Abstract
One of the problems facing Japanese society is the risk of cyber-attacks targeting industrial control system that supports critical infrastructures. If this cyber incident risk occurs, safety responses (Safe) should be carried at an organization for operation-technologies (OT). Simultaneously, security responses (Sec) should be started at an organization for information-technology (IT). A management framework that links various parties is essential for achieving clear objectives. Under the P2M framework, the OT side and IT side responses can be regarded as a Safe project and Security project, respectively. In this paper, the authors discuss cyber incident management in the critical infrastructure by using the P2M framework.
