Nihon Cyber Defence

Preparing for Active Cyber Defense (ACD)

Ret. Adm. Ichida’s Insights for Japanese Businesses

What is Active Cyber Defense?

Japan’s Active Cyber Defense (ACD) policy introduces substantial changes to the way businesses approach cyber security, particularly for those in critical infrastructure sectors. Retired Admiral Akira Ichida’s analysis highlights both the opportunities and challenges of this transformative initiative, providing businesses with key considerations as they prepare for its implementation.


Disclaimer:
NCD defines “Active Cyber Defense” in accordance with the UK National Cyber Security Centre (NCSC) definition –  “… services that are designed to reduce high-volume commodity cyber attacks.”

This initiative aims to prevent cyber intrusions from spreading on a large scale by establishing a collaborative framework between the government and the private sector for sharing threat intelligence. With a proposed legal framework set for submission to the National Diet in 2025, this marks a pivotal moment in Japan’s efforts to defend its critical infrastructure and digital economy.

Proposed Framework of Government

  1. Targeted Monitoring of Foreign-Related Communications: The government will legally monitor suspicious foreign-related communications for signs of potential cyber threats.

  2. Mandatory Reporting for Critical Infrastructure: Water, electricity, and other essential infrastructure operators will be required to report cyber incidents to the government.

  3. Utilization of the Security Clearance System: To ensure effective information sharing, the framework proposes granting access to sensitive information via a security clearance system.

  4. Learning from International Models: Inspired by systems like the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and its Joint Cyber Defense Collaborative (JCDC), Japan aims to emulate global best practices.

Insights for Businesses

  1. Navigating Increased Responsibilities with Clear Guidance
    Ichida acknowledges the progress of establishing a collaborative council and mandatory reporting obligations for critical infrastructure. However, businesses must be proactive in understanding and meeting these new requirements.

    Actionable Takeaways
    Companies should strengthen their cyber threat monitoring systems by creating a real-time, two-way information-sharing framework between the public and private sectors. This will enable faster, more effective responses to emerging threats. Additionally, establishing clear incident reporting protocols will ensure a smooth and efficient response process.

    For critical infrastructure operators, compliance with these new mandates is non-negotiable, and early adoption of reporting frameworks will ease the transition.
  1. Addressing Challenges in Foreign Communications Monitoring
    The ACD’s plan to focus on “foreign communications” monitoring raises practical challenges. Ichida points out the complexity of distinguishing between foreign and domestic data flows. The term “foreign” lacks clarity—whether it refers to the source of the attack, the communication itself, or both. If the focus is on monitoring communications at Japan’s entry points, there is a risk that attacks initiated by foreign entities within the country may be overlooked. This issue impacts businesses, particularly those involved in global operations.

    Actionable Takeaways
    Companies must collaborate with the government and ISPs to ensure that their networks comply with monitoring requirements without compromising operational efficiency.

    Leveraging AI-powered threat detection technologies, as well as implementing solutions such as SIEM and MFA that contribute to a zero-trust framework, will enhance network security and strengthen the safety of the system environment.
  1. Aligning Cyber security Measures with Legal and Constitutional Protections
    Ichida emphasizes the importance of aligning ACD-related initiatives with Japan’s constitutional protections for communication privacy (Article 21)Businesses must remain vigilant about protecting customer and stakeholder data while meeting new government mandates.

    Actionable Takeaways:
    Companies must review their data handling and privacy policies to ensure compliance with domestic laws and international regulations.

    Transparency with customers about how their data is protected in light of new cyber security policies will be critical in maintaining trust.
  1. Strengthening Organizational and Human Resource Capacity
    Ichida highlights the need for skilled personnel and robust organizations capable of rapid responses to ensure the effective implementation of ACD by the government. Businesses, especially those in critical sectors, will need to address similar challenges internally.

    Actionable Takeaways
    Companies should invest in training cyber security professionals and creating dedicated teams to manage compliance and threat response.

    Leveraging external expertise, such as from firms like Nihon Cyber Defence, can fill gaps in knowledge and resources.
  1. Leveraging Lessons from International Models
    Ichida points to the U.S. model (e.g., CISA’s JCDC) as a reference for Japan’s ACD framework. Businesses involved in these global initiatives provide valuable insights for others looking to adapt.

    Actionable Takeaways:
    Businesses should study best practices from countries with established proactive cyber defense systems to anticipate potential challenges.

    Participating in international or domestic threat-sharing councils will provide an opportunity to stay ahead of emerging threats.
  1. Opportunities for Innovation and Collaboration
    Ichida underscores the need for collaboration across public and private sectors, with ISPs and other entities playing a critical role. For businesses, this presents both a challenge and an opportunity.

    Actionable Takeaways:
    Companies should actively participate in public-private partnerships to share intelligence and enhance their own security capabilities.

    Cyber security providers and tech firms should seize the chance to innovate solutions that align with the government’s monitoring and response needs.

Looking Ahead

Japan’s proactive approach to cyber security represents a critical step forward, but the road ahead is not without hurdles. The implementation of ACD-related legislation indicates progress in clarifying legal interpretations and potential amendments concerning the protection of communications confidentiality. Based on the assumption that actions taken by the relevant authorities is considered legitimate, the implementation will require transforming government cyber defence capabilities, fostering public-private cooperation, and building organizational and technical capacity.

Ichida’s insights underscore the complexity of the task, reminding us that while the foundations are being laid, continuous adaptation and vigilance will be required to meet the ever-evolving landscape of cyber threats. The next few years will be pivotal as Japan navigates these challenges to secure its digital future. Addressing these challenges and protecting Japan’s digital society will require sustained collaboration between the public and private sectors.

Akira Ichida
Akira Ichida

Retired Admiral, Japan Maritime Self-Defense Force, Senior Advisor @ Nihon Cyber Defence

Retired JMSDF Admiral, Ichida led MSDF cyber operations, intelligence enhancements, advancing cyber defence, information sharing, and overseas training for Japan’s military.

Edit Template

Cyber Maturity Assessment

Nihon Cyber Defence (NCD) offers comprehensive Cyber Maturity Assessments designed to evaluate an organisations current cyber security capabilities, identify areas for improvement, and develop a strategic roadmap to enhance overall security posture.

Cyber Security Framework (NIST)

National Institute of Standards and Technology

NIST Framework Graphic

Cyber Assessment Framework (CAF)

National Cyber Security Centre

CAF Framework Graphic
Edit Template

More from NCD​

Susumu Toriumi Appointed COO of Nihon Cyber Defence

NCD appoints Susumu Toriumi as Chief Operating Officer to lead growth and scale Japan-built cyber defence solutions across critical infrastructure...

Why Software Is Reshaping Global Warfare

Software is redefining national defence. Explore how Japan, the US, and allies are adapting to software-defined warfare and cyber security leadership...

UNC3944: What Business Leaders Need to Know

UNC3944 is not traditional ransomware. Learn how critical sectors can prepare for persistent access, real-time disruption, and identity-based attacks...

Robert Stevenson Appointed CRO of Nihon Cyber Defence

Robert Stevenson joins Nihon Cyber Defence as Chief Revenue Officer, bringing decades of experience in cyber security, OT, and enterprise tech in Japan...

What Cyber Leaders Need to Know About RansomHub’s Collapse and the Ransomware Cartel Model

Learn how RansomHub’s collapse signals a shift to ransomware cartel models. NCD CTO Toshio Nawa explains what Japanese cyber leaders must know to defend critical sectors...

John Moore Appointed CFO of Nihon Cyber Defence

Nihon Cyber Defence names John Moore as CFO to guide financial strategy and scalable growth. Moore brings over 20 years of leadership experience across Japan, APAC, and global markets, strengthening...

China’s APT Threats to Japan’s Critical Infrastructure

China-linked APT groups—Salt, Volt, and Silk Typhoon—are reshaping cyber warfare. Learn how these threats target Japan’s critical infrastructure and how to respond effectively...

Empowering the Next Generation of Cyber Security Talent

NCD joined the Empower Girls event in Belfast, inspiring 600 young girls to explore careers in cyber security through hands-on learning and role models...

Nihon Cyber Defence and Netcraft Strategic Partnership

NCD and Netcraft are teaming up to deliver real-time phishing detection and takedown in Japan. Learn how this partnership boosts national cyber resilience...
Edit Template