TOKYO -- The Japanese government will soon require its defense contractors to implement U.S. security standards to safeguard their data against cyberattacks, Nikkei has learned.
Around 300 contractors, such as Mitsubishi Heavy Industries and Kawasaki Heavy Industries, that do business directly with the Ministry of Defense will be required to submit data protection plans and undergo compliance checks.
The new rule could extend to subcontractors in Japan's 2 trillion yen ($18 billion) defense industry. About 7,000 companies are involved in making naval destroyers alone. Businesses involved in making warplanes and military vehicles number 1,000 companies each.
The move is designed to prevent weapons technology from reaching China in an unauthorized way.
The data protection plans will be based on the U.S. Department of Defense's guidelines for contractors. Called the National Institute of Standards and Technology Special Publication 800-171, the document spells out around 100 provisions governing access controls, communications, monitoring and safekeeping of memory storage media, among other areas.
Violators could have government contracts canceled or be ordered to rectify their practices, although they will not be subject to legal penalties, according to the plan.
Tokyo will roll out a pilot version of the rule as soon as this spring. It will apply at first to only a handful of contractors, but will expand to the wider industry in stages starting in fiscal 2020.
The new Japanese rules will give a leg up to joint weapons development with American partners. The Japanese side is required to maintain strict controls over U.S.-origin technology in those projects. The data protection requirements will facilitate sales of jointly developed products to third countries. The tighter cooperation between U.S. and Japan in cybersecurity is also designed to strengthen the alliance.
The U.S. has been keen to prevent China from acquiring technology and information. Last August, Washington passed a defense-spending bill that bars the procurement of certain equipment from Huawei Technologies and other Chinese suppliers.
