The IT Security Support Provider System Inaugurated The first national qualification system in the field of cybersecurity
On October 21, 2016, the IT Security Support Provider System started as the first national qualification system in the field of cybersecurity.
1. IT Security Support Provider System
In recent years, as information technology penetrates further into society, the number of cyber attacks is tending to grow, and enterprises and organizations are facing a shortage of human resources who can play a practical role in conducting information security measures. In this trend, information leakage events frequently occur. To address this situation, the Ministry of Economy, Trade and Industry (METI) revised the necessary provisions of the Act on Facilitation of Information Processing to fortify cybersecurity measures, and on October 21, 2016, the revised Act has come into force. Along with this revision, METI inaugurated a new national qualification system in which human resources who have the latest knowledge and skills in the field of cybersecurity and can play a highly-practical role in the field are registered. Through this system, METI aims to encourage Japanese enterprises to ensure experts who are in charge of in-house cybersecurity measures.
2. Outline of IT Security Support Providers
IT Security Support Providers are defined to be those who exert their knowledge and skills in supporting enterprises and organizations in the field of cybersecurity in planning, designing, developing and operating in-house secure information systems, and those who investigate, analyze and assess in-house cybersecurity measures while providing necessary instructions and advice based on the results. These providers are expected to play an active role not only for users striving to ensure cybersecurity measures (e.g., governmental organizations, businesses involving important infrastructures, and enterprises holding important information) but also for businesses related to cybersecurity, or vendors, which provide other enterprises and organizations with expert and technical services.
3. Process to be registered as a provider
People who wish to be registered as an IT Security Support Provider should pass the IT Security Support Provider examination, conducted by the Information-technology Promotion Agency, Japan (hereinafter referred to as the “IPA”), and should be registered as such. As additional information, those who have already passed the Information Security Specialist Examination or the Information Security Engineer Examination are eligible for the registration for a limited time of two years from the inauguration of the system.
Registered IT Security Support Providers are also required to take annual training courses provided by IPA under the authorization of the METI Minister, aiming to encourage these providers to continue to learn about the latest cybersecurity knowledge and skills and maintain such knowledge.
4. Common name and logo representing IT Security Support Providers
METI also decided to provide a common name, in addition to the legal name, and a logo representing IT Security Support Providers in order to encourage society to utilize these professionals and facilitate cybersecurity measures in enterprises and organizations.
Legal name: IT Security Support Provider
Common name: Registered Information Security Specialist (RISS)
5. Future schedule of the examination and registration
Start of accepting applications for registration: Monday, October 24, 2016
- Note: People who have already passed the Information Security Specialist Examination or the Information Security Engineer Examination are eligible for this registration.
- First examination: April 2017
For details of the registration, visit the following website:
October 21, 2016
Division in Charge
Information Service Industry Division, Commerce and Information Policy Bureau