Revision of National Security Strategy
On December 16, 2022, the Japanese government approved a cabinet decision on security-related strategic documents: the National Security Strategy (NSS), National Defense Strategy (NDS), and Defense Buildup Program (DBP). The NSS is the principle for Japan’s national security strategy for the next 10 years, defining diplomatic and defense strategies in response to the new security environment. The NDS, renamed from the National Defense Program Guideline, defines the Japan Self-Defense Force’s (JSDF) defense strategy for the next decade, setting goals for national security and outlining approaches and means to achieve them. The DBP, renamed from the Mid-term Defense Program, indicates a medium- to long-term development plan that includes the level of defense capability and the procurement plan.
The revision of the NSS marks a major turning point in Japan’s post-World War II national security policy. The following six points are its major changes. First, it points out the fundamental changes in the security environment, especially China’s military rise becoming a threat to Japan’s security; second, it calls for raising the defense budget to 2% of GDP in FY2027; third, it plans for procuring missiles with a range of about 1,000 km and possessing a counterattack capability; fourth, in the cyber domain, it plans to introduce active cyber defense; fifth, it specifies the procurement of various types of unmanned weapons, and the sixth, it supports expanding exports of defense equipment.
In line with the revised strategy, the DBP has been completely revised, and defense expenditures of 43 trillion yen will be allocated over five years starting in 2023.
Changes in Cybersecurity Policy
There are two significant changes in the cyber area of this new NSS: the development of a posture for information warfare and the introduction of active cyber defense in cybersecurity.
The war in Ukraine began during and influenced the revision process of the NSS. The war has the characteristics of a hybrid war, consisting of physical combat, information warfare, and cyber warfare, and has had a major impact on the national security discussion in Tokyo. The Liberal Democratic Party (LDP) proposal for the NSS revision released in April 2022 describes an urgent need to develop a posture for information warfare, as “in light of Russia’s aggression against Ukraine this year, preparation for information warfare is an urgent issue.” In response to the debate on the need to deal with information warfare, the new NSS describes the creation of an organization within the government to deal with information warfare as “a new structure will be established within the Government to aggregate and analyze the situation on disinformation originated abroad.”
Reflecting the new NSS, in the FY2023 budget, the Ministry of Foreign Affairs plans to use artificial intelligence (AI) to enhance monitoring of the information space and strengthen intelligence analysis. The Ministry of Defense is also planning to introduce an automatic information gathering and analysis system using AI technology to grasp the situation of information warfare.
Regarding the issue of active cyber defense, the LDP proposal, describing the cyber response strategy as “necessary to consider the implementation of active cyber defense against the attacker,” was simply carried into the NSS as follows: “Japan will introduce active cyber defense for eliminating in advance the possibility of serious cyberattacks.” To implement active cyber defense, the National center for Incident readiness and Strategy for Cybersecurity (NISC) will be restructured to establish a new cybersecurity organization, which will coordinate policies in the field of cybersecurity and will command the cyber units of the JSDF and the police.
The number of cyber personnel in the current MTDP is around a thousand, but in response to the direction in the DBP, the Ministry of Defense will train 4,000 cyber “warriors” and provide 16,000 JSDF personnel with cyber training in five years.
In addition, several laws will be revised to implement active cyber defense. It is likely the Telecommunications Law and the Unauthorized Computer Access Prohibition Law will be revised in the near future to enable the Japanese government to conduct administrative interception, which is allowed in Western countries but not in Japan.
Prospects for Japan’s Cybersecurity Posture
Admiral Dennis Blair, the former U.S. Director of National Intelligence, described Japan’s cyber team as “minor league” at the LDP’s security subcommittee last year. If the cybersecurity posture described in the strategy documents is realized, Japan’s cyber team will be promoted to a triple-A team, if not a major league team.
The new NSS, surprisingly, sets very high goals: “the response capabilities [of Japan] in the field of cybersecurity should be strengthened equal to or surpassing the level of leading Western countries.” Once an active cyber defense system is in place, Japan, like the U.S., will be able to monitor cyberattacks, identify attackers (attribution), and take countermeasures against attacks as a series of cyber defenses.
In the DBP, it is stated that the JSDF will promote cooperation and interoperability in cross-domain operations, including space, cyber, and electromagnetic operations, to further strengthen the joint integrated deterrence capability of Japan and the United States. It also states that the cyber threat-hunting capabilities of the SDF’s cyber units will be strengthened, which means that the SDF’s cyber units will have cyber counterattack capabilities soon.
In the event of a Taiwan contingency, it is highly likely that hybrid warfare, combining military and non-military means to achieve military objectives, will be implemented. If the posture stipulated in the new strategic documents is in place within five years, Japan will have the capability and structure to fight in cyberspace. Further, the JSDF’s cyber units will share the mission with the U.S. military’s cyber command to defend cyberspace.
Jun Osawa is a Senior Research Fellow at the Nakasone Peace Institute.
How Japan Is Modernizing Its Cybersecurity Policy
By Jun Osawa
Japan
The war in Ukraine began during and influenced the revision process of the NSS. The war has the characteristics of a hybrid war, consisting of physical combat, information warfare, and cyber warfare, and has had a major impact on the national security discussion in Tokyo. The Liberal Democratic Party (LDP) proposal for the NSS revision released in April 2022 describes an urgent need to develop a posture for information warfare, as “in light of Russia’s aggression against Ukraine this year, preparation for information warfare is an urgent issue.” In response to the debate on the need to deal with information warfare, the new NSS describes the creation of an organization within the government to deal with information warfare as “a new structure will be established within the Government to aggregate and analyze the situation on disinformation originated abroad.”
Revision of National Security Strategy
On December 16, 2022, the Japanese government approved a cabinet decision on security-related strategic documents: the National Security Strategy (NSS), National Defense Strategy (NDS), and Defense Buildup Program (DBP). The NSS is the principle for Japan’s national security strategy for the next 10 years, defining diplomatic and defense strategies in response to the new security environment. The NDS, renamed from the National Defense Program Guideline, defines the Japan Self-Defense Force’s (JSDF) defense strategy for the next decade, setting goals for national security and outlining approaches and means to achieve them. The DBP, renamed from the Mid-term Defense Program, indicates a medium- to long-term development plan that includes the level of defense capability and the procurement plan.
The revision of the NSS marks a major turning point in Japan’s post-World War II national security policy. The following six points are its major changes. First, it points out the fundamental changes in the security environment, especially China’s military rise becoming a threat to Japan’s security; second, it calls for raising the defense budget to 2% of GDP in FY2027; third, it plans for procuring missiles with a range of about 1,000 km and possessing a counterattack capability; fourth, in the cyber domain, it plans to introduce active cyber defense; fifth, it specifies the procurement of various types of unmanned weapons, and the sixth, it supports expanding exports of defense equipment.
In line with the revised strategy, the DBP has been completely revised, and defense expenditures of 43 trillion yen will be allocated over five years starting in 2023.
Changes in Cybersecurity Policy
There are two significant changes in the cyber area of this new NSS: the development of a posture for information warfare and the introduction of active cyber defense in cybersecurity.
The war in Ukraine began during and influenced the revision process of the NSS. The war has the characteristics of a hybrid war, consisting of physical combat, information warfare, and cyber warfare, and has had a major impact on the national security discussion in Tokyo. The Liberal Democratic Party (LDP) proposal for the NSS revision released in April 2022 describes an urgent need to develop a posture for information warfare, as “in light of Russia’s aggression against Ukraine this year, preparation for information warfare is an urgent issue.” In response to the debate on the need to deal with information warfare, the new NSS describes the creation of an organization within the government to deal with information warfare as “a new structure will be established within the Government to aggregate and analyze the situation on disinformation originated abroad.”
Reflecting the new NSS, in the FY2023 budget, the Ministry of Foreign Affairs plans to use artificial intelligence (AI) to enhance monitoring of the information space and strengthen intelligence analysis. The Ministry of Defense is also planning to introduce an automatic information gathering and analysis system using AI technology to grasp the situation of information warfare.
Regarding the issue of active cyber defense, the LDP proposal, describing the cyber response strategy as “necessary to consider the implementation of active cyber defense against the attacker,” was simply carried into the NSS as follows: “Japan will introduce active cyber defense for eliminating in advance the possibility of serious cyberattacks.” To implement active cyber defense, the National center for Incident readiness and Strategy for Cybersecurity (NISC) will be restructured to establish a new cybersecurity organization, which will coordinate policies in the field of cybersecurity and will command the cyber units of the JSDF and the police.
The number of cyber personnel in the current MTDP is around a thousand, but in response to the direction in the DBP, the Ministry of Defense will train 4,000 cyber “warriors” and provide 16,000 JSDF personnel with cyber training in five years.
In addition, several laws will be revised to implement active cyber defense. It is likely the Telecommunications Law and the Unauthorized Computer Access Prohibition Law will be revised in the near future to enable the Japanese government to conduct administrative interception, which is allowed in Western countries but not in Japan.
Prospects for Japan’s Cybersecurity Posture
Admiral Dennis Blair, the former U.S. Director of National Intelligence, described Japan’s cyber team as “minor league” at the LDP’s security subcommittee last year. If the cybersecurity posture described in the strategy documents is realized, Japan’s cyber team will be promoted to a triple-A team, if not a major league team.
The new NSS, surprisingly, sets very high goals: “the response capabilities [of Japan] in the field of cybersecurity should be strengthened equal to or surpassing the level of leading Western countries.” Once an active cyber defense system is in place, Japan, like the U.S., will be able to monitor cyberattacks, identify attackers (attribution), and take countermeasures against attacks as a series of cyber defenses.
In the DBP, it is stated that the JSDF will promote cooperation and interoperability in cross-domain operations, including space, cyber, and electromagnetic operations, to further strengthen the joint integrated deterrence capability of Japan and the United States. It also states that the cyber threat-hunting capabilities of the SDF’s cyber units will be strengthened, which means that the SDF’s cyber units will have cyber counterattack capabilities soon.
In the event of a Taiwan contingency, it is highly likely that hybrid warfare, combining military and non-military means to achieve military objectives, will be implemented. If the posture stipulated in the new strategic documents is in place within five years, Japan will have the capability and structure to fight in cyberspace. Further, the JSDF’s cyber units will share the mission with the U.S. military’s cyber command to defend cyberspace.
Jun Osawa is a Senior Research Fellow at the Nakasone Peace Institute.
Recent & Related