Cybersecurity

Organisations’ critical infrastructure systems are essential to their bottom line, ability to innovate and daily operations. It is an important part of an organisation’s overall risk management framework. The Japan Cybersecurity module offers guidance on how to handle your Cybersecurity obligations. The module covers areas of law such as the 'Act on Prohibition of Unauthorized Computer Access', 'The Basic Act on Cybersecurity', 'Act on Electronic Signatures and Certification Business' and over 47 other compliance sources.

Module Scope:

Core Obligations

  • Overview
  • Cybersecurity Governance and Principles
  • Policy Making
  • Cybersecurity Risk Management
  • Budget and Resources
  • Risk Assessment
  • Risk Response Development
  • PDCA Framework for Implementing Cybersecurity Measures
  • Safety Principles and Detailed PDCA Guidelines for Critical Infrastructures
  • Emergency Response
  • Supply Chain Risk Management and IT Systems Management Outsourcing
  • Communication

Legal Landscape

  • Act on Prohibition of Unauthorized Computer Access
  • The Basic Act on Cybersecurity
  • Unfair Competition Prevention Act
  • Penal Code
  • Act on the Protection of Personal Information
  • Act on the Use of Numbers to Identify a Specific Individual in Administrative Procedures
  • Financial Instruments and Exchange Act
  • and 47 other compliance sources

 

Regulators

  • Ministry of Economy, Trade and Industry
  • National Center of Incident Readiness and Strategy for Cybersecurity
  • Information-Technology Promotion Agency
  • and 7 other regulators

Legal Expert

Partner, Oh-Ebashi LPC & Partners

Yuki Kuroda

YUKI KURODA is a Partner at Oh-Ebashi LPC & Partners and is in charge of data protection and data security issues. He has handled a number of legal and technology cases throughout his legal career. His practice includes Japanese and international data protection cases such as the GDPR and the Chinese Cybersecurity Law. He regularly guides clients on matters such as planning a new data-intensive business or implementing a robust data protection/security compliance program.His most...

Read More
Senior Associate, Oh-Ebashi LPC & Partners

Takahiro Nakayama

TAKAHIRO NAKAYAMA is a Senior Associate at Oh-Ebashi LPC & Partners. He has extensive experience in data protection matters, including information and privacy governance and data management, internal compliance policies, privacy and security-related compliance strategies and programs and technology issues, such as IOT and DX, including Smart City and blockchain technologies. In particular, he has continuously advised numerous domestic and international companies regarding their usage of personal data. He also has substantial expertise in M&A...

Read More
Associate, Oh-Ebashi LPC & Partners

Takuya Uehara

TAKUYA UEHARA is an Associate at Oh-Ebashi LPC & Partners. He has been advising various companies on their technology-related matters, including how to operate systems for e-commerce, crypto assets exchanges and other blockchain-related businesses. In particular, he has extensive experience in advising on how to comply with regulations on electronic data usage and protection. He also has substantial expertise in risk management and compliance, including how to respond to data security incidents.Mr. Uehara has previously...

Read More

Other Jurisdictions