Japan is creating a consultative body to implement an active cyber defense system to improve its ability to counter cyberattacks on critical infrastructure.
The government will tap railways, electricity, and telecommunications operators for their expertise.
This collaboration will likely involve information sharing on cyber risks and potential countermeasures, including an analysis of international cyberattacks.
The new system is expected to function as a centralized command post for gathering intelligence and coordinating defensive actions.
A new organization is being formed to improve cybersecurity defense capabilities, including potential successors to the National Center for Incident Readiness and Strategy for Cybersecurity (NISC) and critical infrastructure operators like electricity and telecom companies.
ANYRUN malware sandbox’s 8th Birthday Special Offer: Grab 6 Months of Free Service
The model is based on the US Cybersecurity and Infrastructure Security Agency’s Joint Cyber Defense Collaborative (JCDC), a similar information-sharing group comprising various organizations, including telecoms, that share confidential cyber threat data and develop collaborative defense strategies.
Japan is updating its cybersecurity strategy to address the rising prevalence of hybrid warfare strategies that combine physical attacks with cyberattacks on critical infrastructure, and the NISC will establish a new centralized command post to gather and analyze threat data and tailor countermeasures.
A consultative body established under this command post will facilitate the sharing of cyber risk information and analysis, including international examples, as in critical situations, the government will directly intervene to support recovery efforts.
The Japanese government plans to establish a public-private information-sharing body on cyber threats.
The key infrastructure operators in electricity, telecommunications, water, and railways will be mandated to participate and will be required to report cyberattacks and the resulting damage to the government.
Additionally, the government is considering requiring these operators to install sensors for network monitoring to enable real-time sharing of information on suspicious communications.
This would aim to improve national cybersecurity by facilitating information exchange and coordinated responses between critical infrastructure owners and the government.
The government is proposing a public-private partnership to enhance active cyber defense.
This partnership will involve mandatory security clearances for personnel handling sensitive economic data and collaboration between sectors to improve threat detection and response.
According to the Asia News Network, the government also seeks expanded authority to access and neutralize attackers’ servers during cyberattacks, as an expert meeting in early June is expected to solidify these plans.
Free Webinar on Live API Attack Simulation: Book Your Seat | Start protecting your APIs from hackers