Previous 2 / 73 Next

This policy has been formulated based on the Cybersecurity Strategy formulated pursuant to the stipulations of Article 12 of the Basic Act on Cybersecurity (Act No. 104 of 2014), and also based on the stipulations of Article 14 (Ensuring Cybersecurity at Critical Social Infrastructure Providers and Other Related Entities) and Article 26, Paragraph 1, Item 5 (Functions under Jurisdiction of the Cybersecurity Strategic Headquarters) of the Act.

Select target paragraph3

● ● ●

The Cybersecurity Policy for Critical Infrastructure Protection

Document

State

Japan

Type of Document (for States): Strategy Documents: Other Strategy Documents

Topics

Critical Infrastructure
Cyber Crime
Cyber Terrorism
Cybersecurity Awareness
Cybersecurity Exercises
Economy and Finance
Incident and Emergency Response
International Cooperation
National Cyber Defense
Public-Private Partnership
Risk Mitigation and Management
Sustainable Development
Training and Education

United Nations Regional Group

Asia-Pacific States

Issuing Body

Summary

The government established the Cybersecurity Policy for Critical Infrastructures Protection, a shared policy between the government, which bears responsibility for promoting independent measures by CI operators relating to CI cybersecurity and implementing other necessary measures, and CI operators, which independently carry out relevant protective measures, as a basic framework for CI protection, and has promoted this initiative to date.
Purpose of CIP
- Based on the concept of mission assurance, the purpose of CI protection (CIP) is to maintain safe and continuous provision of CISs. Taking the view that natural disasters, mismanagement, cyberattacks, and changes in the environment surrounding CI constitute risks that make the continuous provision of CISs uncertain, the aim is to ensure resilience and prevent serious impact on national life and socioeconomic activities, from the dual aspects of limiting risk to acceptable levels, and in terms of preparing for CISs outages, taking appropriate action in the event of outages, and ensuring rapid restoration of services.
Responsibilities of stakeholders
- Responsibilities of stakeholders are based on the Basic Act on Cybersecurity (Act No. 104 of 2014).
- The national government is responsible for formulating and implementing comprehensive cybersecurity policies.
- Local governments bear the responsibility to formulate and implement independent cybersecurity policies.
- CI operators(excl. related entities) bear the responsibility to deepen their interest in and understanding of the importance of cybersecurity and to endeavor independently and actively to ensure cybersecurity, in order to stably and properly provide its services.
- Cyberspace-related business entities and other business entities shall endeavor independently and actively to ensure cybersecurity in the course of their business activities.
The Policy has been formulated based on the Cybersecurity Strategy formulated pursuant to the stipulations of Article 12 of the Basic Act on Cybersecurity (Act No. 104 of 2014), and also based on the stipulations of Article 14 (Ensuring Cybersecurity at Critical Social Infrastructure Providers and Other Related Entities) and Article 26, Paragraph 1, Item 5 (Functions under Jurisdiction of the Cybersecurity Strategic Headquarters) of the Act.

Source Link 1: https://www.nisc.go.jp/eng/index.htm

Source Link 2: https://www.nisc.go.jp/eng/pdf/cip_policy_2022_eng.pdf

Year Published: 2022

Date Published: Jun 17, 2022

Document Language(s)

English

Preview

Map

Latitude: 36.204824

Longitude: 138.252924

Map (linked Document): Japan

Primary Documents

2022_Japan_en_The Cybersecurity Policy for Critical Infrastructure Protection.pdf
english
Download View