Japan: Opened consultations on the draft Guidelines for the Development of Safety Standards for Cybersecurity of Critical Infrastructure

On 24 April 2023, the Japanese Cabinet Cyber Security Centre opened a public consultation on the draft Guidelines for the Development of Safety Standards for Cybersecurity of Critical Infrastructure until 23 May 2023. The draft Guidelines highlight the importance of maintaining the safety and continuity of critical infrastructure services to achieve a secure and safe society. It defines "safety standards" as documents that outline the standards and references for judging and acting regarding cybersecurity measures for critical infrastructure, including mandatory standards set by the government, recommended standards and guidelines based on laws, cross-industry standards, guidelines established by industry associations and internal rules within a company. The draft Guidelines include obligations to incorporate cybersecurity into organisational policies, such as appointing a cybersecurity officer and auditing cybersecurity as part of overall organisational audits. It also aims to distinguish between required measures and recommended measures to ensure clarity in implementation for businesses.