Topics

Exploring emerging domain on diplomatic issues - outer space, cyber space, and ocean space

Japanese government released new cyber security standards for government agencies

On 19th May, The Information Security Policy Council (ISPC) headed by Chief Cabinet Secretary decided Common Standards of Information Security Measures for Government Agencies (FY2014 Edition), The Basic Policy of Critical Information Infrastructure Protection (3rd Edition), New Information Security Human resource development Program, and Cyber Security 2014. Those policies are based on Cyber Security Strategy released on Jun 2013 and National Security Strategy released on December 2013 (Decision by the National Security Council and Cabinet Decision) Common Standards of Information Security Measures for Government Agencies is the government-wide framework for cyber security. It describes introduction and planning of systems, system operation, inspection, review, information handling, outsourcing, information system lifecycles, information system security requirements, information system components, and information system usage. The first version of standards was released on December 2005 and the last version (Version 4 revised) was released on 2011.

The Basic Policy of Critical Information Infrastructure Protection is an overall plan for protecting critical infrastructures against IT-malfunctions. It was developed based on following 5 policies.
1. Maintenance and promotion of safety principles
2. Improvement of information sharing
3. Improvement of incident response
4. Risk management
5. Enhancement of the basis for Critical Information Infrastructures Protection (CIIP)

In New Information Security Human resource development Program, ISPC will clarify the individual measures to be taken by the responsible ministries / agencies based on this program. And they take the measures from the viewpoints of both demand and supply aiming at a virtuous cycle of human resources for cyber security. Cyber Security 2014 is the yearly government plan for Information security. It describes detailed plan related to cyber security to follow revised standards and policies.

Resources
Common Standards of Information Security Measures for Government Agencies (FY2014 Edition) (Draft)  
The Basic Policy of Critical Information Infrastructure Protection (3rd Edition) (Draft)  
New Information Security Human resource development Program (Draft)
Cyber Security 2014 (Japanese) 

日本政府は政府機関の情報セキュリティ対策のための統一基準群等を決定