The Liberal Democratic Party compiled a proposal to newly create a “cybersecurity agency” for the centralized management of cyberdefense measures. The LDP aims to establish the new agency as early as 2025. Cybersecurity-related services are currently scattered among various government agencies. Their consolidation in the new agency is intended to allow a rapid response to the increasing number of cyberattacks.
The LDP Headquarters for Cybersecurity Measures (headed by Chairperson Sanae Takaichi) will submit a written proposal to Prime Minister Shinzo Abe within the week. The proposal includes a plan to expand and upgrade the National center of Incident readiness and Strategy for Cybersecurity (NISC) to an external bureau of the Cabinet Office. The proposal also points out the necessity to develop a law to prevent so-called white hackers (good hackers) from being charged with the crime of “virus creation” [unauthorized creation of electronic or magnetic records], as they are specialists in counterattack technology.
The NISC is responsible for providing guidance on cybersecurity arrangements to administrative agencies and gathering information on the latest cyberattack methods. The LDP’s proposal intends to newly create a cybersecurity agency to centralize services relevant to cybersecurity so that the new agency can reconstruct damaged vital infrastructure after cyberattacks and respond to inquiries from the public.
Currently, the Prime Minister’s Office is the control tower for measures against cyberterrorism. The new agency will take over this responsibility. The Ministry of Education, Culture, Sports, Science and Technology and the Ministry of Internal Affairs and Communications are in charge of developing human resources for cybersecurity and related technology. The proposal calls on the new agency to support these services.
The proposal also touches on the “active defense” adopted by the new National Defense Program Guidelines approved at the end of 2018. It urges discussion of the development of technology for identifying cyber-attackers and creating laws that allow Japan to counterattack in response to attacks. Other countries have already established organizations to centralize cyberdefense. It has been pointed that Japan lags behind this trend.