In a significant pivot from traditional defensive strategies, Japan has passed new cybersecurity legislation aimed at launching a Preemptive Cyber Defense. The move, led by Prime Minister Shigeru Ishiba’s minority government ahead of a national election, comes in the wake of increasing cyberattacks that have exposed major vulnerabilities across critical infrastructure.
Passed in May, the legislation enables authorities to track online communication data and preemptively shut down malicious servers through the police and Japan’s Self-Defense Forces. It also mandates companies to report cyberattacks, signaling a broader push for public-private cooperation in national cybersecurity. With most of Japan’s key infrastructure, such as energy, transportation, and telecommunications, run by private firms, government officials are stressing that corporate participation is essential to national cyber defense.
Despite the uncertainty surrounding the upcoming House of Councillors election, Japan plans to forge ahead with its cyber strategy. A comprehensive defense system is set to be in place by 2027, with a new national cybersecurity strategy expected by the end of this year. Analysts, including Pacific Square, a strategic advisory firm, have noted the legislation’s promotion of international collaboration, positioning Japan as a more active player in global cybersecurity policymaking.
Preemptive Cyber Defense : Rising Threats Spur Training and Tech Investments
Japan’s cyber threat landscape has been shaped by ongoing attacks from state-linked actors in China, North Korea, and Russia, as well as criminal organizations. One of the most serious incidents emerged in 2019, when the group “MirrorFace” (also known as “Earth Kasha”) targeted sectors like semiconductors, IT, and academia by exploiting software vulnerabilities. Authorities suspect Chinese involvement in the attacks.
In response, Japan’s Ministry of Industry is pushing to increase its cybersecurity workforce, aiming to boost the number of trained professionals from 24,000 to 50,000 by 2030. Experts warn that launching Preemptive Cyber Defense & cyberattacks is now easier than ever due to the availability of hacking tools and ransomware kits online. Takahiro Kakumaru, director of cyber intelligence at NEC Corp., said many groups are creating user-friendly ransomware products that offer high success rates at low cost.
To counter the growing use of artificial intelligence by hackers, NEC is developing AI-powered defense systems. These tools will help protect critical infrastructure and government agencies beginning fiscal year 2025. Noboru Nakatani, NEC’s Chief Security Officer and former Interpol executive, emphasized the company’s goal of matching the United States in cybersecurity capability through these advancements.
Private Sector Urged to Strengthen Cyber Hygiene
NEC and other companies have joined the Cyber Threat Alliance, a global nonprofit that fosters information sharing among cybersecurity stakeholders. Led by Michael Daniel, a former U.S. presidential cybersecurity coordinator, the alliance is encouraging better collaboration between Japanese and American industries to combat common cyber threats.
Experts stress that private companies can improve their defenses through basic yet effective measures. These include adopting two-factor authentication, encrypting sensitive data, and using a technique known as “microsegmentation,” which limits hacker access by dividing networks into smaller sections.
Additionally, Japanese firms are being encouraged to collaborate across borders by exchanging digital “hash values,” which help identify malicious software. Daniel noted that the key to future resilience lies in building stronger inter-industry connections, not just between governments but between businesses, both domestically and internationally.
