Name

Mr. José Luis Castillo Pérez

Company

Nagaoka University of Technology

Position

Information Science and Control Engineering

Bio.

Jose Castillo is currently a Doctor's student at Nagaoka University of Technology, majoring in Information　Science and Control Engineering. As a software engineer, Jose has experience in design, development and testing of software systems, including web-based systems for one of the top retailers in Venezuela, BECO. Jose has also experienced defining a software development standard for Toyota of Venezuela. He got awarded with the Monbukagakusho Scholarship for the year 2010 in Venezuela. Jose obtained his Master's degree in Management and Information Systems Engineering from Nagaoka University of Technology, Japan in March 2012. Jose received his Bachelor's degree in Computer Engineering from Simon Bolivar University, Venezuela in October 2009

Presentation title

Cross-Cultural Influence on Information Security Management

Abstract

The LoP Theory has measured successfully the impact of a human aspect of information security management, like cultural differences, on information security policies of overseas subsidiaries and on cross-cultural environments. The purpose of this research is to find the riskiest problems for Japanese, American and British overseas subsidiaries through the use of the proposed theory of Level of Potential (LoP). Potential problems and the theory are based on Hofstede’s framework of cultural dimensions, which are Power Distance Index (PDI), Individualism (IDV), Masculinity (MAS), Uncertainty Avoidance (UAI) and Long Term Orientation (LTO). An investor country-wise analysis of Japan, the US and the UK as investor countries, is introduced based on the predecessors’ studies for each investee country. Concerning surveys conducted in 9 investee countries around the world, this analysis shows that the riskiest problems found to have an impact on the information security policies of Japanese; American and British overseas subsidiaries are “unintentional sharing of confidential information” and “employees’ use of confidential information of their companies after moving to another company”. Furthermore, it corroborates the predictability of the LoP theory globally for the investor countries studied.

Name

Mr. Klaus-Dieter Zundorf

Company

Self-employed

Bio.

Born in Dusseldorf, Federal Republic of Germany on December 6, 1940. After finishing elementary education  I joined Deutsche Shell AG and trained as a laboratory technician for 3 and a half years and simultaneously completed an evening course for the qualification of Chemotechniker. After this I taught chemistry and stoichiometry  to trainees at Shell and did research on tungsten compounds useful for analysis. After taking the Abitur at the Neuss Gymnasium focusing on Greek and Latin I studied philosophy, Russian, and Classical Chinese in Bonn and on a grant from the Deutsche Studienstiftung I continued studying Russian literature in Durham (UK). After completion of the course I joined the Research Center of Imperial Smelting Corporation (Rio Tinto Zinc)　in Bristol where  I worked as foreign technical-scientific information (mainly NF metallurgy and chemistry) officer.

In 1972 I established myself as a freelance translator. I have been active as a freelance translator in Japan since 1980.

Presentation title

“Observations on Safety and Security”

Abstract

Safety and security have been and are essential concerns in all areas of human existence and activity. Beginning with my first brief stay in Japan in 1972, a short outline will be presented of the unsafe and insecure situation that concurrently prevailed in Britain, Japan and the US, at that time and indeed the threats to safety and security in the Cold War Era. Safety and security can be defined in terms of the dangers, threats and anxieties that make us unsafe and insecure and which we have to combat to become what we are not by birth, safe and secure.

At the most fundamental level the quest for safety and security is inherent in all forms of life because life itself is a violation of the law of entropy. Plants, animals and humans all have developed mechanisms to “manage”  the Sisyphean task of countering the pull-down action of entropy through immune, defense, and life sustaining systems. Can it be maintained that the evolution of human society from the archaic proto-form of social life without ownership, a state of shared dearth and the need to fight it as the fundamental driving force of economic activity, to the urban cultures with class distinction and ownership in antiquity and further to the highly developed economic systems of the present-day world has been an increase in safety and security commensurate with the increasing sophistication in the scientific-technical-economic spheres? Can the wisdom of SOCRATES be of help? Are we safer with nuclear power and atomic arsenals? The doctrine of MAD (Mutually Assured Destruction). Modern economic thinking and the manipulation of the Keynesian operands - that are espoused by virtually all politicians propounding the intrinsic desirability of growth – do these shrewd devices make us more secure in a world of energy and resource consumption   that is rising per capita and rising also as a result of an ever-growing world population with an ever increasing per capita level of consumption and hence an ever-expanding ecological footprint? Some linguistic consideration of the safety and security vocabulary of different languages will also be presented.

Name

Mr. Nic Heras

Company

IBM

Position

MSS Architect

Bio.

Nic is currently the Senior AP MSS Architect for IBM Security Services and has over 13 years of IT experience, the last nine of which, have been in Managed Security Services. Working as a MSS Architecture, Nic deals with all non-standard MSS service requests out of Asia Pacific and also combines this with providing technical assessments on Architectural designs, across a variety of network environments, customer demands and regulatory/compliancy needs. He is also responsible for the MSS Partner program, developing MSS partnerships across the region. Nic has a Bachelor of Business from Griffith University, Queensland

Presentation title

“Managed security Services and tales from the frontline”

Abstract

Today’s executives understand the need for information security but still struggle to manage the cost

and complexity of a myriad of security technologies for everything from threat prevention to email security, vulnerability scanning and security event and log management. Managed Security Services provides a delivery model for security that addresses many of these challenges for organisation large and small. This session will examine how cloud-based and other managed security services can provide a real advantage, covering the who, what, when, why and how of these services. We will also explore real world examples, where Managed Security Services played a key role in protecting customers.

Name

Mr. Thomas Greer

Company

PricewaterhouseCoopers Arata

Position

Partner

Bio.

Thomas is a partner from PricewaterhouseCoopers (PwC) LLP in the United States, New York City office, and is presently on a multi-year assignment to PwC Aarata in Tokyo. For the past 18 years, Thomas has primarily served clients in the technology, and entertainment and media sectors. He has led numerous third-party assurance (TPA) engagements, in the U.S., Japan and other territories, as well as audits of internal control over financial reporting.  He has also assisted clients with various security and control assessments directed at information technology systems.  Thomas is both a Certified Public Accountant (CPA) and Certified Information Systems Auditor (CISA), and holds an MBA from The Wharton School of the University of Pennsylvania.

Presentation title

"Audits of Service Organizations: Adoption of the New JICPA J86 Standard"

Abstract

As companies continue to outsource critical business processes, information security and control activities residing at external service organizations have become an important aspect of companies’ internal control environments.  Likewise, global auditing and assurance standards surrounding companies’ use of external service organizations continue to evolve. The Auditing Standards Committee of the Japanese Institute of Certified Public Accountants (JICPA) recently issued the Assurance Practice Committee Practice Guideline No. 86, "Assurance Reports on Controls at a Service Organization (Interim Report)," which becomes effective this year. This new release is part of the JICPA’s response to the Clarity Project of the International Auditing and Assurance Standards Board (IAASB) and it mirrors other recent developments in global auditing and assurance standards. Specifically, International Standard on Assurance Engagements (ISAE) No. 3402 and U.S. Statement on Standards for Attestation Engagements (SSAE) No. 16 were both recently adopted to align global standards pertaining to audits of service organizations. 

These new standards require management of companies using external service organizations to issue a formal assertion about their security and control activities and also set forth requirements to be followed by the independent auditor issuing a service organization report.  This presentation will provide an overview of the new global standards and changes to be adopted in the JICPA 86 standard, as well as how service organizations and user companies can best utilize the assurance reports, among other related topics.

Name

Mr. Andrew Jones

Company

Prime Communications, Inc.

Position

Senior Vice President

Bio.

Andrew Jones is a Business Skills Trainer operating out of central Tokyo. He also contributes regularly to Welsh language news broadcasts for BBC CYMRU/WALES and itv CYMRU/ WALES and was one of the first to report on the March 11^th disaster on the Post Cyntaf BBC RADIO CYMRU morning news programme on March 11th last year.

Andrew Jones has been in Japan since July 1991 and is fluent in his native Welsh, English and Japanese languages. This is his third presentation at the JSSM, although this will be the first in the English language.

Presentation title

“The importance of clear communication and the sending of clear signals in the aftermath of disasters.”

Abstract

Speculation, doubt, suspicion are all things that can easily evolve into pandemic proportions if not handled properly following a disaster on the scale of the March 11th, 2011 natural disaster and subsequent Fukushima Nuclear Power Station incident. In November of 2011, an itv Cymru (Wales) television crew visited Japan to film a documentary on the aftermath of the nuclear incident for their Y Byd ar Bedwar current affairs programme. During the filming of the Iitate-mura area, the crew were amazed to discover that the special evacuation zone immediately outside of the mandatory evacuation zone had no signage to warn people who potentially lost their way that they were in areas where radiation levels exceeded a range of 5 micro-sieverts/hour to 10 micro-sieverts/hour. Nevertheless, the Ministry for Education, Culture, Sports, Science and Technology check daily the radiation levels and post them in a village noticeboard case. Without leaving the comparative safety of one’s vehicle, it is impossible to read the fine print on the A4 sized piece of paper containing the day’s results.

It is the seemingly lack of communication due to inefficient practices and bureaucratic style administration that is likely to cause panic and cause for gossip. It is this aspect of communication that will be addressed.

Participants

All presenters and the audience volunteers

Ｓｕｂｊｅｃｔ

“Crisis Management in Japan after the nuclear disaster” Round table talk

Abstract

One year has passed since the tragic earthquake and the subsequent nuclear crisis.

For the Japanese people, these disasters seem to have been recognized as a crisis beyond the scope of reasonable assumption, in Japanese Soutei-gai. The government actions after the catastrophes seem to be passively accepted by the Japanese people.

In this discussion, we would like to review the crisis management of the Japanese government after the earthquake, focusing on the nuclear crisis communication.

After the earthquake and the unexpected tsunami, the Fukusima nuclear plant went out of control. Even though some foreign countries disclosed SPEEDI’s data on the internet regarding the spread of the radioactive substances, Japanese government did not disclose such important data. The government believed that they should avoid unnecessary panic through the disclosure. On the contrary, the US and other countries issued evacuation orders within certain areas, and many foreigners left Japan. In order to avoid panic, sufficient data was not disclosed until recently. Was this political decision acceptable? What should the Japanese government have done?