For Japan, results from the 2023 Global State of Cybersecurity Study are a study in contrasts. On the plus side, at just 26 percent, Japanese organizations experienced by far the lowest rate of data breaches of any country surveyed (the average breach rate is 60 percent). However, at 460 million yen the average cumulative cost of those breaches was 60 percent higher than the global average.
Those are just two of the many findings from the 2023 study. Produced for Infoblox by the CyberRisk Alliance, the annual survey covers 13 global markets. In addition to Japan, they include the United States, Mexico, Brazil, the United Kingdom, Germany, France, The Netherlands, Spain, United Arab Emirates, Australia, Singapore, and India.
Factors Affecting Survey Findings for Japan
The relatively low rate of data breaches may be associated to some degree with the relatively low adoption of work-from-anywhere initiatives in Japan compared with other countries, even during the COVID-19 pandemic. Subsequently, Japanese organizations were also less likely to expand mobile device deployments for remote workers, compared with those in other countries. It is worth noting that of successful breaches in Japan, 42% originated with a remote, employee-owned endpoint.
Common Concerns
Its low data breach rate aside, survey results for Japan are largely in-line with those from other participating countries. Japanese cyber security decision-makers share many of the security concerns moving forward as their counterparts in other countries. Key findings from the Japan survey include:
- Most prevalent attack vectors detected: As in all countries surveyed, email/phishing was the leading attack vector Japanese security teams detected (around 38 email/phishing attacks per organization), followed by ransomware and network-based attacks.
- Attack types resulting in breaches: Ransomware was the leading form of attack (65%) that led to breaches in Japan, followed by phishing(46%) and zero-day attacks (27%).
- Most urgent security threats: More than half of Japanese security organizations are concerned with data leaks(57%). Ransomware is a close second (50%), followed by attacks through remote worker connections.
- Top challenges: Like findings in other countries, Japanese organizations struggle with a shortage of IT security skills (38%) and lack of budget (32%).
The Role of DNS in Japanese Cybersecurity
The CyberRisk Alliance report reveals that the Domain Name System (DNS) is another area where Japanese security organizations are in alignment with those from the global community. In Japan as elsewhere, DNS-based security has become a key component of organizations’ security strategies. Security teams in Japan rely on DNS as a first line of defense against a wide range of cyberattacks and to fill the gaps created by skills shortages and budget shortfalls.
Specifically, security organizations in Japan reported using DNS-based security methods to:
- Block devices from reaching known bad destinations to reduce the burden on perimeter defenses (41%)
- Automatically know when devices are attempting to make those requests (35%)
- Automatically protect against threats like DNS tunneling, data exfiltration and domain generating algorithms that other security tools might miss (32%)
- Detect malware activity earlier in the kill chain (17%)
Learn more
Discover findings from all 13 countries with insights for each region by requesting your copy of the full 2023 Global State of Cybersecurity report, or, if you prefer, request the localized version of the Japan report.
