TOKYO -- Japan will encourage companies to inform investors about their cybersecurity measures, aiming to promote broader awareness of the issue in the private sector as the spread of the "internet of things" raises new security risks.
The proposal was included in a report on security involving the internet of things released Tuesday by the Ministry of Internal Affairs and Communications. The ministry will work with other government agencies to devise guidelines this fiscal year, such as for including cybersecurity information in annual securities reports. Any such disclosures would be voluntary.
The ministry cited similar guidelines set by the U.S. Securities and Exchange Commission, which says businesses should disclose the causes, costs and impact of cyberattacks. Japan's government will consider adopting a similar approach. Companies would have latitude in what to report, given the risk that disclosures could make them vulnerable to attack.
Encouraging the private sector to boost security was positioned as a priority in the ministry's report. The agency also recommended a certification system for secure design in connected devices, along with promotion of research and development, employee education and international cooperation.