Japan's Approach to Cyber-Security: Expectations for Tokyo 2020
INTRODUCTION
Expectations for Tokyo in 2020 rose after witnessing the surprising performance by Prime Minister Abe at the closing ceremony of the Rio 2016 Olympics. Meanwhile, Japan’s challenge to host the Olympic Games under a safe & secure environment has just begun.
Brazil, the host for Rio 2016, continues to rank as one of the most pervasive cybercrime environments worldwide. According to a report from Fortinet, the country saw an 83% increase in malicious URLs, compared to just 16% growth for the rest of the world. Worldwide phishing activity was also up, with a 76% spike from April to June. Kaspersky researchers also said that tests on the ground in Brazil "showed roughly one in four wireless internet access points likely to be used by tourists were highly vulnerable to cyber-attacks".
Four years back, in London 2012, the country experienced cyber-attacks to the electricity infrastructure, which may have caused the lights to go out during the Opening Ceremony. But London was prepared based on what they have learned from Beijing 2008.
Now that the Olympic flag is handed over from Rio de Janeiro to Tokyo, Japan must fully commit to protect the people and the country from cyber-attacks.
Cyber-security Initiated by Japanese Government
The Japanese government has already accelerated the move in the past few years, aiming for ultimate cyber safety surrounding the 2020 Olympic Games. The Basic Act on Cybersecurity was established in November 2014 in order to enhance the nation’s cybersecurity. The Cybersecurity Strategic Headquarters, to be led by the chief Cabinet secretary, will draw up a strategy to protect the country from cyber-attacks and bring the various ministries together to achieve this mission. Members of the Headquarters include the foreign minister, the defense minister, the trade and economy minister, the internal affairs minister, the chairman of the National Public Safety Commission, and others members and experts appointed by the Prime Minister.
METI (Ministry of Economy, Trade and Economy) plays a very important role in the implementation of security measures in enterprises. METI is also responsible for accelerating the security measures for critical infrastructures such as Oil & Gas, Chemical and Electricity.
The following guidelines were formulated by METI:
- Cybersecurity Management Guidelines (December 2015)
This guideline summarizes three principles that managers need to recognize, and ten important items on which direction should be provided to persons in charge (CISOs, etc.). Topics include understanding cyber risk, establishing organizations and systems, and executives taking leadership. Compared to other countries, Japanese executives need to be more involved and aggressive in leading cyber security measures for their company. METI expects that measures for cybersecurity will be promoted under the leadership of corporate managers based on this guideline. http://www.meti.go.jp/english/press/2015/1228_03.html
- IoT Security Guidelines (July 2016)
Japan aims for the creation of innovative business models through the utilization of IoT and the realization of a safe and secure society for the public. In order to provide IoT equipment, systems and services, companies must follow this guideline throughout the lifecycle (policy, analysis, design, implementation & connection, operation & maintenance). http://www.meti.go.jp/english/press/2016/0705_01.html
For Tokyo 2020, the government will need to further enhance the education for cyber security experts (i.e. ethical hackers), accelerate risk management and set up organizations for incident response (i.e. CSIRT: Computer Security Incident Response Team).
Conclusions
Guidelines will lead to regulations, which are critical to plant operations and business continuity. Companies – especially in Japan – are required to 1) elect strong executive leadership, 2) take full responsibility for security throughout the lifecycle 3) build a strong system and organization to manage risk.
If you are interested in learning more, please visit us at S4xJapan - S4 is the most advanced ICS / SCADA cybersecurity event in the world and Yokogawa will be sponsoring the event here in Japan on October 14th. For the opening key note, we will be welcoming Mr. Hiroshi Ito, Deputy Director-General for Cybersecurity and Information Technology at METI, so don’t miss this chance to catch up with the industry trend. *Enter the campaign code “Yokogawa” to get 20% off from the registration fee!
http://www.cvent.com/events/s4xjapan/event-summary-f0a130a4455a4663b8b0a85d0891f781.aspx