Security Vendors, The Time for Japan is Now

Written by
Jon Rezneck
  • 1) Recent Trends / Why the Time is Now for Security Vendors in Japan
  • 2) Japan Cyber Market Overview
  • 3) Potential Challenges for Security Founders to Navigate in Japan

Recent Trends / Why the Time is Now for Security Vendors in Japan

Japan has always been a massive software market (~$27B market size in 2021, expected to reach ~$40B by 2025 per Gartner) and many leading enterprise software companies generate a significant amount of revenue from Japan alone. One challenge historically has been that many of the large corporations in the region are more traditional, legacy enterprises who have tended to be slower adopters of next-generation technologies. This has gradually been changing over the past decade, and significantly shifted as a result of COVID-19. While Japanese companies were initially reluctant to adopt remote work due to the strong face-to-face culture, they have started to adopt it as the norm. As we’ve learned firsthand from speaking with many of our Japanese LPs and working with our portfolio companies on the ground, large Japanese corporations realize they can’t ignore the importance of adopting new technologies and embracing a cloud and distributed world. As a result, the adoption of software and security technology in Japan is now happening faster than ever before.

  • In 2018, a Japan-based cryptocurrency exchange lost $530 million in a hack
  • Starting in early 2020, companies in Japan ranging from small businesses to large corporations like Honda, Canon, and Capcom have faced an unprecedented spike in ransomware attacks, which have suspended business operations, crippled computer and email systems, and often resulted in millions of dollars in losses
  • There were multiple threats of cyber attacks on the 2020 Tokyo Olympics, prompting Japan to work with the US Department of Homeland Security, Israel Electric Corporation, and others to improve its security posture and protect its critical infrastructure
  • According to NTT Corporation, 450 million cyberattacks were attempted on Japan’s Olympics infrastructure!
  • In 2021, Japanese government data stored in Fujitsu software was accessed and stolen by hackers; impacted entities included the Ministry of Land, Infrastructure, Transport, and Tourism (which had at least 76,000 email addresses leaked), Narita Airport, and the Cabinet Secretariat of Japan

Japan Cyber Market Overview

The cybersecurity market in Japan is currently estimated at ~$10.6B and is expected to continue to grow at a steady pace in the coming years (source: Nomura Research Institute). In addition to continued digital transformation initiatives, the increased use of telework, web conferencing, and cloud services due to the spread of COVID-19 and the post-pandemic long-term cultural adjustment towards remote work will drive the continued enhancement and strengthening of security measures. Specific areas where we are seeing particularly strong demand include cloud security, endpoint security, IoT security, code/developer security, and user authentication/identity management technologies.

Potential Challenges for Security Founders to Navigate in Japan

One of the core challenges for security adoption in Japan is that many Japanese companies have legacy systems that need overhaul. Modern security software often cannot be used or integrated effectively with these old architectures. Like in any transformational period, upgrades to systems and architectures may be necessary to take advantage of the newest technologies in the market. Japanese enterprises are becoming more aware of this need to upgrade and are taking steps to modernize their systems, but it is important to be aware that this process is still in the relatively early stages.


Despite some potential challenges, we have found time and time again that if done right, the investment in Japan is well worth it (just ask our portfolio companies). A little bit of proactive effort and evangelization can result in a lot of enterprise demand from prospects for your cybersecurity products and meaningful revenue for your business.