Human Resources Development in the Field of Cyber Security

Similar documents
Information Technology Engineers Examination

The IPSJ Model of IT Professional Certification

Fujitsu Group s Information Security

Application Guidelines

Information security education for students in Japan

Short-term Exchange Programs and the Internationalization of Japanese Universities: A Case-study

Initiative for Cyber Security Information sharing Partnership of Japan (J-CSIP) Annual Activity Report FY2012

JAPANESE GOVERNMENT (MONBUKAGAKUSHO: MEXT) SCHOLARSHIP FOR 2014 YOUNG LEADERS PROGRAM (YLP) STUDENT (SCHOOL OF GOVERNMENT)

Cyber Security Strategy(Information Security Policy Council, June 10, 2013)

Application Guideline for International Students

JAPANESE GOVERNMENT (MONBUKAGAKUSHO: MEXT) SCHOLARSHIP FOR 2015 YOUNG LEADERS' PROGRAM (YLP) IN BUSINESS ADMINISTRATION

GENERAL INFORMATION ON

The Japan Council of Local Authorities for International Relations (CLAIR), Singapore

JAPANESE GOVERNMENT (MONBUKAGAKUSHO: MEXT) SCHOLARSHIP FOR 2016 YOUNG LEADERS PROGRAM (YLP) STUDENT (SCHOOL OF LOCAL GOVERNANCE)

Towards closer EU-ASEAN collaboration in cybersecurity

1 If any of his/her application documents is found to be falsely stated;

Globalization of Higher Education in Japan

JAPANESE GOVERNMENT (MONBUKAGAKUSHO: MEXT) SCHOLARSHIP FOR 2016 YOUNG LEADERS' PROGRAM (LAW)

22 July, 2010 IT Security Center (ISEC) Information-technology Promotion Agency (IPA) Copyright 2010 Information-Technology Promotion Agency, Japan 1

Certification for Healthcare Information Technologist - Overview

1. OUR MISSION 2. OUR DEPARTMENTS

Overview of Asian Insurance Markets

Input and Output of ISM-Benchmark

BUNKA FASHION COLLEGE APPLICATION FOR INTERNATIONAL STUDENTS 2016

Information Security Human Resource Development Program

JAPANESE GOVERNMENT (MONBUKAGAKUSHO: MEXT) SCHOLARSHIP: Academic Year YOUNG LEADERS PROGRAM (YLP) in HEALTHCARE ADMINISTRATION

Introduction Animation in Asian Societies Establishment of Local Animation Industry LOCAL CONTENT PRODUCTIONS SUCCESSFUL BUSINESS MODELS Drivers for

SaaS and PaaS of Engineering Cloud

Business Set up in Japan

How to obtain a College Student Visa

JAPANESE GOVERNMENT (MONBUKAGAKUSHO: MEXT) SCHOLARSHIP: Academic Year 2017 YOUNG LEADERS PROGRAM (YLP) in HEALTHCARE ADMINISTRATION

B-to-B Demand Generation Programs in Asia Pacific: What Works, What Doesn't -- Lessons Learned from Novell

For Discussion Paper No. 9/2011 on 3 November 2011 DIGITAL 21 STRATEGY ADVISORY COMMITTEE. Cyber Security

The Burden of Cancer in Asia

FY2015 Survey on the International Operations of Japanese Firms JETRO Overseas Business Survey

Application Guideline. for International Students. Fall Master of Public Policy ( MPP) Master of Development Policy ( MDP)

*-*-*-*-*-*-*-*-*-*-*-*-*-* STATISTICS Results of 2012 Basic Survey on the Information and Communications Industry (preliminary report)

Fujitsu s Approach to Cloud-related Information Security

Challenges for Capital Market Development in Asia

United States Department of Commerce International Trade Administration

Information Technology Engineers Examination. Information Security Specialist Examination. (Level 4) Syllabus

Contact Information. 1+3 Combined MA and PhD Program in Japanese and Eurasian Studies.

Introduction of the education and training courses to support emerging countries

Asia-Pacific Application Performance Management Market CY 2013 Rapidly Changing Application Architecture and Business Environment Drives the Market

Vulnerability Disclosure Guideline for Software Developers

CIO Forum 360 Value Creation through IT Professional Certification Recognition Based CPIT(Project Manager) Nov 25, 2014

Software Industry in Mongolia

Partnership for Cyber Resilience

TWX-21 Business System Cloud for Global Corporations

Offices in the Rouse Group: Africa China Hong Kong India+ Indonesia Myanmar Philippines Russia Saudi Arabia+ Thailand UAE United Kingdom Vietnam +

Measures to Make Japan Asia s Center for Business February 2011 Ministry o f of Economy T, rade Trade and Industry

Certification Application

Asian Animation Industry 2015: Strategies Trends & Opportunities

RECRUITMENT OF HIGHLY SKILLED LABOUR ABROAD OECD COUNTRIES THE PRACTICE OF SELECTED. DICE Reports

Student visa and Temporary Graduate visa programme quarterly report

Philippines. Certified PROFESSIONAL CERTIFICATION

On-Site Examination Policy for Fiscal Examination Policy for Fiscal 2016" briefly reviews on-site examinations carried out in

Information Disclosure Reference Guide for Cloud Service Providers

Guide to the IT Passport Examination

International Leader Training Program for Sustainable Use of Water and Resources (SUW Program)

Project for Promotion of Computer Systems at National Railway Management College

Security on Embedded Systems

JWES Activities of Education and Certification System for Welding Engineers in Asian Countries

Cyber Security Threats and Countermeasures

Asia Pacific (including Japan) Web Application Firewall Market CY2010

2. WASTE MANAGEMENT (1) Hazardous Waste

FY2016 Graduate Program for Social ICT Global Creative Leaders (GCL) Course Student Recruitment

information security risks and defenses

CSSC-CL Announces ISASecure Certification of Hitachi and Yokogawa Industrial Control Devices. ~For More Globally Competitive Control System Devices ~

Exploring the Landscape of Philippine Cybersecurity

OS-HELP. Statement of terms and conditions

Cyber Security in Japan (v.2)

[5] Employment Measures

Photovoltaic Power Systems Business and Data Center Facility Business. Kiyoshi Tsutsui, President and CEO, NTT Facilities, Inc.

APEC Business Travel Card (ABTC)

OS-HELP LOANS PROCEDURE

2016 EXPECTATIONS 2015 INSIGHT

Establishing a Presence in Japan. Hitoshi Oishi, Executive Director, JETRO Toronto

Sri Lanka. Institute of Supply & Materials Management PROFESSIONAL CERTIFICATION

Student visa and Temporary Graduate visa programme quarterly report

As of 18 April Framework of Regional Collaboration, Preamble

Application for Admission

Operating Data (First Half of Fiscal Year 2012) Operating Data (Trends by Quarter) Results by Segment 1.3

JICA Knowledge Co-Creation Program (Long-Term Training)

INDUSTRY OVERVIEW OUTSOURCING OF SOFTWARE DEVELOPMENT AND SERVICES

Loan Information and Application Guide

Measures to Prevent Infringement of Intellectual Property Rights. Initiatives for Strengthening Business Continuity Capabilities

How To Protect Critical Infrastructure

To Be A Leader and A Premier Educational Hub in the Promotion of Afforable and Quality E-Learning in Asia

KEY CRITERIA TO SELECT AN IT SERVICES PROVIDER IN ASIA

PMTC Production Management Training Course. Prepared by Gökhan Çelikliay

NON-DEGREE STUDENT APPLICATION PROCESS

Cooperation Opportunities in ICT Between Japan and Myanmar. Mr. Thein Oo President, Myanmar Computer Federation Chairman, Myanmar Info-Tech

[6] Human Resources Development

Insurance Overview. Dan Bardin Prudential Corporation Asia November 2004

This is a licensed product of Ken Research and should not be copied

Information Security Outreach and Awareness Program. July 8, 2011 Established by the Information Security Policy Council

2006 JETRO Bangladesh Seminar

Chartered Financial Analyst (CFA) Program

Transcription:

Human Resources Development in the Field of Cyber Security October 2014 Masayuki KOIKE Director, Local Informatization and Human Resource Development Office, Information Service Industry Division, Commerce and Information Policy Bureau, Ministry of Economy, Trade and Industry (METI)

The Challenge in Cyber Security Human resources (1): for Practical Business Players as Enterprises Many information systems in Japan are closely connected with practical business in enterprises and organizations. It is often the case that construction and operation of these information systems, including security measures, are entrusted to specialists (IT vendors). In principle, engagement of personnel of enterprises- IT users with thorough knowledge on the details of their practical business is indispensable on occasion of the construction and operation of its information system with reflection on the details of practical businesses. According to an estimation by the Information-technology Promotion Agency (IPA), there are around 265 thousand people working in the information security field in Japan and only 105 thousand people among them has necessary skills. Hence, it is necessary to organize certain education programs and trainings for the other 160 thousand people. Besides, there are around 80 thousand human resources in potential shortage. It is an urgent challenge in light of information security policy of Japan to take necessary measures toward solution of this problem. Source: New Information Security Human Resource Development Program (the decision of Information Security Policy Meeting on May 19, 2014) 1

Basic knowledge requested to every business person who utilizes IT IT Passport Advanced Knowledge/ Skill IT Strategist Systems Architect Project manager Network Specialist Database Specialist Specialist Information Security Specialist IT Service Manager Systems Auditor On Information Technology Engineers in Japan Reflecting on the lack of Information Technology Engineers and the demand for establishment of Programmer certifying examination, the Information Technology Engineers (ITEE) started in 1969. Now around 500 thousand examinees participate every year and it is utilized by a number of enterprises and educational institutes. 17.53 million people applied and 2.17 million participants passed in the period of 45 years by the end of 2013 FY. The ITEE plays an important role in IT human resources development in Japan. For all the business people For IT Engineers (Vender side/ User side) (IP) Applied knowledge/s kill Fundamental knowledge/s kill (ST) (SA) (PM) (NW) (DB) (ES) (SC) (SM) (AU) Applied Information Technology Engineer (AP) Fundamental Information Technology Engineer (FE) Embedded Systems available all year round applicable both in spring and in autumn available in spring available in autumn 2

Basic knowledge IT Passport Advanced (reference) the overview of the Information Security Specialist (SC) The Targeted People The Information Security Specialist is Increase in the targeted cyber attack New type of unauthorized access appearance of new type viruses The threat of theft of secrets and stop of devices (The Threat of increase in loss of enterprises) THREAT Where located in the whole map of Information technology Engineers Appropriate Security Management by Specialists is Necessary Evaluation through national examination National to evaluate Security Specialists For All the Business people For IT Engineer (Vender Side / User side) Those who has established specialties as advanced IT engineer, supports realization of security functions in plannig, requirementsdefining, developing, operating and maintaining information system in accordance with information security policy, or equip information system basis, and supports information security management as a specialist of information security technology. the statistical data of the Information Security Specialist (for the last 3 years) 2013 FY 2012 FY 2011 FY No. of applicants 56,452 57,944 57,243 No. of participants 36,905 39,092 37,198 No. of the successful 5,147 5,407 5,110 (% of the no. of SC applicants to all) (12.0%) (11.9%) (9.9%) % of pass 13.9% 13.8% 13.7% Applied Funda mental S T S A P M N W D B AP FE E S S C S M A U The scope of questions Planning, requirements-defining, development, operation and maintenance of information security system (such as secureprogramming) Operation of information security (such as countermeasures against unauthorized access) Information security technology (countermeasures against viruses) Management of development(such as Information security management of development environment) Information security-related legal requirements (such as Copyright Act, Personal Information Protection Act) 3

Reference: The overview of IT Passport (IP) For IT Passport adopted the Computer-Based Test (CBT) for the first time as a national examination in Japan. is available at any time, anywhere, any times you want. You can choose the data/time of test in accordance with your schedule!! At any time all year round! ( Exam schedule differs according to the test center) Approximately 120 test centers all over Japan The score divided by sphere Available wherever you want! available(strategy, management, You can check not only the result but also the score! technology). Useful for (Able to check out the score after the exam at once. ability measurement. Able to check the score divided by sphere. Always new technologies are reflected. You can try any times you want to make sure your level-up! How to Apply How to Apply through internet (at the official website) the Fee 5,100 JP Yen (tax included) Test Schedule Application and Exmination available all year round Boucher Ticket system for group application available! For more details on the Web site Official Website (in Japanese) (https://www3.jitec.ipa.go.jp/jitescbt/) iパス Official Character of IT Pass Exam. SEARCH 4

METI Activity No.1: Strengthening the frequency of Information Security-related questions in Information Technology Engineers >Background> Sharp Increase in Importance of Information Security The shortage of Information Security Human Resources both in quantity and quality Necessary to improve IT literacy among the whole nationals including knowledge of Information Security. Necessary to excavate, foster and make use of Information Security Human Resources. Increased the frequency of Information Security- related questions in all of the types of Information Technology Engineers Exams, including IT Passport Exam. IT Passport Exam. Sharp Increase in the Percentage of Information Security related Questions (by twice) Fundamental IT Engineer (FE) Applied IT Engineer Exam.(AP) Advanced Exam. Source: IPA Press Release http://www.ipa.go.jp/about/press/20131029.html In the morning exam increased the percentage of Security related questions In the afternoon exam the status of Information Security sphere has been changed from selective to obligatory. In the morning exam.Ⅰand Ⅱ increased the percentage of Security related questions In IT Strategist Exam.(ST) and Project Manager Exam. (PM) added Security-related questions to the scope of morning exam.Ⅱ. (Security questions appear in all the category of advanced exam) (Note) IT Pass exam changed from May 7 th 2014. The rest of exams changed from the spring exam in 2014. 5

Information Technology Engineers in Asia The globalization of software technology and market has led to the increase in necessity of securing trans-border highquality IT human resources and enhancing their liquidity. Therefore, METI is arranging coordination with the related institutions towards mutual recognition of IT Engineers and enlargement of similar examination to ITEE. To enlarge these arrangements in Asian region etc. for the sake of securing advanced human resources oversees and enhancing their liquidity. The results achieved: Mutual Recognition with 12 Asian countries/regions (Bangladesh, China, India, Korea, Malaysia, Mongolia, Myanmar, Philippine,Singapore, Thailand. Taiwan, Vietnam) Arrangement of Common through assistance in Asia: 7 countries (Bangladesh, Malaysia, Mongolia, Myanmar, Philippine, Thailand, Vietnam) Special Measuresfor Immigration Control on the base of Mutual Recognition To the passers and holders of the examination and the qualifications listed in Public Notice of the Ministry of Justice, a preferential immigration treatment is applied. It is about the criteria pertaining to the status of residence, which is required to work in Japan as Engineer or for Designated Activities. Every examination and qualification listed in the Public Notice of the Ministry of Justice can be counted as the points in Points-based preferential immigration treatment for highly skilled foreign professionals system. 6

METI Actibity No.2: To consider the creation of a new examination towards solution of Shortage of Human Rsources Issues To create a new category Information Security Management with scope of necessary knowledge for operation of security policy of organization, in order to solve the problem of shortage of information security human resources in companies- IT users. (Aiming at its start from 2016 FY.) <Background> The rapid spread of portable devices such as smart-phones and use of cloud services has lead to mutual connection of systems and devices inside and outside enterprises. The period of Internet of Things is coming up. Taking into account the complicatedness and development in cyber attack techniques, it is necessary for all the enterprises, including manufacturing industry and critical infrastructure industry, to design items/service and business plan with care for external threats. <The shortage of information security human resources > In Japan there is shortage of around 80 thousand information security human resources. Among 260 thousand engineers involved in information security measures 160 thousand perople have limited capability (Estimation by IPA) <Challenge> Proactive measures should be taken not only by IT vendors but also IT users. In light of spread of mobile devices, it is urgent task especially for companies- IT users to develop human resources who are capable of educating general users inside the company and taking security measures in cooperation with IT engineers. <Countermeasures forward> To create information security management examination category which will evaluate the necessary knowledge and capability of human resources in charge of security in enterprises, within the framework of Informaton technology Engineers as a national examination i7

The Challenge for security Human Resources No.2 Need for the human resources with advanced specialty and cutting-edge ability Information security sphere keeps changing rapidly. To handle the everydayoccuring new incidents and advaced incidents, it is not enough only to improve the quality of the general ability of personnel in charge of information security and solve the HR shortage. It is necessary to secure the cutting-edge human resources with advanced speciality who are capable of creating new solutions in accordance with environment change. The human resources with advanced specialty can lead the engineers in charge of telecommunication sector. They can also contribute to improvement of ability of next generation of Information security human resources, and to protection from global attacks and to creation of new industry. [Source: New Information Security Human Resource Development Program (the decision of Information Security Policy Meeting on May 19, 2014)] 8

METI activity No.3 : Overview of Security Camp To expand the range of young security human resources scouting and to create global top-level resources are necessary to appropriately deal with cyber attacks with high complexity. To hold training camp for youth (under 22 years old) by private companies and IPA and to transfer security technology, including the ethical aspect, and leading-edge know-how by front-line engineers. So far 480 students participated (in 2004FY- 2014FY). To arrange security camps in regional areas and to expand the skirt of security human resources through exchange programs. Lecturers Top-level engineers To promote scouting and fostering young security human resources through Public- Private Partnership Security Camp National Contest (training camp-style lecture) Total participants: 438 students (in 2004-2013 FY) Security Camp Organization Conference Exchange with companisconference members The selected cutting-edge human resources participate in security camp (general meeting) Security Camp Organization Conference Established to organize spread and enlarge Security- Camp with distinguished lecturers in Business and Education sectors to scout and foster young security human resources. The conference consists of 30 members-companies- organizations(as of Feb. 2014). 2014 Security Camp : Main Results <National Contest> Period: August 12-16 place:pref. Chiba Participants:42 <Regional Contest> Period: May 31st - June 1 st. Place: pref. Aichi Participants:101(the first day), 19(the second day) Regional Contests Local Lectures exchanges caravans Period :August 29-31 Place: pref. Fukuoka Participants:106(the first day), 19 (the second day) Enlarge skirt and circle of young cutting-edge human resources hunting Period :September 13-14 Place:pref. Fukushima Participants :20 To be organized in Hokkaido, Okinawa 9

METI Activity No.4 :CTF(Capture the Flag) Contest through Private- Public Partnership In 2012 FY the first contest was organized as METI s commissioned project to research feasibility and effectiveness of the CTF contest as a platform for practical training. From 2013 FY through Private- public Partnership. In 2013 FY more than 1300 people participated CTF(Capture The Flag) is a contest in which participants struggle to get the flag- information stored in the system. It is practical training with assumption of occurrence of information security attack. 2012 FY (research) 2013 FY~ (Private- Public Partnership) CTF Contest Organizer Gov. bodies/organizations Information Security Policy meeting entrust Private Sponsor support Japan Network security Association (NPO)Implementation Committee support Operated by NRI Secure Technologies and so on Targeted Patticipants Business person no younger than 23 Other CTF Contest for students were also organzed To organize Regional Contest from August. In March 2014 National Contest in Tokyo. Regardless of position, age and nationality National Contest Regional Regional Regional Regional Private Company, organization Targeted Participants Gov organization Students 10

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information