Association of Southeast Asian Nations (ASEAN)
Last Updated: November 2018
Policy
Strategy Documents
ASEAN ICT Masterplan 2020
ASEAN Secretariat

Eight strategic thrusts, initiatives and action points:

  1. Economic Development and Transformation;
  2. People Integration and Empowerment through ICT;
  3. Innovation;
  4. ICT Infrastructure Development;
  5. Human Capital Development;
  6. ICT in the ASEAN Single Market;
  7. New Media and Content;
  8. Information Security and Assurance.
2015
Other Documents
(in progress) Japan-ASEAN Cybersecurity Policy Handbook
Agreement to compile the Handbook as a project celebrating the tenth anniversary of the inauguration of the ASEAN-Japan Information Security Policy Meeting.
October 2017
Framework on Personal Data Protection
Telecommunications and Information Technology Ministers
Establishes a set of principles to guide the implementation of measures at both national and regional level.
November 2016
CIIP Guidelines, 9th ASEAN-Japan Information Security Policy Meeting
• Acknowledgment of new common guidelines concerning protection of critical information infrastructures;
• Revision of the 2015 guidelines
20 October 2016
Communications
ASEAN Leaders’ Statement on Cybersecurity Cooperation
Heads of State/Government
Recommits to cooperation and tasks relevant Ministers from all ASEAN Member States to closely consider and submit recommendations on feasible options of coordinating cybersecurity policy, diplomacy, cooperation, technical and capacity building efforts
27 April 2018
ASEAN Declaration to Prevent and Combat Cybercrime
Heads of State/Government

Outlines measures to prevent and combat cybercrime:

• Acknowledge the importance of harmonization of laws related to cybercrime and electronic evidence;

• Encourage ASEAN Member States to explore the feasibility of acceding to existing regional and international instruments in combating cybercrime;

• Encourage the development of national plans of actions in addressing cybercrimes

14 November 2017
ARF Statement by the Ministers of Foreign Affairs on Cooperation in Ensuring Cyber Security
ASEAN Regional Forum
ARF reiterates the need to further intensify regional cooperation on security in the use of ICTs
12 July 2012
Structure
Specialized Agencies
Experts' Working Group on Cyber Security
ASEAN Defence Ministers' Meeting-Plus
Provides a formal platform for countries to exchange expertise and knowledge, and promote practical cooperation in the area of cyber security.
2016
(proposed) Creation of National Security Operations Centres (SOC)
ASEAN Chief Information Officer Association

• Council composed of representatives from each country

• Provide the platform for horizontal exchange of information on threat surveillance at the governmental and industrial levels and facilitate regional research into security solutions leveraging technology and best-practices

2017
Legislation
No data available online
Cooperation
Meetings
ASEAN Ministerial Conference on Cybersecurity, Third Edition
Attended by Ministers and Senior Officials responsible for Cybersecurity and Information and Communications Technology (ICT) from all 10 ASEAN Member States
19 September 2018
ASEAN Cyber Risk Reduction Workshop
November 2017 (announced)
ASEAN-Japan Information Security Policy Meetings (10th edition), to be renamed to the Japan-ASEAN Cybersecurity Policy Meeting
Agreed on future efforts, including: continuing ongoing joint awareness-raising activities, inter-governmental exercises for an information liaison system, discussion for fortifying a collaboration and cooperation framework to further promote information sharing on a regular basis, and sharing advanced and leading efforts for the protection of critical information infrastructures
10-11 October 2017
ASEAN Cyber Norms Workshop

• Recognised the importance of having norms of responsible state behavious for cyberspace;

• Agreed on the need for capacity building initiatives to support these norms.

May 2017
ASEAN-Japan 2nd Cybercrime Dialogue (Kuala Lumpur)
Dialogue held to confirm the importance of the Budapest Convention with the countries of ASEAN, and discuss ASEAN-Japan cooperation on cybercrime.
1-2 March 2017; 27 March 2014 (first dialogue)
ASEAN Telecommunications and Information Technology Ministers Meeting (TELMIN), 16th edition (Bandar Seri Begawan, Brunei Darussalam)

• Adopted the Framework on Personal Data Protection;

• Welcomed the progress made in the first year of implementation of the ASEAN ICT Masterplan 2020.

25-26 November 2016
Symposium: ASEAN Cyber Security and Cyber Crime Center: Possibility and Way Forward (Bangkok)
Focus on exploring the possiblity to establish a Cyber Security and Cybercrime Center serving the 10 countries of the ASEAN region
14-16 September 2016
Seminar on Confidence Building Measures in Cyberspace (Seoul)
ASEAN Regional Forum
Four sessions:
  1. Identification of Existing and Potential Threats in Cyberspace,
  2. Confidence-Building Measures in Cyberspace,
  3. Norms of Acceptable Behavior in Cyberspace,
  4. Capacity-Building Measures in Cyberspace.
11-12 September 2012
Cyber Incident Response Workshop (Singapore)
ASEAN Regional Forum
Four objectives:
  1. Develop an understanding of the domestic arrangements of each participant, including the equivalency of offences and law enforcement powers and procedures,
  2. Understand and explore how to communicate and share information in the event of an incident,
  3. Identify models of best practise within the region, and
  4. Prioritise capacity building activities for those participants with less mature frameworks and mechanisms.
6-7 September 2012
Workshop on Proxy Actors in Cyberspace (Hoi An City, Quang Nam Province, Viet Nam)
ASEAN Regional Forum
Workshop on proxy actors in cyberspace, including sessions on their threat, the legal frameworks, strategies and the way forward.
14-15 March 2012
Activities
ASEAN-Singapore Cybersecurity Centre of Excellence

• Aimed to serve as thinktank and training centre, CERT center, and cyber range training centre

• Extension of the ASEAN Cyber Capacity Programme

September 2018 (announced)
ASEAN-Japan Cybersecurity Capacity Building Centre
Hosted in Thailand, will teach courses to prepare cybersecurity workforce in ASEAN for the rising threats of cyber-attacks
June 2018
ASEAN-Japan Information Security Drill
VNCERT
Hosted in Vietnam, involving three levels: the international coordination agency, the national coordination agency and the core units
May 2018
ASEAN CERT Incident Drill (ACID), 12th edition (Hanoi)
Aims to test and enhance incident response as well as broader cooperation and coordination among ASEAN CERTS as well as some of their key dialogue partners.
September 2017
ASEAN Cyber Capacity Programme (ACCP)
Seeks to develop technical, policy and strategy-building capabilities within ASEAN Member States
April 2017
ASEAN Cyber University Project
Aims to expand opportunities of higher education in ASEAN and strengthen the relationships between ROK and ASEAN.
2009
External Cooperation
INTERPOL-led cybercrime operation across ASEAN
Identification of nearly 9,000 Command and Control (C2) servers and hundreds of compromised websites, including government portals. Information provided by the private sector combined with cyber issues flagged by the participating countries
2017
Japan's International Campaign for Information Security
Cybersecurity awareness raising activities in cooperation with ASEAN member states
2012