Strengthening Cyber Risk Management

Keidanren collaboration delivers book with practical advice to corporate leaders

As concern about cyber risk grows in Japan, a new book by veteran American Chamber of Commerce in Japan member and Marsh Japan, Inc. Senior Vice President Ted Sato aims to help corporate management find the most effective approach to mitigating risk and effectively responding to events.

Sato authored the book with Toshinori Kajiura, a member of Keidanren (the Japan Business Federation) and a senior researcher for information and communications technology policy at Hitachi. Kajiura was previously chair of Keidanren’s Working Group on Cybersecurity Enhancement.

🔼 Watch the video above for more insights from Sato himself.

Published in February by the Nikkan Kogyo Shimbun, a Japanese industry newspaper, Strengthening Cyber Risk Management: A Keidanren Handbook to Cyber Risk Management is designed to provide corporate managers with practical guidance for dealing with cyber risk.

Not to be confused with cybersecurity, cyber risk is defined by the US Department of Commerce’s National Institute of Standards and Technology as the “risk of financial loss, operational disruption, or damage from the failure of the digital technologies employed for informational and/or operational functions introduced to a manufacturing system via electronic means from the unauthorized access, use, disclosure, disruption, modification, or destruction of the manufacturing system.”

Sato told The ACCJ Journal that the book, which spans more than 200 pages, was written by professionals from the battlefield in easy-to-understand language. “We wanted corporate managers to be able to ask effective questions at the earliest stages of any cyber risk event. That is very important.”

The idea came after a series of events last May which Sato conceived with Nikkan Kogyo Shimbun. The well-received sessions showed corporate managers how to deal with cyber risk, not solely as a technical issue but to emphasize management and factors related to organizational culture.

Keidanren had been hosting its own events since 2014, working to change the mind-set of corporate management on this critical issue. The organization built on Sato’s efforts to bring together professionals with similar motivation to create the Cyber Risk Management Japan Study Group, which was a supporting contributor to the book.

These efforts were also supported by the late Hiroaki Nakanishi, who was chair of Hitachi and Keidanren and contributed the foreword.

The book’s core advice draws on a 2014 report by the Internet Security Alliance and the National Association of Corporate Directors’ handbook on cyber risk, which recommends a one-team approach to corporate management. Beginning with the importance of expert advice from outside the company, the book advises an “art of science” approach that balances technology, human factor management, and operational excellence to ensure an organization’s readiness, response and recovery, and recurrence prevention.

The book has been well received by reviewers for its practical guidance.

“It is very meaningful to promote cooperation with experienced US firms at this early stage for Japanese companies,” Sato said. “If all goes well, next we plan to make an English version to share in Asia.”