Cybersecurity Strategy in Japan - Roles of NISC and Basic Act Overview

Slide Note
Embed
Share

The National Center of Incident Readiness and Strategy for Cybersecurity (NISC) plays a crucial role in Japan's cybersecurity landscape, integrating policies and handling cyber attacks 24/7. The Basic Act on Cybersecurity, enforced since January 2015, establishes a clear legislative framework and organizational structure to enhance cybersecurity measures in the country. The principles of Japan's cybersecurity strategy focus on the free flow of information, rule of law, openness, and peace in the international community, aiming to strengthen national security and socio-economic vitality.

athie
athie Follow

Uploaded on Oct 09, 2024 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

E N D

Presentation Transcript

  1. Cybersecurity Strategy in Japan May 2016 Yasu TANIWAKI Deputy Director-General National center of Incident readiness and Strategy for Cybersecurity (NISC) Cabinet Secretariat, Government of JAPAN

  2. The Roles of NISC The Leading Organization of Government of Japan for Cybersecurity Issues Integrating and advancing cybersecurity policies crossing over governmental bodies Monitoring, analyzing, and handling cyber attacks to governmental bodies on 24/7 basis as a governmental CSIRT 1

  3. The Basic Act on Cybersecurity [Enforced from 9thJanuary 2015] After the Act Before the Act Cabinet of Japan Cabinet of Japan Institutional Framework Cybersecurity Strategic Headquarters IT Strategic Headquarters IT Strategic Headquarters (Director-General Prime Minister) NSC NSC Clear legislative backgrounds (Chair Prime Minister) Cooperation Cooperation (Director-General Chief Cabinet Secretary) Established by the Act Decision by Director- General of IT strategic HQs Information Security Policy Council NISC Established by a Cabinet Order NISC National center of Incident readiness and Strategy for Cybersecurity Decision by Prime Minister National Information Security Center Authority with concrete grounds based on the Act Cybersecurity audit: 3rdParty audit by NISC Management audit Penetration test Incident analysis: NISC has authority to conduct cause investigation in serious incidents Mandatory reports from other governmental bodies Send formal recommendation to other governmental bodies Based on agreements with other governmental bodies Cybersecurity audit: self audit Incident analysis: NISC provides supports to other governmental bodies on request basis GovernmentalBbodies Strengthened authority Authority to New Cybersecurity Strategy based on the Act [September 2015] After accepting opinions from NSC and IT Strategic HQs, the strategy was adopted as a Cabinet Decision, and reported to the National Parliament Raised status Strategy Cybersecurity Strategy [June 2013] Adopted by the Information Security Policy Council 2 2

  4. Cybersecurity Strategy - Principles - Cybersecurity Strategy Free Flow of Information Understanding on Cyberspace Objective Rule of Law Principles Policy Measures Openness Peace and Stability of International Community and Japan s National Security Improvement of Socio-Economic Vitality and Sustainable Development Building a Safe and Secure Society for the People Autonomy Advancement of R&D Development of cybersecurity human resources Collaboration among Multi- Stakeholders Organizational Framework 3

  5. Cybersecurity Strategy - Promoting Industry by Ensuring Cybersecurity - Creation of Secure IoT Systems A guideline for a framework of security standards of IoT systems [Preparing for a Request For Proposal] An IoT security guideline [To be published soon] Cybersecurity Strategy Understanding on Cyberspace Objective Encouraging enterprises to report their cybersecurity efforts to the market To consider the way to create a social environment where business leaders would positively tackle with cybersecurity issues as their strategic business challenges [by summer 2016] Supporting information sharing between the private and the public sectors, and within the private sector Principles Policy Measures Peace and Stability of International Community and Japan s National Security Improvement of Socio-Economic Vitality and Sustainable Development Building a Safe and Secure Society for the People Advancement of R&D Development of cybersecurity human resources Organizational Framework 4

  6. Analytical Framework on IoT Security (draft) - System of Systems (SoS) Service Platform Network Devices IoT system IoT system IoT system IoT system 5

  7. Cybersecurity Strategy - Enhancing Cybersecurity Capability - Advancing information sharing on software vulnerabilities Conducting constant review on the scope of CIIP and enhancing information sharing on CII The Basic Policy of CIIP 3rdEd. [May 2014] Adopting the Roadmap for CIIP Policy Update [March 2016], which aims to enhance CII s cyber protection Based on the roadmap, NISC started to review & renew measures, such as public-private information sharing scheme and implementation [To be finished by March 2017] Improving cybersecurity measures for governmental bodies The Common Standards for the Governmental Bodies [May 2014] To revise the Common Standards [by summer 2016] Extending NISC s scope of network monitoring by amending the Basic Act on Cybersecurity [April 2016] Cybersecurity Strategy Understanding on Cyberspace Objective Principles Policy Measures Peace and Stability of International Community and Japan s National Security Improvement of Socio-Economic Vitality and Sustainable Development Building a Safe and Secure Society for the People Advancement of R&D Development of cybersecurity human resources Organizational Framework 6

  8. Cybersecurity Strategy - Improving International Cooperation - Advancing discussion on cybersecurity in bilateral cyber dialogues and multilateral frameworks Contributing to the efforts to develop international rules and norms in cyberspace at various fora including UN Cyber GGE National Security Strategy [December 2013] G7 Summit 2016 in Ise-Shima [May 2016] Cybersecurity Strategy Understanding on Cyberspace Objective Principles Policy Measures Peace and Stability of International Community and Japan s National Security Improvement of Socio-Economic Vitality and Sustainable Development Building a Safe and Secure Society for the People Advancement of R&D Active contribution to the cybersecurity capacity building in developing countries Development of cybersecurity human resources Organizational Framework 7

  9. Cybersecurity Strategy R&D, Human Resource Development - R&D of IoT security for critical infrastructure in the framework of SIP (Cross-Ministerial Strategic Innovation Promotion Program) Promotion of human resources development by partnership between the public and the private sectors Adopting the Comprehensive Policy for Enhancing Cybersecurity Human Resources Development [March 2016] Establishing a new national cybersecurity professional certification by a legislative amendment [April 2016] Building a national cyber range as a NICT s facility by a legislative amendment [April 2016] Building up institutional framework towards the Tokyo 2020 Cybersecurity Strategy Understanding on Cyberspace Objective Principles Policy Measures Peace and Stability of International Community and Japan s National Security Improvement of Socio-Economic Vitality and Sustainable Development Building a Safe and Secure Society for the People Advancement of R&D Development of cybersecurity human resources Organizational Framework 8

  10. Governmental Organization for the Security of Tokyo 2020 The HQs for Tokyo 2020 Olympic and Paralympic Games Chair: Prime Minister Works as the TOGC (Tokyo Olympic Games Council) requested as a mandatory by IOC The Vice Ministers Meeting for Tokyo 2020 Chair: Deputy Chief Cabinet Secretary Security Board Chair: Deputy Chief Cabinet Secretary for Crisis Management Members: All relevant ministries and organizations. The Tokyo metropolitan government and Tokyo Organizing Committee of the Olympic and Paralympic Games are attending as observers Dealing with security issues regarding Tokyo 2020 Counter Terrorism WT Cybersecurity WT Chair: NISC Dealing with cybersecurity issues with all relevant ministries 9

  11. Issues to be dealt with toward Tokyo 2020 Risk Management TOCOG s CSIRT CIRT2020 Responsibility for cybersecurity of games (e.g. stadiums, etc.) Government CSIRT for the Tokyo 2020 To establish an info-sharing and coordinated counter cyber attack framework among government agencies, CII operators, and other related organizations under the leadership of NISC The CSIRT will start its operation for the Rugby World Cup as a first step (summer 2019) To identify critical service operators whose services affect Tokyo 2020 operation To establish cybersecurity risk assessment methods To implement cybersecurity risk assessment procedure based on the methods (should be conducted multiple times) cooperation Cyber Exercise and Training International Partners Conduct cyber exercises and trainings multiple times among above related organizations, cooperating with TOCOG Bilateral int l info- sharing frameworks via cyber dialogues, etc. Multilateral int l info- sharing frameworks such as IWWN To advance efforts in unity Enhanced Critical Information Infrastructure Protection Consider and implement protection improvement measures based on the Roadmap for CIIP Policy Update [March, 2016] Determine concrete measures for enhancement of cyber protection by March, 2017 Human Resources Development Increase and develop cybersecurity workforces especially by increasing cybersecurity education courses, building infrastructure for cyber exercise and training, and revealing individual s cybersecurity skill by a certification scheme etc., based on the Comprehensive Policy for Enhancing Cybersecurity Human Resources Development [March 2016] Research & Development R&D topics: Information sharing platform technologies among CII operators and capacity building for cybersecurity operation in CII field [Budgeted by the Cross- ministerial Strategic Innovation Promotion Program SIP for FY2015 to FY2019] 10

Related


Comprehensive Airport Cybersecurity Quick Guide and Assessment Tool

Comprehensive Airport Cybersecurity Quick Guide and Assessment Tool

emmitt
Cybersecurity Career Path Overview

Cybersecurity Career Path Overview

rusty
Shovel-Ready Projects Initiative for Cybersecurity Innovation in Canada

Shovel-Ready Projects Initiative for Cybersecurity Innovation in Canada

aberm
Ensuring Business Security: Cybersecurity Webinar Insights

Ensuring Business Security: Cybersecurity Webinar Insights

amelia
Strategy Framework of Global Financial City Osaka: A Blueprint for Economic Growth

Strategy Framework of Global Financial City Osaka: A Blueprint for Economic Growth

kelo489
Initiatives for the International Linear Collider (ILC) in Japan

Initiatives for the International Linear Collider (ILC) in Japan

catalin
Defense Industrial Base (DIB) Cybersecurity Training Overview

Defense Industrial Base (DIB) Cybersecurity Training Overview

xayl_3
IRIS H2020 Project - Enhancing Cybersecurity for SMART CITIES

IRIS H2020 Project - Enhancing Cybersecurity for SMART CITIES

airt550
Cybersecurity Workforce Management: Engage, Empower, Elevate

Cybersecurity Workforce Management: Engage, Empower, Elevate

dena835
Cybersecurity and Computer Science Education Projects at UH Maui College

Cybersecurity and Computer Science Education Projects at UH Maui College

karm_14
Enhancing Cybersecurity for Improved Insurability and Risk Management

Enhancing Cybersecurity for Improved Insurability and Risk Management

trac_745
Workshop on Cybersecurity Professionalism & Ethics

Workshop on Cybersecurity Professionalism & Ethics

acke_ddy
Ethics in Cybersecurity: Evolution, Challenges, and Solutions

Ethics in Cybersecurity: Evolution, Challenges, and Solutions

kdett
Japan's RDE Methodology and Environmental Policy Overview

Japan's RDE Methodology and Environmental Policy Overview

trixie
Global Education Trends and Innovations in Australia and Japan

Global Education Trends and Innovations in Australia and Japan

deai_802
The Second Sino-Japanese War and the Marco Polo Bridge Incident

The Second Sino-Japanese War and the Marco Polo Bridge Incident

leilanee
Why Japan and China Have a Frosty Relationship Explained

Why Japan and China Have a Frosty Relationship Explained

rael_747
Explore the Fascinating World of Japan: Culture, History, and Literature

Explore the Fascinating World of Japan: Culture, History, and Literature

maximill
Challenges in Cybersecurity Implementation: A Philippine Perspective

Challenges in Cybersecurity Implementation: A Philippine Perspective

shona
Cultural Exchanges Between Japan and Tang China: A Historical Perspective

Cultural Exchanges Between Japan and Tang China: A Historical Perspective

breccan
Exploring Japan: Geography, Culture, and Landmarks

Exploring Japan: Geography, Culture, and Landmarks

mica_94
Understanding Feudal Japan: The Tale of Genji and Tokugawa Shogunate

Understanding Feudal Japan: The Tale of Genji and Tokugawa Shogunate

yuri_825
Japan's Transformation During the Age of Imperialism

Japan's Transformation During the Age of Imperialism

cyprian
Cybersecurity Tabletop Exercise Overview

Cybersecurity Tabletop Exercise Overview

rudi

More Related Content

Automated Signature Extraction for High Volume Attacks in Cybersecurity
Automated Signature Extraction for High Volume Attacks in Cybersecurity
C2M2 Version 2.1 Cybersecurity Model Overview
C2M2 Version 2.1 Cybersecurity Model Overview
Understanding the Role of Audit & Supervisory Board Members in Japan
Understanding the Role of Audit & Supervisory Board Members in Japan
Progress and Challenges for Japanese Women in Decision-Making Roles
Progress and Challenges for Japanese Women in Decision-Making Roles
Defense Industrial Base Sector Cybersecurity Training Overview
Defense Industrial Base Sector Cybersecurity Training Overview
Enhancing California's Election Cybersecurity Readiness
Enhancing California's Election Cybersecurity Readiness
Cybersecurity Expert Shiva V. Parasram - Profile and Advice
Cybersecurity Expert Shiva V. Parasram - Profile and Advice
Cybersecurity and Personal Finance: A Tale of Appily Ever After
Cybersecurity and Personal Finance: A Tale of Appily Ever After
Empowering NNSA Cyber Professionals Through Enterprise Tools and Data Analytics
Empowering NNSA Cyber Professionals Through Enterprise Tools and Data Analytics
Financial Management and Cybersecurity: Essential Tips for Treasurers
Financial Management and Cybersecurity: Essential Tips for Treasurers
Franco-Japanese Cybersecurity Workshop Highlights and Future Plans
Franco-Japanese Cybersecurity Workshop Highlights and Future Plans
Adversarial Machine Learning in Cybersecurity: Challenges and Defenses
Adversarial Machine Learning in Cybersecurity: Challenges and Defenses
Cybersecurity Risk Management in K-12 Education: Challenges and Strategies
Cybersecurity Risk Management in K-12 Education: Challenges and Strategies
Which and How of Cybersecurity Frameworks
Which and How of Cybersecurity Frameworks
Exploring Adversarial Machine Learning in Cybersecurity
Exploring Adversarial Machine Learning in Cybersecurity
Cybersecurity Entrepreneurship Workshop Highlights
Cybersecurity Entrepreneurship Workshop Highlights
Professionalism in Cybersecurity: Developing Essential Skills
Professionalism in Cybersecurity: Developing Essential Skills
Machine Learning for Cybersecurity Challenges: Addressing Adversarial Attacks and Interpretable Models
Machine Learning for Cybersecurity Challenges: Addressing Adversarial Attacks and Interpretable Models
Instrument human capital cybersecurity mkb bedrijven
Instrument human capital cybersecurity mkb bedrijven
Cybersecurity and Supply Chain Risk Management: Best Practices for Procurement
Cybersecurity and Supply Chain Risk Management: Best Practices for Procurement
Empowering Women in Cyber: CyberFirst Girls Competition
Empowering Women in Cyber: CyberFirst Girls Competition
REWIRE Cybersecurity Skills Alliance
REWIRE Cybersecurity Skills Alliance
CYBERSECURITY AWARENESS MONTH 2023
CYBERSECURITY AWARENESS MONTH 2023
Cybersecurity Risks for Remote CISTAR Facilities Study
Cybersecurity Risks for Remote CISTAR Facilities Study