October 22, 2021 Results of 14th Japan-ASEAN Cybersecurity Policy Meeting

The 14th Japan-ASEAN Cybersecurity Policy Meeting (hereafter “Policy Meeting”) was held online on October 21, 2021.
The Policy Meeting has been held annuallysince 2009, with the purpose of enhancing international collaboration on cybersecurity among the ASEAN member states(hereinafter “AMS”) (*1) and Japan.
In this year, AMS and Japan exchanged views regarding the cybersecurity policies over the past year in the meeting. In addition, AMS and Japan confirmed and evaluated collaborative activities (hereinafter “CAs”) including cyber exercises, critical information infrastructure protection workshop, joint awareness raising, capacity building and joint government-industry-academia.
AMS and Japan confirmed progress of CAs in this Policy Meeting, and also agreed to continuously implement each CAs.

• *1
  AMS: Brunei, Cambodia, Indonesia, Laos, Malaysia, Myanmar, Philippines, Singapore, Thailand, and Vietnam

1. Date and Time

• Date: October 21 (Thu) 2021, Online Meeting
• Host: Cabinet Secretariat (National Center of Incident Readiness and Strategy for Cybersecurity ), Ministry of Internal Affairs and Communications (MIC), and Ministry of Economy, Trade and Industry (METI)
• Co-Chair:
  Japan (Mr. HAYASHI Ryozo, Director of Musashino Institute for Global
  Affairs(MIGA) at Musashino University)
  Laos (Mr. Khamla SOUNNALAT , Director General of Lao-CERT)
• Keynote speech: Dr. Shinoda Yoichi (Cybersecurity Advisor to National Center of Incident Readiness and Strategy for Cybersecurity)
• Attendees: Bureau Directors/Assistant Vice-Ministers of Cybersecurity-related Government Ministries and Telecommunications-related Government Agencies of ASEAN Member States (refer to the Appendix), ASEAN Secretariat, Deputy Director-Generals of Japan’s Cabinet Secretariat/Ministry of Internal Affairs and Communications, Ministry of Economy, Trade and Industry.

2. Main achievements

In addition to confirming the current implementation status of the 10 CAs agreed upon at the 13th Policy Meeting held online in October last year (Remote Cyber Exercises, Table Top Exercise, Critical Information Infrastructure Protection, Awareness Raising, Capacity Building, Voluntary Mutual Notification Program, Cybersecurity Metrics, ASEAN-Japan Cybersecurity Policy Reference, Working Group Steering and Joint Government-Industry-Academia), participants also discussed collaboration and cooperation among AMS and Japan going forward.. The main contents are below.

1. Enhancing the Information Sharing Framework and the Incident Handling Skills

The Outcomes of Remote Cyber Exercise and Table Top Exercise was reported, which were aimed to confirm the information sharing frame work and the incident handling procedures of international coordination.
Regarding Remote Cyber Excecise which was implemented online, we used the online communication tool for the first time, and as well as emails to exchange the information. It was highly evaluated as a means of communication by AMS as it enabled prompt communication.
Table Top Exercise was also implemented online for the first time, with the theme of "Sharing the practices responding to a new normal due to the COVID-19 situation," and that there was an active exchange of views on knowledge and issues regarding responses to cyber incidents during online meetings.
Furthermore, the outcomes of mutual notification for incidents was reported. Also, AMS and Japan confirmed the outcomes of efforts to improve cybersecurity in each country based on evaluation index on cyberspace, and agreed to complete Cybersecurity Metrics activity this year.

2. Cooperation for Critical Information Infrastructure Protection

It was reported that the Critical Information Infrastructure Protection Workshop was held online to exchange information on knowledge and efforts of each country under the theme of “Impact COVID-19 on CII Sector.”

3. Promoting Cooperation for Capacity Building and Awareness Raising

In addition to reporting on the implementation of Japan's capacity building (human resource development) project in the cyber field, it was reported that an e-learning course and new training course had been provided for the training program conducted through the ASEAN-Japan Cyber Security Capacity Building Center (AJCCBC) as part of the project. It was also reported that Japan was preparing to host the online event called "JP -US-EU Industrial Control System Cybersecurity Week for the Indo-Pacific Region” which will conduct a hands-on training and Workshop related to the ICS.

4. Promoting Joint Government-Industry-Academia collaborative activity

Activities to promote government-industry-academia cooperation throughout the ASEAN region were reported.

3. Upcoming Schedule

The 15th Policy Meeting is scheduled to be held next year in Japan.