Cyber Security Strategy(Information Security Policy Council, June 10, 2013)



Similar documents
International Strategy on Cybersecurity Cooperation

Cybersecurity Strategy in Japan

How To Protect Critical Infrastructure

The Policy Approaches to Strengthen Cyber Security in the Financial Sector (Summary) July 2, 2015 Financial Services Agency

Viewpoint: Implementing Japan s New Cyber Security Strategy*

National Cyber Security Policy -2013

The trend of the Cyber Security and the efforts of NEC. December 9 th, 2015 NEC Corporation

Commonwealth Approach to Cybergovernance and Cybersecurity. By the Commonwealth Telecommunications Organisation

MIC s Efforts on Cybersecurity Human Resource Development

Cyber Security Strategy of Georgia

Basic Plan on Measures for Providing Safe and Secure Internet Use for Young People

(U) Appendix E: Case for Developing an International Cybersecurity Policy Framework

Germany: Report on Developments in the Field of Information and Telecommunications in the Context of International Security (RES 69/28),

NATIONAL CYBERSECURITY STRATEGIES: AUSTRALIA AND CANADA

U. S. Attorney Office Northern District of Texas March 2013

Information Security Human Resource Development Program

The Guidelines for U.S.-Japan Defense Cooperation April 27, 2015

Developing and Enhancing Cyber Security Capabilities in the Region. Khaled Gamo Technology Advisor Ministry of communication and informatics

TUSKEGEE CYBER SECURITY PATH FORWARD

DECLARATION STRENGTHENING CYBER-SECURITY IN THE AMERICAS

Actions and Recommendations (A/R) Summary

El Camino College Homeland Security Spring 2016 Courses

NGA Paper. Act and Adjust: A Call to Action for Governors. for cybersecurity;

Long-Term (Six-Year) Action (Strategic) Plan for Development of LEPL Ivane Javakhishvili Tbilisi State University ( )

Priority III: A National Cyberspace Security Awareness and Training Program

Lessons from Defending Cyberspace

Promoting Anti-Corruption Collective Action through Global Compact Local Networks

Cyber Security in Japan (v.2)

Cyber Security & Role of CERT-In. Dr. Gulshan Rai Director General, CERT-IN Govt. of India grai@mit.gov.in

How To Ensure Cyber Security In The Czech Republic

CAPACITY BUILDING TO STRENGTHEN CYBERSECURITY. Sazali Sukardi Vice President Research CyberSecurity Malaysia

The Importance of a Multistakeholder Approach to Cybersecurity Effectiveness

Microsoft s cybersecurity commitment

Legal Issues / Estonia Cyber Incident

Cyber security in an organization-transcending way

PUBLIC DATA AT RISK: CYBER THREATS TO THE NETWORKED GOVERNMENT

S. ll IN THE SENATE OF THE UNITED STATES

DHS, National Cyber Security Division Overview

THE 411 ON CYBERSECURITY, INFORMATION SHARING AND PRIVACY

Fujitsu Group s Information Security

For Discussion Paper No. 9/2011 on 3 November 2011 DIGITAL 21 STRATEGY ADVISORY COMMITTEE. Cyber Security

Information Security Outreach and Awareness Program. July 8, 2011 Established by the Information Security Policy Council

Preventing and Defending Against Cyber Attacks November 2010

aecert Roadmap Eng. Mohammed Gheyath Director, Technical Affairs TRA

Government of Kenya Ministry of Information Communications and Technology Telposta Towers, 10th Floor, Kenyatta Ave Nairobi, Kenya

US-CERT Overview & Cyber Threats

Cybercrime Bedrohung, Intervention, Abwehr. Cybersecurity strategic-political aspects of this global challenge

Public Private Partnerships and National Input to International Cyber Security

DHS. CMSI Webinar Series

CERT Collaboration with ISP to Enhance Cybersecurity Jinhyun CHO, KrCERT/CC Korea Internet & Security Agency

Partnership for Cyber Resilience

GLOBAL CONFERENCE ON CYBERSPACE 2015 CHAIR S STATEMENT

Provisional Translation

The Comprehensive National Cybersecurity Initiative

Achieving the creative economy and citizens happiness through informatization

STATEMENT OF JOSEPH M. DEMAREST, JR. ASSISTANT DIRECTOR CYBER DIVISION FEDERAL BUREAU OF INVESTIGATION

Middle Class Economics: Cybersecurity Updated August 7, 2015

A Detailed Strategy for Managing Corporation Cyber War Security

Introduction of the GCCD. (Global Cybersecurity Center for Development)

National Cyber Security Strategy 2

Testimony of. Before the United States House of Representatives Committee on Oversight and Government Reform And the Committee on Homeland Security

Cyber Security Strategy

Towards closer EU-ASEAN collaboration in cybersecurity

Internet Safety and Security: Strategies for Building an Internet Safety Wall

On the European experience in critical infrastructure protection

Cyber Resilience Implementing the Right Strategy. Grant Brown Security specialist,

Cyber Security Strategy

Cybersecurity Global status update. Dr. Hamadoun I. Touré Secretary-General, ITU

Promoting a cyber security culture and demand compliance with minimum security standards;

The Danish Cyber and Information Security Strategy

Cyber Security Strategy for Germany

Cybersecurity and Incident Response Initiatives: Brazil and Americas

Human Resources Development in the Field of Cyber Security

Making our Cyber Space Safe

JOB ANNOUNCEMENT. Chief Security Officer, Cheniere Energy, Inc.

2015 Michigan NASCIO Award Nomination. Cyber Security Initiatives: Michigan Cyber Disruption Response Strategy

REPUBLIC OF MAURITIUS NATIONAL CYBER SECURITY STRATEGY

Update on U.S. Critical Infrastructure and Cybersecurity Initiatives

Rethinking Information Security for Advanced Threats. CEB Information Risk Leadership Council

Guiding principles for security in a networked society

Australian Government Cyber Security Review

Canada 2017! A Digital Nation Focus on ICT

CYBERSECURITY BEST PRACTICES FOR SMALL AND MEDIUM PENNSYLVANIA UTILITIES

Information security education for students in Japan

C ETS C/ETS: CYBER INTELLIGENCE + ENTERPRISE SOLUTIONS CSCSS / ENTERPRISE TECHNOLOGY + SECURITY

WRITTEN TESTIMONY OF

TEXAS HOMELAND SECURITY STRATEGIC PLAN : PRIORITY ACTIONS

Transcription:

Environmental Change Vision to aim as a Goal Basic Principles Cyber Security Strategy(Information Security Policy Council, June 10, 2013) Areas of Efforts Increasing severity of the risk surrounding cyberspace Assuring Sustainability 1. Resilient cyberspace Strengthening ability of protection and recovery Merger and Integration of Cyberspace and Real-space [widespread/sophistication, further progress, global expansion] Cyberspace 2Measures in CIP 3. World-leading Cyberspace Strengthening ability of contribution 3Measures in Private companies and outreach and Educational/Research Institutes 1Diplomacy 4Hygiene of Cyberspace 5Crime countermeasures of Cyberspace 6Defense of Cyberspace Globalization 2Global Outreach 3International Cooperation Increasing Serious Risk Surrounding Cyberspace 1 Assuring free flow of information 2 New measures against increasing serious risk 3 Strengthening of risk based response 4 Actions and mutual cooperation considering shared responsibility 1Measures in Gov t ~Realization of the Cyber Security Nation ~ For national security/crisis management; social/economic development; and safety/security of public, realizing the society that is strong against cyber attacks, full of innovations and that its public will be proud of, through constructing the world-leading, resilient and vigorous cyberspace Gov't Individual users Critical Infrastructure Providers (CIPs) SMEs Cyberspace-related Operators Private Companies Educational/Research Institutes [hugeness, diffusion, globalization] Strengthening growth by further facilitating merger and unification of cyberspace and real-space Assuring pansivity 2. Vigorous Cyberspace Strengthen Creativity and Knowledge 1Activation of Industry 2Research and Development 3Human Resource Development 4Literacy Improvement Promotion Systems etc. Enhancement of the functions of NISC 1

1.Environmental Changes Merger and integration of cyberspace and real-space widespread/sophistication, further progress, global expansion Increasing serious risk surrounding cyberspace hugeness, diffusion, globalization 2.Basic Policy (1) Vision to aim as a goal: Realization of the Cyber Security Nation For national security/crisis management; social/economic development; and safety/security of public, realizing the society that is strong against cyber attacks, full of innovations and that its public will be proud of, through constructing the world-leading, resilient and vigorous cyberspace, (2) Basic Principles 1 Assuring free flow of information Ensure freedom of speech and privacy protection, and enjoy economic development etc. 2 New measures against increasing serious risk Multi-layered efforts are necessary to respond to the changing risks promptly and precisely 3 Strengthening of risk based response Through dynamic response capabilities, strengthening of the response based on the risk characteristics is necessary. 4 Actions and mutual cooperation considering shared responsibility Each actor in multi-stakeholder needs to serve its role for proper mutual cooperation and assistance (3) Roles of Each Actor 1 Government Diplomacy, defense and crime countermeasures of cyberspace, strengthening the measures and preparations for coping with situations etc. 2 Critical infrastructure Providers Strengthening the efforts within the current target 10 sectors, providing necessary measures to new sectors etc. (10 sectors: ICT, Finance, Aviation, Railway, Electricity, Gas, Gov't/Gov't Services (incl. regional municipalities), Medical, Water, Logistics) 3 Private companies, Educational/research institutions Collective measures such as information sharing, industry - academia partnership for development advanced technologies and human resources etc. Fostering recognition of "Do not trouble others", self-governing measures such ad literacy 4 Individual users, Small/medium-sized enterprises improvement, and information sharing, etc. Dealing with vulnerabilities in products etc., recognition and analysis of incidents, increasing the 5 Cyberspace-related operators competitiveness in the global market etc. 2

3.Areas of Efforts About details on the efforts, see Cybersecurity Strategy (ISPC, June 10, 2013) GSOC: Government Security Operation Coordination team (1) Construction of Resilient Cyberspace CSIRT: Computer Security Incident Response Team CYMAT: CYber incident Mobile Assistant Team 1 Measures in Government: Strengthening measures in information systems etc. and preparations for coping with cyber attacks. Construction of system base that is strong against cyber attacks by moving information systems into the government common platform cloud Emphasizing measures depending on the degree of importance etc. for information such as state secrets and information systems. Strengthening handling of critical info. on national safety by operators other than government, measures by independent administrative institutions etc. Increase capabilities of the GSOC to better detect and analyze incidents and share information between government agencies Strengthening system to share info. and respond incidents in government by strengthening of cooperation between CYMAT and CSIRT etc. Strengthening preparation of coping with situations by implementation of the training every year for large-scale cyber attack situation etc. 2 Measures in Critical Infrastructure Providers: Measures in accordance with the ones for government Promotion of information sharing between critical infrastructure providers and cyberspace-related operators on such matters as cyber attacks Establishment of framework for sharing the incident information possessed by GSOC with critical infrastructure providers Development of the new "Action Plan" by re-considering the scope of critical infrastructure and measures in such providers etc. 3 Measures in Private Companies and Educational/Research Institutions: Strengthening of recognition and information sharing of incidents, promotion of building CSIRTs and performing exercises Increase the ability that medium/small-sized companies recognize cyber attacks, by considering incentives to promote investment in security Increase the responsive ability against cyber attacks of private companies by performing exercises using a practice test bed Increase the responsive ability to counter incidents by promoting the creation of CSIRTs in private companies and research institutions. 4 Hygiene of Cyberspace: Implementation of preventative measures that society as a whole participates Promotion ensuring hygiene of cyberspace as a national movement by creation of "Cyber Clean Day" (tentative) etc. Building framework which ISPs can warn individual users that may access malicious sites. Considering flexible ways of operation in related systems, such as possibility of communication analysis for security purpose in consideration to the secrecy of communication etc. 5 Crime Countermeasures of Cyberspace: Strengthening of ability to cope with cyber crimes and preparations by utilizing knowledge from private sector etc. Create Japanese NCFTA, and strengthening of the framework for information sharing with anti-virus vendors Considering ways of saving logs such as communication ones and measures to promote digital forensics by related operators and organizations NCFTA: National Cyber-Forensics and Training Alliance 3

(1) Construction of Resilient Cyberspace (cont.) 6 Defense of Cyberspace: Strengthening capabilities to defend Japan-related cyberspace from state-level cyber attacks Organizing the roles of related organizations such as JSDF in such emergency situations as information systems of critical infrastructures are attacked, establishing of organizational structure and systems etc. that handle those situations, and arranging application of specific international laws. Strengthening capability and preparation of JSDF etc. to counter cyber attacks implemented as part of armed attacks. (2) Construction of Vigorous Cyberspace 1 Activation of Industry: Strengthening the global competitiveness of cybersecurity industry in Japan that is highly dependent on foreign products etc. Participating proactively in the formation of international framework for international standardization, mutual recognition in assessment and certifications, and establishing an organization that assesses and certifies industrial control systems Aggressively procuring products etc. that utilize cutting edge technologies within government 2 Research and Development: Creation of security technologies that are creative and imaginative to counter the changing risks Accelerating research and development of technologies for detection and advanced analysis for cyber attacks to hold and develop cutting-edge research and development Developing cutting-edge technologies to establish groundbreaking countermeasures against increasingly diverse and sophisticated cyber attacks such as hidden malware 3 Human Resource Development: Development of security professionals that are high-quality and with international talent Conducting by public-private cooperation training camps and competition contests of practical skills in order to explore individuals with great skills in software development, etc, Supporting the attending of international conferences and studying at graduate schools abroad in order to develop human resources that can compete globally 4 Literacy Improvement: Increase the literacy of the public Promote practical initiatives at elementary and secondary schools such as teaching information morals including information security and software programming, use of digital textbooks. Development of supporters to increase security awareness to the elderly Developing framework where individual users can recognize risks and determine its use on their own for smartphone applications 4

(3) Construction of World-leading Cyberspace 1 Diplomacy: Multilaterally constructing and strengthening partnerships with such nations as share the same basic values Continuously deliberating on how to apply specific international laws such as the Charter of the United Nations, International Humanitarian Laws for conducts in cyberspace. Deepening on discussions about details on how to deal with cyber sector and establishing international codes of conducts with the other countries such as the US. 2 Global Outreach: Developing relationships that can grow together with such partners as ASEAN member states, and supporting responsive capabilities against cyber attacks Developing a network to collect information about cyber attacks by collaborating with other nations, then implementing research and development on methods for prediction and quick response of cyber attacks. Introducing success cases of botnet countermeasure projects that were conducted through public-private partnership, and conducting tabletop exercises, joint projects 3 International Cooperation: Strengthening to deal with incidents related to cyber attacks across borders in cooperation Continuously exchanging information about cyber crime with foreign agencies, and sending officers for such purpose as strong collaboration Internationally communicate the basic stance of our nation in order to avoid contingency due mutual distrust, and building from peacetime contact channels, and implementing collaborative research projects and cyber exercises among plurilateral nations. 4.Promotion Systems etc. As for NISC (National Information Security Center), the necessary organizational structure such as authority will be developed and reorganized to establish "Cyber Security Center" (tentative) around FY2015. Developing framework that promotes the sharing of information related to cyber attacks between government agencies and critical infrastructure providers. Properly managing the specific mid and long term goals (FY2015 and 2020) to promote the efforts. By FY2015, increase the coverage of cyber attacks related information sharing network in government agencies etc., decrease malware infection rates and citizen concerns, and increase the number of such nations as participating in international incident coordination By 2020, double the size of domestic information security market, and decrease the lack of proportion in security professionals Targeting three years until FY2015, and Implementing development and assessment of annual action plans. Developing international strategy for cybersecurity. 5

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information