Cross-Sector Forum for Cybersecurity Workforce Development

Opening the conference, Hiromichi Shinohara (Senior Executive Vice President, Chief Technology Officer and Chief Information Security Officer of NTT Group), who had called for the forum, gave a welcome speech.

In his speech, with an eye to the Tokyo 2020 Olympics and Paralympics, he emphasized the following three issues in strengthening cybersecurity:

1. The importance of initiatives that cut across different industries (and in the age of the Internet of Things (IoT), the importance of cooperation that breaks through the walls between different industries).
   
2. The importance of building cross-industrial “circles of trust”
   
3. Awareness and leadership at management level and the development of cross-industrial circles of trust at management levell

Showing the presentation slide listing the businesses participating in the Forum, he expressed gratitude to the 48 participants for their continuing efforts in the fifteen months since the Forum was launched.

For the secretariat, Toru Kawamura of NTT Group reported on activities of the Forum. 　He mentioned three main points:

1. Industry-led respectful discussion with a bottom-up approach
2. Building cross-industrial circles of trust
3. Publishing findings that can be made available to government and academia

He expressed gratitude for the continuing cooperation of the participants.

He then explained spreadsheets related to the "Personnel Specification Reference", which is one of the products of the Forum, and made the following two requests to the executives in attendance:

1. To encourage the adoption and use of the tools, such as the "Personnel Specification Reference", as part of management processes, making use of them as advanced tools for evaluation of employment sufficiency and setting targets for, training and recruitment of staff
2. To endorse members’ continuing participation to the new stage (the second phase) in October 2016

（Participants taking a look at the 1st phase outcome）
References and tools

L–R:
Ichiro Kawano (All Nippon Airways)
Yasuo Tosa (Sumitomo Chemical)
Takeshi Tachi (TOCOG)
Shinichi Yokohama (NTT Group)

Mr. Kawano (Vice President, Strategy & Management, Innovation & IT Strategy of All Nippon Airways Co., Ltd.) spoke on the subject, "Treating security as a management issue—planning at the management level".

He described in-depth details of techniques for helping executives to understand the importance of security measures, the current situation, and challenges for the future.

He specifically talked about the following matters:

• Security measures in holding company management, taking account of organizational structures and uses of IT
• Security measures with regard not just to financial issues but also to retaining the trust of customers
• Wide-scope initiatives, led by executive management, for timely information sharing as part of risk management for the whole company

Finally, he touched on several challenges for the future, including an explanation of how workforce development should be treated as a critical issue.

Next, Mr. Tosa (Associate Officer of the IT Innovation Department at Sumitomo Chemical Co., Ltd.) spoke on the subject, "Cybersecurity initiatives in the control systems by Sumitomo Chemical and the chemical industry".

Looking at unique case studies of control systems, he described recent trends in security and security initiatives involving control systems.

He specifically talked about the following matters:

• Cybersecurity measures in global enterprise management (including the background for cybersecurity measures, efforts in global collection and implementation of case studies for enhancing awareness to improve security measures for control systems)
• The philosophy of multiple security measures (multilayer defenses and incident mitigation) as a feature of security
• Integrating security for production systems and office equipment (including the general context and information exchanges by industry association working groups concerned with security)

Our guest speaker, Mr. Tachi (Executive Director of Technology Services for the Tokyo Organizing Committee of the Olympic and Paralympic Games) then spoke on the subject, "Cybersecurity at the Rio 2016 Olympics and lessons for the Tokyo 2020 Olympics".

He specifically talked about the following matters:

• Cyber-attacks and cybersecurity systems at the Rio Olympics ・Looking ahead to the Tokyo 2020 Olympics, what needs to be protected, an overview of the risks, and the challenges of dealing with cyber-attacks
• Issues in workforce development (attributes required of leaders, training the trainers, creating scenarios and training environments, etc.)

Considering the Tokyo Olympics, he discussed what matters need attention and where countermeasures should be directed from the perspectives of games administrators, partners, local communities, and society as a whole.

He also touched on particular issues for Japan. He explained that, because preparing for and running the Olympics and Paralympics is a global-class project, important requirements for workforce development in cybersecurity include not just specialist skills in IT but also leadership, practical experience, and English communication skills.

Finally Mr. Yokohama (Head of Cyber Security Integration for NTT) spoke on the subject, "Introduction to Overseas Trends".

He discussed a mixture of statistical data and case studies, including these advanced cases:

• In the USA, cybersecurity is taking a more prominent position in management concerns and corporate governance
• Efforts by private sector actors are vigorous, affecting multiple levels from individual businesses to industries, crossing across industries, and reaching into public–private partnerships

He described more than 80% of boards discuss cybersecurity at almost every meeting and how the National Institute of Standards and Technology (NIST) framework we are using for this review is used as a common language at the executive management level.

He explained that there are differences in activities between the Information Sharing and Analysis Centers (ISACs) of different industries, due to their histories, and that there are 21 ISACs affiliated to the National Council of ISACs.

While acknowledging that Japan is progressing more slowly than the USA, he offered his reaction to the activities of the review (building circles of trust, transferring learnings to their companies, etc.) and a message of encouragement for the development of industry activities by the lead of the participants.

Opening the discussion session after the addresses, Shiro Kanbe (Executive Vice-President of Sony Corporation) offered a message expressing gratitude for the Forum, emphasizing its importance, and looking forward to the future.

Mr. Shinohara of NTT then asked about the state of the ISAC in each industry, expressing hope for the establishment of ISACs in other industries following the finance Service ISAC and the ICT-ISAC.

Mr. Tosa of Sumitomo Chemical responded, describing the current state and the future of information sharing in the chemical industry.

For the Secretariat, Mr. Takechi of NEC described activities in the second phase of the forum.

From the perspective given by activities in the first phase, he asserted that in addition to current activities at the working and middle management levels, participation by executive management is critical.

He announced plans for the following specific activities (under review):

1. Working group activities
2. Strengthening the Forum’s structures

He also declared the following goals:

1. Self-reliance in each industry
2. Setting up mutual support schemes between industries
3. Creating more productive structures for cooperation between industry, government and academia
4. Successfully navigating the Tokyo 2020 Olympics and Paralympics

Satoru Uchida (president of JX Nippon Information Technology Co., Ltd.) gave a speech to open the reception.

He expressed his hopes for the second phase and determination that we do not stint in our efforts, after listening to the explanation of 1st phase achievements and potential activities in the 2nd phase.

He talked about how the efforts of competitors in the Tokyo 2020 Olympics and Paralympics will positively affect the country and make it happier, and he talked about our mission as critical infrastructure providers to countermeasure cyber-attacks by sharing information.

Yuji Maki (Managing Officer of Toyota Motor Corporation) made some closing comments.

He first talked about circles of trust in the context of his own experiences across risk management in general.

He also spoke about how Toyota can demonstrate its value as a Japanese business using IT and semiconductor technology in the work on cybersecurity measures that will be needed for future challenges such as the IoT and AI.