Last Update: Nov 26, 2014
Initial Disclosure Date: Nov 6, 2014

On November 6, 2014, the Lower House of the Japanese Diet passed a legislative bill to require the central and local governments to ensure security against cyber-attacks. Now, the Basic Law for Cyber Security is enacted. Ministries and agencies have to provide information regarding cyber-attacks to the Cyber Security Strategy Headquarters in a timely manner. The Headquarters will be established under Chief Cabinet Secretary and serve as a focal point for the Japanese government to coordinate strategy, policy, and procedures. Critical infrastructure companies and cyber security firms are also required to cooperate with central and local governments on cyber defenses. The Japanese government is crafting a new strategy, based on recommendations from various organizations including the National Security Council.

On November 25, 2014, the 41st Information Security Policy Council meeting adopted the Policy to Enhance Japan’s Cyber Security, which requires the council to become the Cyber Security Strategy Headquarters. The headquarters is responsible for crafting Cyber Security Strategy; evaluating and auditing cyber-defense measures taken by each governmental organizations; analyzing major cyber-attacks and evaluating responses to them; and coordinating policy taken by each ministry and agency. The Cyber Security Strategy Headquarters will be launched in January 2015 if all goes smoothly. The National Information Security Center (NISC) will be promoted to the National Center of Incident Readiness and Strategy for Cybersecurity (NISC) and start fixed-term contracts to hire experts to improve analysis.

Sources:

1. Chugoku Shimbun, "Saiba kihonho ga seiritsu seihu ni senryaku honbu secchi [Basic Law for Cyber Security was enacted - Japanese government launches Strategy HQ]," November 6, 2014,
   http://www.chugoku-np.co.jp/local/news/article.php?comment_id=102987&comment_sub_id=0&category_id=256.
2. Tokushima Shimbun, "Saiba sekyuriti kihonho seiritsu Seihu ni senryaku honbu secchi [Basic Law for Cyber Security was enacted - Japanese government launches Strategy HQ]," November 6, 2014,
   http://www.topics.or.jp/worldNews/worldPolitics/2014/11/2014110601001048.html.
3. Nihon Keizai Shimbun, "Saiba kogeki taisaku-ho ga seiritsu Naikaku ni Senryaku honbu [Law for cyber defenses was enacted - new Strategy HQ under Chief Cabinet Secretary]," November 6, 2014,
   http://www.nikkei.com/article/DGXLASFS06H04_W4A101C1EAF000/.
4. NISC, “Waga kuni no saiba sekyuriti suishin taisei no kino kyoka ni kansuru torikumi hoshin [Policy to Enhance Japan’s Cyber Security],” November 25, 2014,
   http://www.nisc.go.jp/conference/seisaku/dai41/pdf/houshin20141125.pdf, 6.
5. NISC, “Shiryo 1-1 ‘Waga kuni no saiba sekyuriti suishin taisei no kino kyoka ni kansuru torikumi hoshin (an)’ gaiyo [Outline of Policy to Enhance Japan’s Cyber Security (draft)],” November 25, 2014,
   http://www.nisc.go.jp/conference/seisaku/dai41/pdf/41shiryou0101.pdf
6. Nihon Keizai Shimbun, “saiba kogeki taisaku de Senryaku Honbu Seihu, 15 nen 1 gatsu nimo secchi [Japanese government will launch the Cyber Security Strategy Headquarters to deal with cyber-attacks in January 2015],” November 25, 2014,
   http://www.nikkei.com/article/DGXLASFS25H3G_V21C14A1PP8000/

※ Each company name, an organization name, and a brand name are a trade name of each company and each organization, or a registered trademark.