and music content utilizing generative AI. Employees have responded positively, appreciating the ability to easily engage with security topics during their spare moments (Fig. 11).

2.3 Lean and agile launch and continuous use of Digital Ops and AI

At the initial launch of the dashboard, the Chief Information Security Officer (CISO) and a few team members finalized the concept in 15 minutes, and a team of about five people carried out development work. Aiming for a quick win, we launched in a month’s time, and since then have refined our priorities through regular reviews with top management, including the president, expanding in a lean and agile manner. Currently, about 20 people participate in this project alongside their main duties, and the team has evolved into a structure that continuously carries out planning, development and operations.

From a design perspective, we avoided simply listing rows of numbers, and focused on creating a human-centric design, placing meaning information where users need it. The design is incorporated in an upstream process and implemented through a catch-and-try approach. In the aforementioned Security Executive Dashboard, we used React to advance dynamic signage, continually improving and refining the design by incorporating new elements aiming for a more sophisticated design.

The information displayed on the dashboard is derived from logs collected and analyzed on a Zero Trust platform. These logs are integrated with business tools such as communication, knowledge, task status, and inquiries, and are further processed with statistical analysis, status assignment, and contextualization. As a result, more than one terabyte of logs are compressed into several gigabytes of meaningful information, enabling both management and on-site personnel to grasp the situation with sufficient information density for decision-making. The dashboard is built on Splunk Enterprise running on AWS, which is connected via a closed network. Stable operation and scalability are ensured through unified management and control of a robust cluster configuration on the management platform (Fig. 12).

In operating the cybersecurity dashboard, we thoroughly leverage the systematization of processes, Digital Ops, and AI. For handling inquiries, we prevent backlogs by automatically assigning inquiries to the appropriate personnel and sending notifications. On the platform side, functions such as system monitoring, patch application, and resource management are automated. In the application layer, we automatically detect data import or aggregation failures and enable self-recovery, and from the user perspective, regular screenshots are taken and AI is used to detect anomalies, allowing us to quickly identify any visual irregularities. Additionally, as a countermeasure against information leaks, we have implemented an end-to-end system that automatically detects suspicious users based on access history and behavior, issues notifications, and preserves audit logs. This enables us to achieve more secure operations without compromising convenience. 

In our society, where digital accountability is set to become the norm, we believe that accurately communicating our security initiatives will lead to greater trust. NEC is promoting autonomous security by leveraging dashboards and AI. By visualizing security performance and disclosing it to stakeholders, we aim to realize a society where people can feel safer.

3. As a Value Creator

We provide value to our customers by sharing over 150 internal case studies and delivering external lectures each year, thereby giving back to society through the security initiatives we have cultivated within our company (Fig. 13). In terms of external recognition, beginning with the IT Awards sponsored by the Japan Institute of Information Technology, NEC received the 2023 IT Excellence Award in the Management category as a pioneer in realizing the visualization of risks and threats. This was followed by recognition in 2024 from the Japan Digital Transformation Promotion Association, sponsor of the Japan DX Awards, who awarded NEC the Special Award, as well as recognition at the Japan Security Awards, where NEC received the Grand Prize for outstanding efforts in strengthening internal security with our cybersecurity dashboard and our initiatives that give back to society. As of August 2025, we have also filed numerous patents related to our cybersecurity dashboard.

These initiatives are not limited to our internal activities; they are also incorporated into NEC BluStellar Scenario and provided to our customers.

NEC will continue to provide value to our customers and society through the practice of advanced security, contributing to the realization of a safe and secure future.

Trademarks

References

Authors’ Profiles

Related URL