Japan International Cooperation Agency
Share
  • 日本語
  • English
  • Français
  • Espanol
  • Home
  • About JICA
  • News & Features
  • Countries & Regions
  • Our Work
  • Publications
  • Investor Relations

Project News

2021-07-21

Cybersecurity Policy Making Online Seminar

For three days, from 19 to 21 July 2021, a seminar on cybersecurity policy was held online by the ministries responsible for Japan's cybersecurity policy and a university studying international politics and law.

According to the original plan, the Vietnamese side planned to conduct the seminar with more than 50 participants, including counterpart agencies (AIS) and other ministries and local government officials. However, due to the spread of Covid-19 infection in Viet Nam since May 2021, the Vietnamese side also decided to hold the seminar online.

DAY 1 (19 July)

On the first day, the following groups of the National Center of Incident readiness and Strategy for Cybersecurity (NISC) gave lectures. NISC is the command center for Japan's cybersecurity policy established in the Cabinet Secretariat.

  • Strategy and Policy Planning Group
  • Planning and Security Audit for Government Entities Group
  • Critical Infrastructure Protection Group

NISC introduced Japan's cybersecurity strategy, security measures of government agencies, and Japan's latest efforts on critical information infrastructure defense. In particular, the next cybersecurity strategy currently being formulated is based on the premise of digital transformation (DX), and since Viet Nam is also promoting DX, Japan's policies and implementation methods must have been interesting to the Vietnamese side. VNCERT/CC expressed the hope that CEPTOAR[1], the information sharing system between ministries and critical information infrastructure operators, could be a reference model for ISAC[2], the information sharing system that Viet Nam is planning to establish under government initiative. In Viet Nam, where cloud computing is increasingly being used, there was an impression that many participants would like to see materials and detailed information on the " Information system Security Management and Assessment Program (ISMAP)" for cloud computing.

DAY 2 (20 July)

In the morning of the second day, there was a lecture by the Office of the Director-General for Cybersecurity of the Ministry of Internal Affairs and Communications. In particular, the security measures related to the Internet and IoT seemed to be very helpful for the Ministry of Information and Communications (MIC), which is also in charge of information and communications. The Vietnamese side asked several comments for Japan's knowledge on pure security measures and security based on the digital economy and security related to smart cities. In addition, as human resource development is also an important issue in Viet Nam, there were many questions about human resource development platforms and R&D support for young people in Japan.

In the afternoon of the second day, Meiji University lectured on the politics and law of cyberspace. There were many interesting discussions such as Internet governance, Internet and sovereignty, privacy, and regulation of fake news and disinformation, which are prerequisites for considering the utilization of cyberspace and its security. The lecturer pointed out some deeply related issues to Vietnamese economic development when Viet Nam considers cybersecurity in the future. The particularly important point was that Viet Nam needs to carefully consider whether to tighten regulations on data localization in order to maintain its attractiveness as an investment destination for foreign companies. The Vietnamese side also asked the Japanese side for their opinions on data localization related to Vietnamese cybercrime investigation.

DAY 3 (21 July)

In the morning of the last day, Cybersecurity Division of the Commerce and Information Policy Bureau of the Ministry of Economy, Trade and Industry (METI) gave a lecture. In the cyber-physical framework proposed by the METI, software becomes even more important, and the key points of how users can utilize the data obtained through hardware to create new value were explained. From the Vietnamese side, there was an opinion that the cybersecurity management guidelines would be helpful as they are more specific than the Vietnamese guidelines. Regarding human resource development, DX promotion, and verification of security products, there are many overlaps with the missions of the MIC. The Vietnamese side expressed their willingness to continue to learn Japanese knowledge.

The project will continue our dialogues with the officials in charge of policy formulation so that the knowledge on Japanese policies introduced this time can be utilized in policy formulation in Viet Nam.

Photo


Notes

  • [1] CEPTOAR (Capability for Engineering of Protection, Technical Operation, Analysis and Response): An organization that is responsible for the information sharing and analysis functions of critical information infrastructure operators, etc. and the relevant functions. The purpose of the organization is to provide information provided by the government to critical information infrastructure operators, etc. in an appropriate manner in order to prevent system failures from occurring, to prevent damage from spreading when incidents occur, and to ensure quick recovery and prevent recurrence.
  • [2] ISAC (Information Sharing and Analysis Center): Nonprofit organization that provides a central resource for gathering information on cyber threat to critical information infrastructure and sharing information between the private and public sector.

PAGE TOP

Copyright © Japan International Cooperation Agency