ABSTRACT
In December 2017, a Japanese university announced a large-scale personal information leak. According to public sources, the leak was caused on several systems by several points of unauthorized access on several systems. Additionally in February 2018, a Japanese research institute announced a large-scale security incident. In Japan, many reports of cyber security incidents are announced for a year. After security incidents occur, a supervisory agency (in these cases, the Ministry of Education, Culture, Sports, Science and Technology a.k.a MEXT) and security consulting firms order the institutes to "strengthen governance in their own institutes'', "develop preventive measures'' and even "buy (expensive) security appliances''. The purpose of this paper is to share the example of a Japanese university's information leak and its cleanup process, as well as to explore what "governance'' means in higher education and research institutes, and how we operate Computer Emergency Response Teams / Computer Security Incident Response Teams.
- Nessus Network Auditing, Second Edition. Syngress, 2008. Google ScholarDigital Library
- M. Bevir. Governance: A Very Short Introduction (Very Short Introductions). OUP Oxford, 2012.Google Scholar
- D. Murray and T. Koziniec. The state of enterprise network traffic in 2012. In 2012 18th Asia-Pacific Conference on Communications (APCC), pages 179--184, Oct 2012.Google ScholarCross Ref
Recommendations
ICT for Human Development in South Pacific
MINES '10: Proceedings of the 2010 International Conference on Multimedia Information Networking and SecurityThe author worked past year as Professor & Head of School of Computing, Information and Mathematical Sciences and Director of Japan Pacific ICT Centre at the University of South Pacific. The South Pacific Region has many problems related to ...
Understanding How National CSIRTs Evaluate Cyber Incident Response Tools and Data: Findings from Focus Group Discussions
National Computer Security Incident Response Teams (CSIRTs) have been established worldwide to coordinate responses to computer security incidents at the national level. While it is known that national CSIRTs routinely use different types of tools and ...
Internet governance: A personal perspective
Internet GovernanceInternet governance is one of the hot issues that emerged during the World Summit on the Information Society (WSIS) in Tunis November 2005. The discussions did not start then but much earlier. This article gives an overview of the International ...
Comments