Tanium Announces 'Cyber Incident and Business Continuity Report' Targeting 675 Japanese Companies
Tanium G.K. announced a 'Cyber Incident and Business Continuity Report' conducted for 675 domestic Japanese companies. The report highlights that many companies have insufficient cyber risk responses, revealing challenges in the perception gap between management and on-site teams, IT asset management, and awareness of security investment. This survey quantitatively grasps the current state and challenges of Japanese companies' business continuity systems against modern, diversifying, and intensifying cyber threats.
📋 Article Processing Timeline
- 📰 Published: April 28, 2026 at 21:00
- 🔍 Collected: April 28, 2026 at 12:31
- 🤖 AI Analyzed: April 28, 2026 at 12:47 (16 min after Collected)
Tanium G.K. (Japan headquarters: Chiyoda-ku, Tokyo; Representative Executive President: Hidenori Harada; hereinafter Tanium), a leader in AI-driven autonomous IT, has announced the 'Report on the State of Cyber Incidents and Business Continuity in Japan,' based on a survey of 675 domestic companies.
The full text of the 'Report on the State of Cyber Incidents and Business Continuity in Japan' can be found here:
https://explore.tanium.com/archive-japan-resource-center/col/2867cf5b-67e2-4d31-92ab-5096d09190cc/AR-State-of-Cyber-Incidents-and-Business-Continuity-Japan
In the modern digital economy, the security environment surrounding cyberspace is facing an unprecedented juncture where geopolitical tensions and technological evolution intersect. According to the 'Trends in Cyber Threats in Reiwa 7' (Note*) published by the National Police Agency, cyberattacks have an asymmetrical structure where attackers are often at an advantage due to high anonymity. Cyber threats are diversifying and becoming more severe, including state-sponsored attacks, ransomware exploiting generative AI, and financial crimes by anonymous and fluid criminal groups.
(Note*): https://www.npa.go.jp/bureau/cyber/pdf/R07_cyber_jousei.pdf
Historically, many companies have prepared BCPs (Business Continuity Plans) on the premise of natural disasters and pandemics. However, as cyber threats diversify and intensify, the question is now being re-examined whether conventional BCPs can maintain sufficient effectiveness against cyber incidents that change by the minute and second.
Under this awareness, this survey was conducted with the aim of quantitatively grasping to what extent domestic companies are currently prepared to respond to cyber incidents in terms of business continuity, and to clarify common structural issues across industries such as manufacturing, finance, distribution/retail/trading companies, civil servants/public services, and construction, as well as risks and response statuses specific to each industry.
■ Survey Results Summary
Only 20% of companies agree on recovery targets between management and on-site teams
Only 20.4% of companies responded that management and on-site teams 'have discussed and aligned' on the Recovery Time Objective (RTO), which is the maximum allowable downtime for business operations.
Only 19.1% of companies grasp 100% of IT assets and monitor them in real-time, with 72.3% concerned about shadow IT.
Only 19.1% of companies fully grasp network-connected devices and monitor their vulnerabilities in real-time. This means that approximately 80% of companies have 'invisible assets' or 'monitoring blind spots.'
Furthermore, 72.3% of companies expressed some concern about unmanaged assets (shadow IT) that they do not fully grasp.
Only 27.3% of companies can centrally manage security operations
Only 27.3% of companies integrate and centrally manage multiple security functions and grasp the situation in a unified manner, indicating that tool dispersion and siloization remain challenges. Only 19.7% of companies fully automate incident response.
Less than 40% of companies view security investment as 'management investment'
Only 36.9% of companies viewed security investment as a 'KPI-driven investment,' while 44.7% perceived it as a 'cost.' This highlights the reality that cybersecurity measures are still not positioned as a management investment for business continuity and strengthening competitiveness.
Manufacturing industry leads in IT asset visualization and investment awareness, finance industry shows high standards in training and initial response, distribution industry shows significant disparity in countermeasures
Looking at industry sectors, the manufacturing industry leads in IT asset visualization and investment awareness, but shows high concerns about OT environments and shadow IT originating from supply chains. The finance industry demonstrates high standards in execution, such as training implementation rates and initial flow preparation rates, suggesting maturity backed by regulatory compliance.
On the other hand, in distribution/retail/trading companies, there was a significant difference between companies that view security as an investment and those that view it as a cost, revealing a prominent 'polarization' in the level of countermeasures. In the public and government sectors, room for improvement in decision-making and management reporting systems has been highlighted.
■ General Conclusion
This survey revealed the reality that many companies have a gap between conventional BCPs and modern cyber risks. Companies that have established recovery targets (RTO) involving management, rapid decision-making systems, and initial response training are limited. Furthermore, IT asset visibility and shadow IT control are insufficient, indicating that 'invisible assets' and 'monitoring blind spots' are prevalent.
The full text of the 'Report on the State of Cyber Incidents and Business Continuity in Japan' can be found here:
https://explore.tanium.com/archive-japan-resource-center/col/2867cf5b-67e2-4d31-92ab-5096d09190cc/AR-State-of-Cyber-Incidents-and-Business-Continuity-Japan
In the modern digital economy, the security environment surrounding cyberspace is facing an unprecedented juncture where geopolitical tensions and technological evolution intersect. According to the 'Trends in Cyber Threats in Reiwa 7' (Note*) published by the National Police Agency, cyberattacks have an asymmetrical structure where attackers are often at an advantage due to high anonymity. Cyber threats are diversifying and becoming more severe, including state-sponsored attacks, ransomware exploiting generative AI, and financial crimes by anonymous and fluid criminal groups.
(Note*): https://www.npa.go.jp/bureau/cyber/pdf/R07_cyber_jousei.pdf
Historically, many companies have prepared BCPs (Business Continuity Plans) on the premise of natural disasters and pandemics. However, as cyber threats diversify and intensify, the question is now being re-examined whether conventional BCPs can maintain sufficient effectiveness against cyber incidents that change by the minute and second.
Under this awareness, this survey was conducted with the aim of quantitatively grasping to what extent domestic companies are currently prepared to respond to cyber incidents in terms of business continuity, and to clarify common structural issues across industries such as manufacturing, finance, distribution/retail/trading companies, civil servants/public services, and construction, as well as risks and response statuses specific to each industry.
■ Survey Results Summary
Only 20% of companies agree on recovery targets between management and on-site teams
Only 20.4% of companies responded that management and on-site teams 'have discussed and aligned' on the Recovery Time Objective (RTO), which is the maximum allowable downtime for business operations.
Only 19.1% of companies grasp 100% of IT assets and monitor them in real-time, with 72.3% concerned about shadow IT.
Only 19.1% of companies fully grasp network-connected devices and monitor their vulnerabilities in real-time. This means that approximately 80% of companies have 'invisible assets' or 'monitoring blind spots.'
Furthermore, 72.3% of companies expressed some concern about unmanaged assets (shadow IT) that they do not fully grasp.
Only 27.3% of companies can centrally manage security operations
Only 27.3% of companies integrate and centrally manage multiple security functions and grasp the situation in a unified manner, indicating that tool dispersion and siloization remain challenges. Only 19.7% of companies fully automate incident response.
Less than 40% of companies view security investment as 'management investment'
Only 36.9% of companies viewed security investment as a 'KPI-driven investment,' while 44.7% perceived it as a 'cost.' This highlights the reality that cybersecurity measures are still not positioned as a management investment for business continuity and strengthening competitiveness.
Manufacturing industry leads in IT asset visualization and investment awareness, finance industry shows high standards in training and initial response, distribution industry shows significant disparity in countermeasures
Looking at industry sectors, the manufacturing industry leads in IT asset visualization and investment awareness, but shows high concerns about OT environments and shadow IT originating from supply chains. The finance industry demonstrates high standards in execution, such as training implementation rates and initial flow preparation rates, suggesting maturity backed by regulatory compliance.
On the other hand, in distribution/retail/trading companies, there was a significant difference between companies that view security as an investment and those that view it as a cost, revealing a prominent 'polarization' in the level of countermeasures. In the public and government sectors, room for improvement in decision-making and management reporting systems has been highlighted.
■ General Conclusion
This survey revealed the reality that many companies have a gap between conventional BCPs and modern cyber risks. Companies that have established recovery targets (RTO) involving management, rapid decision-making systems, and initial response training are limited. Furthermore, IT asset visibility and shadow IT control are insufficient, indicating that 'invisible assets' and 'monitoring blind spots' are prevalent.