The government asked critical infrastructure operators Thursday to manage important data in Japan rigorously, in a bid to prevent its disclosure.
The request was made as part of the government’s revised guidelines on security standards for operators of essential services such as electricity, water and gas. The guidelines were adopted at the day’s meeting of the government’s Cyber Security Strategy Headquarters.
In cases where infrastructure operators use overseas servers to manage important data, the new guidelines called on such operators to do so based on a clear understanding of local regulations and systems.
“With cyberattacks becoming increasingly complex and tricky, we’ll see more and more taking aim at (utility) supply chains,” Chief Cabinet Secretary Yoshihide Suga, who heads the headquarters, told the meeting, directing related Cabinet ministers to boost measures against such attacks.
As there have been cases in which earthquakes and heavy rain caused damage to infrastructure, the revised guidelines urged infrastructure operators to choose locations for establishing their information systems where risks of damage from disasters are low.
Also at the headquarters’ meeting, the government decided on priority cybersecurity measures to be implemented under its fiscal 2020 budget.
They included the creation of technologies for coping with information theft via malicious functions embedded in telecommunications devices, apparently reflecting the government’s aim to respond to theft allegations against Chinese telecommunications equipment-maker Huawei Technologies Co.
The government has already indicated a policy not to procure devices posing such risks, and hopes similar efforts will be adopted by private-sector companies.