Japan is taking significant steps to enhance its cybersecurity defense capabilities by expanding a new public-private information-sharing framework. This initiative aims to protect critical sectors, including national hospitals and the defense industry, from increasing cyberattacks. The government is considering introducing an “active cyber defense” system, which would allow authorities to monitor and, if necessary, penetrate the servers used by cyberattackers to neutralize the threat. This framework underscores the importance of cybersecurity in maintaining the smooth functioning of essential services and national security.
The decision to include national hospitals and defense industries in the cybersecurity framework comes from their central role in maintaining public health and national defense. Disruption to these sectors could severely impact citizens’ lives and the operations of the Self-Defense Forces (SDF). As a result, the government plans to support these industries in enhancing their cybersecurity defenses, even taking steps to neutralize potential threats at the source. The framework will also encourage information sharing between the government and private sector on both domestic and foreign cyber threats.
A key element of the framework is the establishment of a “national cybersecurity office,” which will be formed by reorganizing Japan’s National Center of Incident Readiness and Strategy for Cybersecurity (NISC). This office will oversee the collaboration between the public and private sectors, ensuring that the latest information on cybersecurity threats is shared promptly. The private sector will be required to report cyberattacks to the government swiftly, but participation in the information-sharing framework will remain voluntary for businesses.
While the framework was initially intended to protect essential infrastructure, such as major power companies, the government recognized the need to extend protection to national hospitals and the defense industry. This expansion aims to safeguard vital national functions, with the possibility of including private hospitals in the future. In the case of large-scale cyberattacks on medical institutions, the government is prepared to intervene directly by neutralizing the threat and protecting sensitive data, ensuring that Japan’s healthcare and defense sectors remain resilient in the face of evolving cyber risks.
