It appears Japan is still at an early stage of forming a cyber security organisation (probably mainly civilian staffed).
There may also be resistance from Japan's three armed services (Army, Navy and Air Force) to form a joint signals intelligence (SigInt) and information security (InfoSec) organisation. Such an organisation would be typically staffed by uniformed and civilian personnel.
Submarine Matters suggests if Japan wants to successfully market large, highly sensitive weapon systems it needs to fix these problems.
BACKGROUND
…Similarly in Japan, the cabinet's National Center of Incident Readiness and Strategy for Cybersecurity (NISC) and the relevant ministries and agencies are in charge of the cybersecurity of critical infrastructure, while the Cyber Defense Unit --whose mission is to monitor the networks of the Ministry of Defense and the JSDF, and to respond to incidents occurring in them--does not defend the systems and networks used in critical infrastructure or in the defense industry.
Cybersecurity Center Level
There may also be resistance from Japan's three armed services (Army, Navy and Air Force) to form a joint signals intelligence (SigInt) and information security (InfoSec) organisation. Such an organisation would be typically staffed by uniformed and civilian personnel.
Submarine Matters suggests if Japan wants to successfully market large, highly sensitive weapon systems it needs to fix these problems.
BACKGROUND
On February 24, 2016 AAP via Australia’s NT Newsreported:
“Japan its own enemy in cybersecurity
Apart from rogue hackers, criminal organisations or even state-backed cyberwarfare units, Japan's businesses and government agencies are facing a unique cybersecurity foe: themselves.
Even with the frequency and severity of cyberattacks increasing rapidly worldwide, efforts by the world's third-largest economy to improve its data security are being hobbled by a widespread corporate culture that views security breaches as a loss of face. That leads to poor disclosure of incidents or information sharing at critical moments, Japanese experts and government officials say.
[bolded by Submarine Matters] Improving cybersecurity practices has emerged as a top national priority for Japan, stung in recent years by embarrassing leaks at Sony Pictures, the national pension fund and its biggest defence contractor, Mitsubishi Heavy Industries, which possibly suffered the theft of submarine and missile designs...[see whole article].
Earlier on May 30, 2015 Reutersreported:
The United States will extend its cyber defense umbrella over Japan, helping its Asian ally cope with the growing threat of online attacks against military bases and infrastructure…
The Japanese military's cyber defense unit has around 90 members, compared to more than 6,000 people at the Pentagon, a Japanese Defense Ministry official said at a briefing on Thursday.
FURTHER BACKGROUND
Miyuki Matsuzaki, "The Cybersecurity Challenges for the Ministry of Defense and the Self-Defense Forces"indicated February 3, 2016 inc but the article appeared originally in Japanese in IIPS Quarterly, dated July 17, 2015.
In January of this year (2015), the government of Japan established the Cybersecurity Strategic Headquarters and released a new Cybersecurity Strategy in May [2015]. Through these and other developments, the government is promoting cybersecurity initiatives. At the same time, a plethora of cybersecurity issues have been accumulating,
...In the US, the DHS is in charge of cybersecurity for critical infrastructure. However, it is assumed that, when such infrastructure has been subject to a cyberattack that has resulted in significant damage, it will be a unit from USCYBERCOM that will respond.
…Similarly in Japan, the cabinet's National Center of Incident Readiness and Strategy for Cybersecurity (NISC) and the relevant ministries and agencies are in charge of the cybersecurity of critical infrastructure, while the Cyber Defense Unit --whose mission is to monitor the networks of the Ministry of Defense and the JSDF, and to respond to incidents occurring in them--does not defend the systems and networks used in critical infrastructure or in the defense industry.
AUSTRALIAN CYBERSECURITY, SIGINT-INFOSEC ENVIRONMENT
Cybersecurity centers have a broader mandate mainly at a civilian level. In Canberra, Australia the Australian Cyber Security Centre(ASSC)“is an important Australian Government initiative to ensure that Australian networks are amongst the hardest in the world to compromise."
"The centre brings together existing cyber security capabilities across Defence, theAttorney-General’s Department, Australian Security Intelligence Organisation, Australian Federal Police and Australian Crime Commission” at a single office. “Importantly, it is a hub for greater collaboration and information sharing with the private sector, state and territory governments, academia and international partners to combat the full range of cyber threats.”
"The ACSC is the joint responsibility of the Attorney-General and Minister for Defence. [In part avoid duplication of ASSC and Australian Signals Directorate (ASC) roles]... A Deputy Director of the Australian Signals Directorate, is the centre’s coordinator.
Australian Signals Directorate (ASD) - SigInt/InfoSec Level
At a typically higher level of security, due to its part intelligence role, the Australian Signals Directorate has civilian and uniformed staff (drawn from all three armed services).
The Australian Signals Directorate (ASD, formerly DSD) is an intelligence agency in the Australian Government Department of Defence, with its headquarters in Canberra.
... ASD:
- collects and analyses foreign signals intelligence, known as SigInt
- provides advice and assistance on information and communications security, known as InfoSec.
SUBMARINE MATTER'S COMMENT
It appears that the Japanese Ministry of Defence has not yet persuaded Japan’s 3 armed services (Army, Navy, Air Force) to form a unified Japanese NSA staffed by civilians and uniformed military. Encouraging all three armed services to combine in such a structure (NSA in US, GCHQ in the UK) was a historical challenge. It may be a present challenge for Japan.
If Japan wins the future submarine competition it appears Australia’s Department of Defence-Australian Signals Directorate and Attorney General’s have much to do in encouraging Japan to fully develop institutions that protect technical-and-strategic secrets.
Currently it is hoped Japan’s bid documents for the Competitive Evaluation Process (CEP) have been transmitted securely by Japan.