Cyber ​​and Japan: CCDCOE's entry into the club announced

(To Alessandro Rugolo)
07/05/18

The news came last January that Japan is preparing to join the cyber club of Tallin as a partner state. The news came after a meeting between Estonian Prime Minister Jüri Ratas and Japanese Prime Minister Shinzō Abe. This confirms, if still needed, the level of interest in the subject in the world.

The news was received with satisfaction by the director of CCDCOE, Merle Maigre.

But let's take a look, given the opportunity, to Japan's Cyber ​​activities. Let's start with the fact that in the 2015, the September 4 for accuracy, the Government of Japan has publicly released the strategic document on cybersecurity. In general it is well evidenced that the document is intended to dictate the guidelines for the "next" three years, this means that probably at the end of the current year or at most in the first months of 2019 we will see a new Japanese strategic document.

It is very interesting to read the paragraph 3, "future vision and objectives", which clearly shows that cyberspace security is vital for Japanese society, in which social infrastructure projects such as smart communities or autonomous systems for automatic vehicles are now taken for granted. In the same chapter, the objectives linked to the IoT are in fact addressed to the policy level and with extreme clarity.

The 5 chapter describes the approach to be followed for the development of cyber capabilities and once again the concept linked to the needs dictated by the IoT is clearly highlighted. In fact, we speak of "cyber-physical space" and not just of cyber space, this is to better describe the impact that this new domination has on the physical world. In fact, the chapter speaks exactly of the "creation of secure IoT systems", from all points of view, including the promotion of companies that place safe management at the center. The extreme precision with which the document enters into the merits of each item could almost be considered "meticulousness" (and they do well!) When analyzing the need for the concepts of cybersecurity e IoT security they are well understood above all at the level of Senior Executive Management. This is because the most experienced people in the business area can be a facilitator but, if they do not stick to the times, they can quickly become a brake on evolution ...

The document indicates that the figure and the functions of the Chief Information Security Officer (CISO) must be positioned, both in the public and private sectors, at senior executive management level.

It is also interesting to note that the Japanese strategy is well-rounded, both in terms of strengthening cooperation in the cyber field with the rest of the world (from ASEAN, North America through Europe and Africa) and in terms of skills to be developed (from technicnological ones to staff training); in this sense the recent announcement of collaboration with the CCDCOE should be seen.

Last but not least, the document examines the need to improve the research and development sector of the cyber world. To this end it is said that all efforts must be made to ensure the necessary resources for the sector, including reallocating those already allocated to others. From this we can understand the difference between those who believe and invest in the cyber sector and those who think that it is enough to say what to do, but without dedicating the necessary resources ...

Among the many initiatives carried out in Japan are the courses of the SANS Institute, which aim to create a conscious managerial class, able in the near future to lead the new interlaced world in which the IoT will be the norm and the smart cities our new social environment.

That said, a question: but what is being done in Italy?

  

To learn more:
- https://news.err.ee/653903/japan-to-join-nato-cyber-defense-center-in-ta...
- https://www.sans.org/event/cyber-defence-japan-2018
- http://www.mofa.go.jp/policy/page18e_000015.html

(photo: web / Palazzo Chigi)