| Introduction | Spirit | History | Technology | Human Resource | Formation |  |
Connecting domestic organizations and building on a foundation of trust
Enhancement of countermeasures against cyber threats through coordination with domestic CSIRTs and related organizations
At JPCERT/CC, we have a structure in place to coordinate with domestic companies and organizations with aim of sharing technical information related to incidents and facilitating incident response and countermeasures. Our contact point is kept available at all times so that necessary support and information can be provided to the right people and organizations at the optimal timing. We also engage in community activities to provide opportunities for the CSIRTs and security-related departments of various organizations to promote interaction and share knowledge about security countermeasures and other matters.
Point of connection for the information and people of companies and organizations
Incidents are often noticed only after receiving notification from the outside. For this reason, it is important to have a point of contact, make the point of contact known to external parties, and build relationships of trust as a basis for mutual communication in an emergency. These preparations must be made before an incident occurs.
JPCERT/CC serves as a contact point for consultations and inquiries from domestic companies and organizations in the event of an incident. We also maintain and regularly update a list of contacts (i.e., security departments and personnel) to enable smooth mutual communication at all times, direct contacts to the appropriate department or person in JPCERT/CC or a related organization according to the nature of the communication, and support the early resolution of problems and establishment of a cooperative framework.
Delivering threat information securely to the right people
Whether in normal or emergency situations, collecting, analyzing, and sharing information is important for incident response and countermeasures.
We share information through our CISTA portal site with a wide range of parties, including government organizations, public institutions, operators of critical infrastructure such as railroads and public utilities, leading operators of SNS and other businesses directly connected to people's lives, manufacturers, trading companies, and organizations with an internal CSIRT. [Figure 1]
Figure 1: Early warning information provided to registered business operators.
Aiming to create a framework for close collaboration among teams to resolve incidents quickly
As the Secretariat of the Nippon CSIRT Association
Organizations are advised to establish an internal CSIRT as a measure to reduce damage and regain control more quickly when a computer security incident occurs. The Nippon CSIRT Association was founded to enable CSIRTs within organizations to collaborate and share information including early signs of attacks and how to deal with incidents. JPCERT/CC is one of the founding members and also serves as its secretariat to help facilitate operations.
https://www.nca.gr.jp/en/
To reduce damage from phishing scams within Japan
As the Secretariat of the Council of Anti-Phishing Japan
The Council of Anti-Phishing Japan was established by organizations working to address phishing, a fraudulent act in which the victim is lured into visiting a fake web page to steal IDs, passwords, and other personal information, with the aim of raising the awareness of general users and business operators by providing information and organizing events. The Council receives reports concerning phishing and provides security alerts and materials on responding to and taking measures against phishing attacks.
JPCERT/CC supports its activities as its secretariat, as well as handling coordination for the closure of phishing sites, creating documents for publication, and operating the Council's website.
https://www.antiphishing.jp/
Providing accumulated knowledge and a foundation of trust to facilitate activities
We leverage the foundation of trust built over the years and our wealth of knowledge to support operations and facilitate activities.
| Introduction | Spirit | History | Technology | Human Resource | Formation | |
