The purpose of this strategic proposal is to support users of information services in making self-reliant decisions and to protect individuals and society against malicious or biased information in digital society. Consequently, it will contribute to making a future where the diverse benefits of digitalization can be fully realized.

In this strategic proposal, "Cognitive Security" is defined as protecting individuals and society from information that negatively impacts human cognition, which can function as a vulnerability in digital society. From the perspective of Cognitive Security, we define Self-reliant Decision-making as "decision-making that does not lead to outcomes that individual does not intend, as a result of being deceived by or becoming dependent on malicious or biased information."

In recent years, rapid digitalization--driven by the technologies such as Artificial Intelligence (AI) and Social Networking Services (SNS)--has significantly improved a convenience. At the same time, the misuse of AI has made it possible to easily generate vast amounts of information that is difficult to distinguish between the real and the fake, and the current digital environment enables such information to spread instantly and extensively via SNS. Furthermore, phenomena such as "filter bubbles" and "echo chambers" on SNS are accelerating the tendency for users to be surrounded by specific, biased information. In today's digital society, sophisticated phishing emails, fake news, and other information intending opinion manipulation target "cognitive vulnerability" and affect individuals, organizations, and society. In some cases, these have become serious threats that could undermine national security.

To address these threats, "Cybersecurity", which protects information systems from cyberattacks, is not sufficient. It is necessary to establish "Cognitive Security" to protect humans from information that exploits cognitive vulnerabilities and to support self-reliant decision-making. This strategic proposal proposes R&D tasks and promotion strategies for Cognitive Security.

Various countermeasures have been taken against the threat, such as phishing, fake news, and opinion manipulation (hereinafter referred to as "threat information"). The current primarily approach is "pre-arrival countermeasures," in which threat information is verified and learned in advance, and known threats are then filtered out or invalidated before they reach users. However, as information technology evolves, an increasing amount of threat information is bypassing these countermeasures. Moreover, since pre-arrival countermeasures target known threats, they are unable to fully prevent unknown threats.

To overcome these limitations and respond to diversifying and sophisticated threats, we need to achieve the following goals:

• To create comprehensive countermeasures5 for threat information that reaches the user of information services, and
• To create countermeasures to prevent emerging future threats.

To achieve these goals, it is extremely effective to create new countermeasures that incorporate insights into the cognitive vulnerability who receive threat information and make decisions. This strategic proposal proposes the following two R&D tasks:

[R&D Task 1] Systematization and identifying the mechanism of human cognitive vulnerabilities in a digital society, and prediction of new threats
This foundational R&D task aims to systematize human cognitive vulnerabilities, identify the mechanism, and predict new threats.
[R&D Task 2] Creation of countermeasures based on insights into human cognitive vulnerabilities
This R&D task focuses on creating practical methods to protect users from information that exploits cognitive vulnerabilities and to support self-reliant decision-making, utilizing the insights from R&D Task 1.

To create new countermeasures based on these insights, it is necessary to promote crossdisciplinary collaboration between cognitive research and security technology. This strategic proposal proposes the following two promotion strategies:

[Strategy 1] Promoting Interdisciplinary R&D through the "Cognitive Security Research Community"
To promote R&D in Cognitive Security, leading researchers establish the Interdisciplinary"Cognitive Security Research Community". This community facilitates interdisciplinary collaboration by integrating fields focused on human cognition with information technology sectors dedicated to developing countermeasures. Through this community, we will continue R&D for Cognitive Security.
[Strategy 2] Acceleration of R&D through Funding Programs
In parallel with Strategy 1, we will establish mission-oriented funding programs to accelerate R&D toward specific problem, such as phishing, fake news, and public opinion manipulation on social media.

By advancing R&D in Cognitive Security, we will be able to support the self-reliant decision-making of users in a digital society. Consequently, it is expected to contribute to countermeasures against various issues that negatively impact individuals, organizations, and society.

Since the human cognitive vulnerabilities addressed in Cognitive Security can vary based on culture, values, and social norms, research results from other countries may not always be directly applicable to Japan. It is necessary to proactively promote R&D that accounts for Japan's unique social and cultural characteristics.

• (in Japanese) Cognitive Security - Supporting Self-reliant Decision-making in the Digital Society -