Study Group for Promoting the Development of Cybersecurity Talent Compiles and Announces Its Final Report

1. Background and purpose

It has been widely claimed that Japan lacks sufficient cybersecurity talent, with the results of a private survey* showing a shortage of approximately 110,000 in the country. To address this insufficiency, it is crucial to advance strategic measures that resolve issues faced by different segments of talent, from top-level and highly skilled professionals to personnel promoting cybersecurity at local SMEs and so forth.

Against this backdrop, METI has been holding the Study Group for Promoting the Development of Cybersecurity Talent, engaging experts in discussions. Based on the enhancement and improvement of existing measures that have had some degree of effect, the Study Group has been examining solutions through various methods, including interviews with representatives of organizations with a demonstrable need for such a policy, and has compiled METI’s policy direction in the form of the Final Report compiled by the Study Group for Promoting the Development of Cybersecurity Talent.

2. Overview of the Final Report compiled by the Study Group for Promoting the Development of Cybersecurity Talent

The Final Report compiled by the Study Group for Promoting the Development of Cybersecurity Talent summarizes the discussions of the Study Group. While presenting METI’s approach as outlined below, the Final Report upholds the target of increasing the number of RISSs from approximately 24,000 as of April 2025 to 50,000 by 2030. Going forward, METI will continue to improve various measures while examining further initiatives to strengthen human resources development for the purpose of enhancing the quality and quantity of Japan’s pool of cybersecurity talent.

Policy direction for promoting the development of cybersecurity talent

(1) Expand Security Camps

• Implement new security camps that aim to develop highly skilled security professionals with combined expertise in specific fields such as AI.
• Establish a community where security camp graduates can continue enhancing their expertise, give back to society, share their achievements, and so forth.

(2) Promote the use of RISSs

• Create an active list of RISSs capable of providing individualized consultation/support services to different companies according to their needs, and accelerate matching between SMEs and RISSs through SME support organizations and so forth.
• Introduce a system that exempts individuals with specific practical experience from attending the training required at the time of license renewal.

(3) Present measures to secure human resources at leading medium enterprises (LMEs), SMEs, and the like.

• Provide a practical beta-version guide for LMEs/SMEs on how to secure and develop human resources in accordance with the security measures they are required to implement.
• Present training materials and related qualifications that can be used as a reference in developing human resources.

Targeted effects

• Expand the scale of top-level talent (to more than twofold)
• Enhance the appeal of a career in cybersecurity
• Increase career opportunities for RISSs* (offer more opportunities to gain practical experience such as ensuring cybersecurity for SMEs)
• Alleviate the burden of RISS qualification renewal
• Reduce security talent hiring costs for LMEs/SMEs
• Facilitate internal human resources development by LMEs/SMEs

Related Materials (in Japanese)

• Final Report by the Study Group for Promoting the Development of Cybersecurity Talent (Overview)(PDF:1,918KB)
• Final Report by the Study Group for Promoting the Development of Cybersecurity Talent(PDF:5,182KB)

Related Link

• Study Group for Industrial Cybersecurity Working Group 2 (Study Group for Promoting Development of Cybersecurity Talent), METI (in Japanese)

Division in Charge

Cybersecurity Division, Commerce and Information Policy Bureau