Japan Unveils New Cybersecurity Strategy Prioritizing Active Defense

Prime Minister Sanae Takaichi’s cabinet on Tuesday approved Japan’s new five-year cybersecurity strategy, emphasizing preemptive “active cyber defense” measures to counter rising digital threats.

The updated plan identifies state-sponsored cyberattacks as a serious national security concern and vows to “continuously impose costs” on aggressors, even during peacetime, to “proactively defend against and deter cyber threats” through multifaceted actions.

To bolster threat analysis capabilities, the government will centralize cyber intelligence under the newly established National Cybersecurity Office, created in July amid a surge in attacks on government agencies and critical infrastructure.

“We aim to achieve the world’s highest level of vigilance to effectively address the increasingly severe cybersecurity environment,” Chief Cabinet Secretary Minoru Kihara said at a press briefing.

Addressing privacy concerns surrounding active defense operations, Kihara assured that the initiative includes “strict protocols and conditions” to safeguard communication secrecy during data collection and analysis.

Japan introduced the concept of active cyber defense in May through a new law granting police and the Self-Defense Forces authority to access and neutralize servers that pose cyber threats.

Originally introduced in 2013, Japan’s cybersecurity strategy has undergone regular revisions. The 2021 update notably named China, Russia, and North Korea as primary sources of cyberattacks, framing cyberspace as a new front of geopolitical competition.