October 21, 2024
Ministry of Internal Affairs and Communications
National Center of Incident Readiness and Strategy for Cybersecurity
Ministry of Economy, Trade and Industry Outcomes of the 17th ASEAN-Japan Cybersecurity Policy Meeting

 The 17th ASEAN-Japan Cybersecurity Policy Meeting (hereafter "Policy Meeting") was held on Friday, October 18, 2024. The Policy Meeting has been held annually since 2009, with the purpose of enhancing international collaboration on cybersecurity among the ASEAN member states (hereafter “AMS”) and Japan.
 In this year’s Policy Meeting, AMS and Japan exchanged views regarding the cybersecurity policies of each country over the past year and shared the current situation in which countries are facing increasingly advanced and sophisticated threats. They also confirmed collaborative activities (hereafter “CAs”), such as cyber exercise, critical information infrastructure protection workshops, capacity building, joint government-industry-academia, and joint awareness raising, and discussed how the CAs should be for the future.
 As a result of that, AMS and Japan confirmed that they will make efforts for further progress in the CAs and also agreed to further strengthen their future ties, including cooperation at both public and private levels.

1. Date and Time

 Date/Location:
 October 18 (Fri), 2024, in Singapore
 Host：
 Cabinet Secretariat (National center of Incident readiness and Strategy for Cybersecurity (NISC)), Ministry of Internal Affairs and Communications (MIC), Ministry of Economy, Trade and Industry (METI).
 Co-Chairs:
 Japan (Visiting Prof. TAKAMIZAWA Nobushige, The University of Tokyo)
 Singapore (Ms. Phu Puay Li, Assistant Chief Executive, Policy and Corporate Development, Cyber Security Agency (CSA))
 Keynote Speeches:
 Dr. SHINODA Yoichi (Cybersecurity Advisor to the National center of Incident readiness and Strategy for Cybersecurity)
 Attendees:
 Cybersecurity/Telecommunications related Government Agencies of AMS, ASEAN Secretariat, Japan’s Cabinet Secretariat, Ministry of Internal Affairs and Communications, Ministry of Foreign Affairs (MOFA), Ministry of Economy, Trade and Industry

2. Main achievements

 In addition to confirming the current implementation status of CAs (Reference (Handbook), Mutual Notification for Incidents, Cyber Exercise, Critical Information Infrastructure Protection Workshop, Awareness Raising, Capacity Building and Joint Government-Industry-Academia) agreed upon at the 16th Policy Meeting held in October last year in Tokyo, participants also discussed collaboration and cooperation among AMS and Japan going forward. The main contents are below.

 (1) Development of ASEAN-Japan Cybersecurity Reference (Handbook)
 The result of the development of the 2024 reference (Handbook), which compiles the latest implementation status of cybersecurity efforts of AMS and Japan, was reported. Also, the process for developing the 2025 reference was approved.
 (2) Enhancing the Information Sharing Framework and the Incident Handling Skills
 In order to promote information sharing between ASEAN and Japan, the result of the study on the procedures for sharing cyber-related information, including mutual notification on the case of partner country’s cyber incident experience, types of information to be shared, and standard formats, etc., was reported. Also, participants discussed further improvement of information sharing framework, including cyber threat information.
 (3) Promoting Cyber Exercises for Enhancing Cyber Incident Response Capacity or Addressing Cyber Policy Challenges
 The result of the study on the implementation policy for the remote cyber exercise and the table top exercise that are aimed at strengthening cyber cooperation between ASEAN and Japan, including daily information sharing, was reported, and it was approved that exercises based on the new policy will be conducted from 2025.
 The remote cyber exercise will aim to improve information communication skills between ASEAN and Japan using an exercise scenario that simulates the occurrence of a large-scale incident caused by a more advanced and sophisticated cyberattack, based on the ASEAN-Japan Standard Operating Procedure for Information Sharing, and the tabletop exercise will review the remote cyber exercise and conduct an exercise that assumes policy preparations in response to developments in digital technologies, such as AI.
 (4) Promoting Efforts on the Critical Information Infrastructure Protection
 The result of the Critical Information Infrastructure Protection Workshop held in Osaka in August this year was reported. This year, focusing on the two themes of "Critical Information Infrastructure Protection in the Event of a Cyber Crisis and OT Security," it was reported that seven speakers exchanged their insights on standardization and research and development trends related to critical information infrastructure protection as well as the current status of efforts being made in each country to protect critical information infrastructure in the event of a cyber crisis. Additionally, themes of next year’s CIIP Workshop was also discussed.
 (5) Promoting Cooperation for Capacity Building
 Representatives from Thailand and Singapore reported on training for capacity building. In addition, Japan reported the implementation status of its cyber capacity building (human resources development) projects and cooperation with international organizations as follows:
 The MIC reported the status of training and workshops at the ASEAN-Japan Cybersecurity Capacity Building Centre (AJCCBC) and other institutions as well as future plans. METI reported on its "JP-US-EU Industrial Control Systems Cybersecurity Week for the Indo-Pacific Region," which includes hands-on training and seminars on industrial control system security. This year, it will be held in Tokyo in the middle of November. The MOFA explained its cooperation with the World Bank “Cybersecurity Multi-Donor Trust Fund” and assistance through JICA.
 (6) Promoting Joint Awareness Raising
 Following on from last year, the video contest for students on cybersecurity awareness raising was held. Videos created by AMS and Japan were shown, and the results were announced, and an awards ceremony was held. Also discussed were ways to utilize and apply the video work and future efforts for awareness raising.
 (7) Promoting Joint Government-Industry-Academia Collaboration
 The progress of the Joint Government-Industry-Academia collaboration for cybersecurity capacity enhancement, including critical infrastructure sectors among entire of ASEAN region was reported. Particularly noteworthy were the reports on the activities of the ASEAN Japan Cybersecurity Community Alliance (AJCCA), which was established through a memorandum of understanding between private cybersecurity organizations in ASEAN and Japan as well as government-industry and government-academia collaborations. The need for further strengthening of public-private and government-academia collaborations between ASEAN and Japan in the future was confirmed.

3. Upcoming Schedule

 The 18th Policy Meeting is scheduled to be held around October next year in Tokyo.