Nurturing talents and professionals for the digital age
Last Updated:Nov 15, 2024
The Industrial Cyber Security Center of Excellence (ICSCoE) under the Information-technology Promotion Agency, Japan (IPA) and the Ministry of Economy, Trade and Industry (METI), in collaboration with the government of the United States (Department of Homeland Security/ Cybersecurity and Infrastructure Security Agency (DHS/CISA) and Department of State (DOS)) and the European Commission (Directorate-General for Communications, Networks, Content and Technology (DG CONNECT)), hosted JP-US-EU Industrial Control Systems Cybersecurity Week (November 12-15, 2024) in Tokyo.
The hands-on training brought together 38 government and industry practitioners invited from the Indo-Pacific region (ASEAN member states, India, Bangladesh, Sri Lanka, Mongolia and Taiwan) who participated in the exercise.
METI and the ICSCoE hosted the JP-US-EU Industrial Control Systems Cybersecurity Week in collaboration with the US government (DHS/CISA, DOS) as well as the European Commission (DG CONNECT) from November 12 to 15, 2024.
Cybersecurity measures are more effective when implemented jointly by several organizations or countries. To combat the growing threats stemming from increased digitization and interconnectedness, the geopolitical importance of cybersecurity and cooperation among like-minded countries is indispensable. The Cybersecurity Week was first launched in 2018 by Japan in collaboration with the U.S. with the aims of enhancing cybersecurity capacity within the Indo-Pacific region and reinforcing collaboration with respective countries. Recognizing its value, the European Union (EU) officially joined this annual ICS cybersecurity exercise from 2021.
The ICS Cybersecurity Week hosted participants from the Indo-Pacific region who are information and operational cybersecurity experts from critical infrastructure operators, cybersecurity experts from national Computer Security Incident Response Teams (CSIRTs), and policy experts from relevant ministries and authorities etc..
This year, we particularly focused on strengthening corporate supply chain resilience. We conducted industry-specific workshops using virtual scenarios that incorporate industry-specific risks and case studies, as well as hands-on exercises on cyberattacks utilizing AI in the industrial control sector. Additionally, we held workshops in collaboration with the United States on network threat analysis and incident response. Furthermore, seminars led by experts from Japan, the U.S., and the EU were offered on two topics: awareness of policy issues and initiatives by government officials in each region; and, supply chain risk management. Through this event, participants were able to acquire knowledge, enhance their thinking on cybersecurity policy and tangibly improve their cybersecurity capabilities.
The program also contributed to establishing a common understanding on ICS cybersecurity and strengthening relationships between the Indo-Pacific region and Japan, the U.S. and the EU, which will become a foundation for further international cooperation in jointly addressing growing cybersecurity threats. Under the vision of a “Free and Open Indo-Pacific,” METI and the ICSCoE will continuously endeavor to enhance the cybersecurity capacity of the whole region, in particular by reinforcing measures for critical infrastructure.
Using virtual scenarios that incorporate industry-specific risks, case studies, and security/safety requirements, participants engaged in group discussions simulating cyberattacks. Participants had an opportunity to learn practically how to address cyber risks faced by businesses and organizations.
Considering the rapid adoption of AI technology in industrial control systems, participants were introduced to case studies of AI applications using a simple robotic arm and demonstrated real-time cyberattacks against the arm. Additionally, participants acquired the knowledge of "XAI (Explainable AI)", an emerging solution to risks posed by AI, as well as the importance of AI governance.
This collaborative workshop with the United States gave participants the opportunity to explore Coordinated Vulnerability Disclosure (CVD), including case studies of successful CVD implementations in ICS and other fields. It also provided an opportunity to learn about Stakeholder-Specific Vulnerability Categorization (SSVD), as well as how to utilize the Known Exploited Vulnerabilities (KEV) catalog into vulnerability management.
Ms. Yuri Nishizawa, West Japan Railway Company and who is also one of the Core Human Resource Development Program graduates, participated in the themed seminars on ‘Supply Chain Risk Management’. She joined a panel discussion alongside Dr. Allan Friedman, Senior Advisor of CISA from the U.S.and Dr. Ioannis Agrafiotis, Cybersecurity Expert of ENISA from the EU engaged in a lively session, taking questions from the participants.
Information-technology Promotion Agency, Japan(IPA)
Industrial Cyber Security Center of Excellence(ICSCoE)
Nov 15, 2024
The news has been released.