Power, communications and other lifelines at risk of attack
Self-Defense Forces members attend a lecture on cyberdefense.
(Photo by Keiichiro Sato)
SHUNSUKE SHIGETA,
Nikkei staff writer
December 31, 2022
TOKYO -- The Japanese government is weighing how to expand the Self-Defense Forces' cyber protection responsibilities to businesses as increasing attacks threaten both confidential data and infrastructure.
Under a framework to be put in place as early as 2024, the SDF's cyberdefense unit would also cover such private-sector entities as power and communications companies, as well as transportation networks.
The SDF cyberdefense unit, established in 2022, has been limited to protecting the common network of the Defense Ministry and SDF themselves. For civilian entities, a wait-and-see approach was taken on the grounds that the Self-Defense Forces Law did not specifically extend to the cyber domain.
The private sector will be protected under a newly introduced "active cyberdefense" concept -- a form of active defense that recently appeared in Japan's National Security Strategy for the first time.
Expert panels will be set up in 2023 to work out measures, with the framework seen enacted as law in 2024.
The changes will let the SDF cooperate with companies that are important for defense and for which SDF assistance is vital, and monitor for signs of cyberattacks. A mechanism under consideration would entail penetrating an enemy's system and neutralizing an attack if a serious one is detected.
As a first step, a system for protecting the defense sector will be put into place by fiscal 2027. Support will be extended to operators of such key infrastructure as power, transportation and communications in fiscal 2028 and later.
Private companies with inadequate cybersecurity could be targeted in attacks that compromise sensitive information. Stepped-up vigilance by Japan's public and private sectors is also a must, considering the country's close cooperation with the U.S. in troop operations and equipment.
With cyberattacks growing more sophisticated and frequent, Japan has decided that even under the current law, defense of civilian entities should be permitted to the extent necessary for the SDF's mission of ensuring peace and security.
TOKYO -- The Japanese government is weighing how to expand the Self-Defense Forces' cyber protection responsibilities to businesses as increasing attacks threaten both confidential data and infrastructure.
Under a framework to be put in place as early as 2024, the SDF's cyberdefense unit would also cover such private-sector entities as power and communications companies, as well as transportation networks.
The SDF cyberdefense unit, established in 2022, has been limited to protecting the common network of the Defense Ministry and SDF themselves. For civilian entities, a wait-and-see approach was taken on the grounds that the Self-Defense Forces Law did not specifically extend to the cyber domain.
The private sector will be protected under a newly introduced "active cyberdefense" concept -- a form of active defense that recently appeared in Japan's National Security Strategy for the first time.
Expert panels will be set up in 2023 to work out measures, with the framework seen enacted as law in 2024.
The changes will let the SDF cooperate with companies that are important for defense and for which SDF assistance is vital, and monitor for signs of cyberattacks. A mechanism under consideration would entail penetrating an enemy's system and neutralizing an attack if a serious one is detected.
As a first step, a system for protecting the defense sector will be put into place by fiscal 2027. Support will be extended to operators of such key infrastructure as power, transportation and communications in fiscal 2028 and later.
Private companies with inadequate cybersecurity could be targeted in attacks that compromise sensitive information. Stepped-up vigilance by Japan's public and private sectors is also a must, considering the country's close cooperation with the U.S. in troop operations and equipment.
With cyberattacks growing more sophisticated and frequent, Japan has decided that even under the current law, defense of civilian entities should be permitted to the extent necessary for the SDF's mission of ensuring peace and security.
No comments:
Post a Comment