Canon Europe advances its information security strategy
September 20, 2022
Articles, Digital Transformation, Podcast, Research, Security, Trends
Canon Europe is raising the bar on information security, helping businesses mitigate the risks associated with information security and today’s threat landscape by expanding its portfolio of products and services.
Canon has deepened its focus on delivering a holistic approach to information security strategy. Its renewed strategy is led by its Information Security group which leverages its Chief Information Security Officer (CISO) expertise and internal security team, which is also responsible for integrating information security into the value chain for Canon’s products and services.
A strong differentiator for Canon is that its integrated security strategy extends beyond an IT-centric internal approach to one that is highly customer-centric. This expertise and guidance will not only support its customers improve cybersecurity resilience but also enable Canon to build customer trust in the cybersecurity arena.
The complex and expanding threat landscape
As companies advance their digital transformation journeys, remote work and cloud are creating a sprawling attack surface. Increasingly, a complex regulatory landscape and sophisticated cyberattacks – often based on artificial intelligence (AI) or machine learning (ML) – mean that businesses face increasing challenges in protecting data from both insider and external threats.
A key element of the expanded threat landscape is the print infrastructure.
Connected printers and multifunction peripherals (MFPs) operate embedded software and firmware and, as such, require the same endpoint security measures as any networked device.
Beyond the loss of confidential or sensitive paper documents, the more sinister risk is that these devices may be compromised, enabling external hackers to infiltrate the corporate network. Such compromise can lead to significant financial and legal repercussions, as well as reputational damage.
The print security imperative
Quocirca’s Print Security 2022 study revealed that 68% of organisations across the US and Europe reported a print related data breach over the past year, leading to an estimated average cost of nearly £632,000 per organisation.
As hybrid work evolves, organisations face further challenges. Just 26% of respondents said they are confident about their print security measures across the hybrid workplace.
Consequently, customers and regulators are demanding that manufacturers protect their devices and meet regulations (such as NIST’s Cybersecurity Framework 2.0, ISO/IEC 27001, ISO 27032) as well as demonstrating incident-response processes.
Canon’s comprehensive security portfolio
Canon offers a comprehensive range of security-led products and solutions as part of its Digital Transformation Services ecosystem.
Its security proposition fits into 4 key areas:
- Secure Device
- Secure Content
- Secure Remote
- Secure Office Network
These encompass its broad range of cloud-enabled devices that conform to Canon’s secure by design approach. This includes its ImageRUNNER ADVANCE DX portfolio, i-SENSYSX products, imagePRESS, PIXMA and MAXIFY products.
Some product features that help safeguard data across the document workflow lifecycle include secure printing functionality across document, network and device security.
Document security features include user authentication, encrypted PDF and digital signatures. Network security includes IEEE 802.1 authentication and TLS 1.3. Device security includes Trellix McAfee Embedded control, storage encryption, TPM 2.0 and SIEM integration.
Value-added services
Particularly relevant are Canon’s new value-added offerings. These help customers with advanced security requirements to ensure data compliance and improve cyber resilience. They include its Office Health Check which assesses security risks and vulnerabilities. In Europe, this is run in partnership with the NCC group.
Other value-added services include Device Hardening, Device Management (with remote firmware and application updates) and Secure Configuration Management. The latter delivers proactive monitoring of devices and Data Removal Services at end of device life.
Quocirca opinion
Security across the print value chain is now crucial.
As customer expectations increase, the risk of any cybersecurity incident caused by a compromised printer or MFP can have severe implications for any business. Organisations must prioritise printing as part of their broader information security measures and gain a deeper understanding of the security vulnerabilities around the print infrastructure.
Canon’s approach, with a broad range of embedded hardware and software features, helps customers mitigate such risks.
With hardware MFP security features now relatively standardised in the industry, Canon’s opportunity for differentiation is around its value-added services and its uniFLOW secure print and capture management capabilities. Its risk assessments partnership with NCC Group particularly stands out.
With these broader services and solutions, Canon Europe can help customers address the data compliance and protection challenges that affect their specific risk profile. By leveraging the expertise and experience of its internal security team, Canon is well positioned to extend its security skills to supporting its customers’ broader information security needs.
Find out more
- Learn more about Canon’s unique approach to information security in Quocirca’s podcast with Quentyn Taylor, Head of Information Security and Global Incident Response at Canon Europe (link)
- Learn about the trends in print security in Quocirca’s Print Security 2022 Trends Report
