Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cybersecurity Strategy in Japan May 2016 Yasu TANIWAKI Deputy Director-General National center of Incident readiness and Strategy for Cybersecurity (NISC)

Published byPeter Norton Modified over 8 years ago

Similar presentations

Presentation on theme: "Cybersecurity Strategy in Japan May 2016 Yasu TANIWAKI Deputy Director-General National center of Incident readiness and Strategy for Cybersecurity (NISC)"— Presentation transcript:

1 Cybersecurity Strategy in Japan May 2016 Yasu TANIWAKI Deputy Director-General National center of Incident readiness and Strategy for Cybersecurity (NISC) Cabinet Secretariat, Government of JAPAN

2 ✔ Integrating and advancing cybersecurity policies crossing over governmental bodies ✔ Monitoring, analyzing, and handling cyber attacks to governmental bodies on 24/7 basis as a governmental CSIRT The Leading Organization of Government of Japan for Cybersecurity Issues The Roles of NISC 1

3 “Cybersecurity Strategy” [June 2013] Adopted by the Information Security Policy Council New “Cybersecurity Strategy” based on the Act [September 2015] After accepting opinions from NSC and IT Strategic HQs, the strategy was adopted as a Cabinet Decision, and reported to the National Parliament Based on agreements with other governmental bodies Cybersecurity audit: self audit Incident analysis: NISC provides supports to other governmental bodies on request basis Authority with concrete grounds based on the Act Cybersecurity audit: 3 rd Party audit by NISC Management audit Penetration test Incident analysis: NISC has authority to conduct cause investigation in serious incidents Mandatory reports from other governmental bodies Send formal recommendation to other governmental bodies The Basic Act on Cybersecurity [Enforced from 9 th January 2015] Institutional Framework Authority to GovernmentalBbodies Strategy Before the Act After the Act Strengthened authority Raised status Cabinet of Japan Information Security Policy Council IT Strategic Headquarters (Director-General : Prime Minister) NSC (Chair : Prime Minister) National Information Security Center NISC Clear legislative backgrounds NISC IT Strategic Headquarters NSC Cybersecurity Strategic Headquarters (Director-General:Chief Cabinet Secretary) Established by a Cabinet Order Cooperation National center of Incident readiness and Strategy for Cybersecurity Cabinet of Japan Established by the Act Decision by Director- General of IT strategic HQs Decision by Prime Minister 2 2

4 4 Policy Measures Building a Safe and Secure Society for the People Peace and Stability of International Community and Japan’s National Security Improvement of Socio-Economic Vitality and Sustainable Development Advancement of R&D Development of cybersecurity human resources 1 Understanding on Cyberspace 2 Objective 3 Principles 5 Organizational Framework Cybersecurity Strategy ✔ Free Flow of Information ✔ Rule of Law ✔ Openness ✔ Autonomy ✔ Collaboration among Multi- Stakeholders Cybersecurity Strategy - Principles - 3

5 4 Policy Measures Building a Safe and Secure Society for the People Peace and Stability of International Community and Japan’s National Security Improvement of Socio-Economic Vitality and Sustainable Development Advancement of R&D Development of cybersecurity human resources 1 Understanding on Cyberspace 2 Objective 3 Principles 5 Organizational Framework Cybersecurity Strategy ■ Creation of Secure IoT Systems A guideline for a framework of security standards of IoT systems [Preparing for a Request For Proposal] An IoT security guideline [To be published soon] ■ Encouraging enterprises to report their cybersecurity efforts to the market To consider the way to create a social environment where business leaders would positively tackle with cybersecurity issues as their strategic business challenges [by summer 2016] ■ Supporting information sharing between the private and the public sectors, and within the private sector Cybersecurity Strategy - Promoting Industry by Ensuring Cybersecurity - 4

6 Analytical Framework on IoT Security (draft) - 5 Devices Network Platform Service IoT system System of Systems (SoS)

7 4 Policy Measures Building a Safe and Secure Society for the People Peace and Stability of International Community and Japan’s National Security Improvement of Socio-Economic Vitality and Sustainable Development Advancement of R&D Development of cybersecurity human resources 1 Understanding on Cyberspace 2 Objective 3 Principles 5 Organizational Framework Cybersecurity Strategy ■ Advancing information sharing on software vulnerabilities ■ Conducting constant review on the scope of CIIP and enhancing information sharing on CII The Basic Policy of CIIP 3 rd Ed. [May 2014] Adopting the Roadmap for CIIP Policy Update [March 2016], which aims to enhance CII’s cyber protection Based on the roadmap, NISC started to review & renew measures, such as public-private information sharing scheme and implementation [To be finished by March 2017] ■ Improving cybersecurity measures for governmental bodies The Common Standards for the Governmental Bodies [May 2014] To revise the Common Standards [by summer 2016] Extending NISC’s scope of network monitoring by amending the Basic Act on Cybersecurity [April 2016] Cybersecurity Strategy - Enhancing Cybersecurity Capability - 6

8 4 Policy Measures Building a Safe and Secure Society for the People Peace and Stability of International Community and Japan’s National Security Improvement of Socio-Economic Vitality and Sustainable Development Advancement of R&D Development of cybersecurity human resources 1 Understanding on Cyberspace 2 Objective 3 Principles 5 Organizational Framework Cybersecurity Strategy ■ Advancing discussion on cybersecurity in bilateral cyber dialogues and multilateral frameworks ■ Contributing to the efforts to develop international rules and norms in cyberspace at various fora including UN Cyber GGE National Security Strategy [December 2013] G7 Summit 2016 in Ise-Shima [May 2016] ■ Active contribution to the cybersecurity capacity building in developing countries Cybersecurity Strategy - Improving International Cooperation - 7

9 4 Policy Measures Building a Safe and Secure Society for the People Peace and Stability of International Community and Japan’s National Security Improvement of Socio-Economic Vitality and Sustainable Development Advancement of R&D Development of cybersecurity human resources 1 Understanding on Cyberspace 2 Objective 3 Principles 5 Organizational Framework Cybersecurity Strategy ■ R&D of IoT security for critical infrastructure in the framework of SIP (Cross-Ministerial Strategic Innovation Promotion Program) ■ Promotion of human resources development by partnership between the public and the private sectors Adopting the Comprehensive Policy for Enhancing Cybersecurity Human Resources Development [March 2016] Establishing a new national cybersecurity professional certification by a legislative amendment [April 2016] Building a national cyber range as a NICT’s facility by a legislative amendment [April 2016] ■ Building up institutional framework towards the Tokyo 2020 Cybersecurity Strategy – R&D, Human Resource Development - 8

10 Governmental Organization for the Security of Tokyo 2020 Chair: Deputy Chief Cabinet Secretary for Crisis Management Members: All relevant ministries and organizations. The Tokyo metropolitan government and Tokyo Organizing Committee of the Olympic and Paralympic Games are attending as observers Dealing with security issues regarding Tokyo 2020 Security Board The HQs for Tokyo 2020 Olympic and Paralympic Games Chair: Prime Minister Works as the TOGC (Tokyo Olympic Games Council) requested as a mandatory by IOC The Vice Ministers Meeting for Tokyo 2020 Chair: Deputy Chief Cabinet Secretary Chair: NISC Dealing with cybersecurity issues with all relevant ministries Counter Terrorism WT Cybersecurity WT 9

11 Issues to be dealt with toward Tokyo 2020 10 Human Resources Development Research & Development Enhanced Critical Information Infrastructure Protection Risk Management Government CSIRT for the Tokyo 2020 cooperation TOCOG’s CSIRT ( CIRT2020 ) Cyber Exercise and Training InternationalPartners To identify critical service operators whose services affect Tokyo 2020 operation To establish cybersecurity risk assessment methods To implement cybersecurity risk assessment procedure based on the methods (should be conducted multiple times) To advance efforts in unity To establish an info-sharing and coordinated counter cyber attack framework among government agencies, CII operators, and other related organizations under the leadership of NISC The CSIRT will start its operation for the Rugby World Cup as a first step (summer 2019) Conduct cyber exercises and trainings multiple times among above related organizations, cooperating with TOCOG Bilateral int’l info- sharing frameworks via cyber dialogues, etc. Multilateral int’l info- sharing frameworks such as IWWN Increase and develop cybersecurity workforces especially by increasing cybersecurity education courses, building infrastructure for cyber exercise and training, and revealing individual’s cybersecurity skill by a certification scheme etc., based on the Comprehensive Policy for Enhancing Cybersecurity Human Resources Development [March 2016] R&D topics: Information sharing platform technologies among CII operators and capacity building for cybersecurity operation in CII field [Budgeted by the Cross- ministerial Strategic Innovation Promotion Program ( SIP ) for FY2015 to FY2019] Consider and implement protection improvement measures based on the Roadmap for CIIP Policy Update [March, 2016] Determine concrete measures for enhancement of cyber protection by March, 2017 Responsibility for cybersecurity of games (e.g. stadiums, etc.) cooperation

12

Download ppt "Cybersecurity Strategy in Japan May 2016 Yasu TANIWAKI Deputy Director-General National center of Incident readiness and Strategy for Cybersecurity (NISC)"

Similar presentations

Ministry of Labor and Social Policy SOCIAL POLICY COUNCILS Dragica Vlaović-VasiljevićSophia, 2-6th July 2007 Dragica Vlaović-VasiljevićSophia, 2-6th July.

Ministry of Labor and Social Policy SOCIAL POLICY COUNCILS Dragica Vlaović-VasiljevićSophia, 2-6th July 2007 Dragica Vlaović-VasiljevićSophia, 2-6th July.
The intersectoral approach within the OAS Inter-American Council for Integral Development (CIDI) First Meeting of Ministers and High Authorities of Social.

The intersectoral approach within the OAS Inter-American Council for Integral Development (CIDI) First Meeting of Ministers and High Authorities of Social.
STRENGTHENING COOPERATION ON CYBER SECURITY WITHIN THE ASEAN REGION

STRENGTHENING COOPERATION ON CYBER SECURITY WITHIN THE ASEAN REGION
Philippine Cybercrime Efforts

Philippine Cybercrime Efforts
Implications for the Regions EU-Regional Policy 1 Governance White Paper Introduction Adoption of White Paper on European Governance, July 25, 2001 Aim:

Implications for the Regions EU-Regional Policy 1 Governance White Paper Introduction Adoption of White Paper on European Governance, July 25, 2001 Aim:
International Telecommunication Union An Insight into BDT Programme 3 Marco Obiso ICT Applications and Cybersecurity Division Telecommunication Development.

International Telecommunication Union An Insight into BDT Programme 3 Marco Obiso ICT Applications and Cybersecurity Division Telecommunication Development.
PRESENTATION OUTLINE Introduction Climate change initiatives Capacity Challenges.

PRESENTATION OUTLINE Introduction Climate change initiatives Capacity Challenges.
ENISA Cyber Security Strategies Workshop November 27, 2014 Brussels

ENISA Cyber Security Strategies Workshop November 27, 2014 Brussels
Malak Zaalouk MENA Education Advisor UNICEF Programmes and Policies to Apply the Guidelines for Arab Teachers Performance Standards.

Malak Zaalouk MENA Education Advisor UNICEF Programmes and Policies to Apply the Guidelines for Arab Teachers Performance Standards.
Presentation by Cambodian Participants Phuket, Thailand 13-14 February 2012 Health Impact Assessment Royal Government of Cambodia.

Presentation by Cambodian Participants Phuket, Thailand February 2012 Health Impact Assessment Royal Government of Cambodia.
David A. Brown Chief Information Security Officer State of Ohio

David A. Brown Chief Information Security Officer State of Ohio
The French approach to CIIP ENISA workshop. Coordination of CIP in France ANSSI 2 A cross-ministerial issue The General Secretariat for Defense and National.

The French approach to CIIP ENISA workshop. Coordination of CIP in France ANSSI 2 A cross-ministerial issue The General Secretariat for Defense and National.
AGENCY FOR PREVENTION OF CORRUPTION AND COORDINATION OF FIGHT AGAINST CORRUPTION mr.sci. Vladica Babić - Assisstent.

AGENCY FOR PREVENTION OF CORRUPTION AND COORDINATION OF FIGHT AGAINST CORRUPTION mr.sci. Vladica Babić - Assisstent.
BELMONT FORUM E-INFRASTRUCTURES AND DATA MANAGEMENT PROJECT Updates and Next Steps to Deliver the final Community Strategy and Implementation Plan Maria.

BELMONT FORUM E-INFRASTRUCTURES AND DATA MANAGEMENT PROJECT Updates and Next Steps to Deliver the final Community Strategy and Implementation Plan Maria.
Examples of Best Practices: Anti- corruption Strategy of the TCA Musa KAYRAK Senior Auditor, CISA.

Examples of Best Practices: Anti- corruption Strategy of the TCA Musa KAYRAK Senior Auditor, CISA.
National CIRT - Montenegro “Regional Development Forum” Bucharest, April 2015 Ministry for Information Society and Telecommunications.

National CIRT - Montenegro “Regional Development Forum” Bucharest, April 2015 Ministry for Information Society and Telecommunications.
James Ennis, Department of State, USA ITU-D Question 22/1 Rapporteur.

James Ennis, Department of State, USA ITU-D Question 22/1 Rapporteur.
National Cybersecurity Management System

National Cybersecurity Management System
UK Office for Security & Counter Terrorism Future threats and the potential role of the CBRN Action plan in supporting the BTWC Dr Catherine Terry International.

UK Office for Security & Counter Terrorism Future threats and the potential role of the CBRN Action plan in supporting the BTWC Dr Catherine Terry International.
Resiliency Rules: 7 Steps for Critical Infrastructure Protection.

Resiliency Rules: 7 Steps for Critical Infrastructure Protection.

Similar presentations

Ads by Google