Development of Information Security-Focused Incident Prevention Measures for Critical Information Infrastructure in Japan
In recent years, the dilemma of cyber attacks by malicious third parties targeting security vulnerabilities in information and communication systems has emerged, resulting in security incidents. This situation suggests that the establishment of proactive efforts and recurrence prevention measures are becoming imperative, especially in critical infrastructure sectors.This paper provides an analysis of 58 security incident cases, which occurred in critical infrastructures worldwide and were published in media. The purpose of the analysis is to conclude to a valid list of recurrence prevention measures that constitute good practices.
KeywordsInformation security Critical Information Infrastructure security Security vulnerabilities Security incidents
Unable to display preview. Download preview PDF.
- 1.NISC: The First National Strategy on Information Security - Toward the creation of a trustworthy society, http://www.nisc.go.jp/eng/pdf/national_strategy_001_eng.pdf
- 2.NISC: Action Plan on Information Security Measures for Critical Infrastructures, http://www.nisc.go.jp/eng/pdf/actionplan_ci_eng.pdf
- 3.Aung, Z., Watanabe, K.: Japan’s Critical Infrastructure Protection: Risk Components and Modeling Framework. In: IFIP WG 11.10 International Federation for Information Processing. Critical Infrastructure Protection III, vol. xxx. Springer, Boston (2009)Google Scholar
- 4.NISC Japanese Government’s Efforts to Address Information Security Issues (November 2007), http://www.nisc.go.jp/eng/pdf/overview_eng.pdf
- 5.NISC The Second National Strategy on Information Security (currently Japanese only), http://www.nisc.go.jp/active/kihon/pdf/bpc02_ts.pdf
- 6.IPA: Report of study committee for reliability of critical infrastructure information systems, http://sec.ipa.go.jp/reports/20090409.html