Japan’s Financial Services Agency issues guidelines to strengthen cybersecurity at crypto exchanges

Source
Doohyun Hwang

Summary

  • Japan’s Financial Services Agency has formally published guidelines to strengthen cybersecurity at crypto exchanges, saying protecting investors’ assets is its top priority.
  • The guidelines call for an organizational response to increasingly sophisticated attacks, including private key theft and social engineering, through self-help by firms and cooperation with self-regulatory bodies and authorities.
  • The FSA said it will conduct Threat-Led Penetration Testing (TLPT) at major firms and consider raising cybersecurity staffing and external audit standards, with regulations expected to become more detailed.

Forecast Trend Report by Period

Loading IndicatorLoading Indicator
Photo=Shutterstock
Photo=Shutterstock

Japan’s Financial Services Agency (FSA) has issued guidelines aimed at strengthening cybersecurity at virtual asset (cryptocurrency) exchanges.

According to CoinPost on the 3rd (local time), the FSA formally published the “Policy direction for measures to strengthen cybersecurity in virtual asset exchange services and the like.” Reflecting 18 public comments submitted during a consultation conducted from February through March this year, the policy sets the protection of investors’ assets as the top priority.

The guidelines aim to harden security through a three-tier approach: “self-help” by individual firms, “cooperation” led by self-regulatory organizations, and “cooperation” by the authorities. In particular, they call for stronger organizational response capabilities in light of increasingly sophisticated attack methods—going beyond simple theft of private keys (seed phrases) to social engineering techniques and intrusions via outsourced service providers.

The authorities plan to boost the industry’s rapid-response capabilities by introducing crypto-specific scenarios into the joint financial-sector cyber drills known as “Delta Wall.”

Going forward, the FSA plans to conduct Threat-Led Penetration Testing (TLPT) at some major firms to directly verify the effectiveness of their security. It is also considering revising administrative guidelines to raise standards for cybersecurity-related staffing and external audit criteria, suggesting regulations will become more specific over time.

Doohyun Hwang

Doohyun Hwang

cow5361@bloomingbit.ioKEEP CALM AND HODL🍀
hot_people_entry_banner in news detail bottom articleshot_people_entry_banner in news detail mobile bottom articles
What did you think of the article you just read?




PiCK News

"U.S. intelligence sees Iran maintaining blockade of the Strait of Hormuz"

1 hours ago
"U.S. intelligence sees Iran maintaining blockade of the Strait of Hormuz"

JPMorgan: Q1 crypto inflows slashed to one-third of last year…both retail and institutions pull back

5 hours ago
JPMorgan: Q1 crypto inflows slashed to one-third of last year…both retail and institutions pull back

US Fighter Jet Shot Down, Pilot Missing... Iran Claims 'US Rescue Operation Failed'

13 hours ago
US Fighter Jet Shot Down, Pilot Missing... Iran Claims 'US Rescue Operation Failed'

U.S. March services PMI at 49.8, below market forecast

14 hours ago
U.S. March services PMI at 49.8, below market forecast

U.S. March nonfarm payrolls rise 178,000, far exceeding forecasts

15 hours ago
U.S. March nonfarm payrolls rise 178,000, far exceeding forecasts

Trending News