일본의 사이버보안과 능동적 사이버방어 법제에 관한 검토

Abstract Japan has reduced the importance of cybersecurity through a series of serious cyber infringement accidents since the 2010s and established the foundation for the national cybersecurity system through the enactment of the Framework Act on Cybersecurity (サイバーセキュリティ) in November 2014. As a control tower with legal authority was established, cybersecurity functions were integrated, and systematic policy promotion was possible under a consistent national strategy. A public-private information sharing and cooperation system was established, and it served as an opportunity to ensure the effectiveness of the cybersecurity policy implementation based on the legal and financial stability of cybersecurity. Since then, Japan has moved away from the existing "passive defense" paradigm in 2025 and passed the Active Cyber Defense Law (ACD Law), which focuses on "active and offensive response," signaling a change in the national cyber security strategy. The ACD Law gives the government legal authority to directly detect threats in advance and take preemptive measures to neutralize them when signs of attack are clear. The ACD Law can be specifically divided into two areas: the Act on Strengthening Cyber Response(「重要電子計算機に対する不正な行為による被害の防止に関する法律の施行に伴う関係法律の整備等に関する法律」) and the Act on the Execution of Duties by Police Officers and the Act on the Self-Defense Forces. The main content of the ACD Law is, first of all, strengthening public-private solidarity to counter cyber threats. In order to effectively respond to cyberattacks, cooperation between the government, the private sector, and major infrastructure providers was legally enforced to remove the obligation to report and report cyber information, and to publicize or notify it. In addition, a council was organized to share sensitive threat information and to prepare countermeasures, and a method to respond to the vulnerability of cyber threats was prepared. Next, regarding the use of communication information, the government allows the private communication service providers to acquire and use communication information managed to detect signs of cyberattacks. Furthermore, the government allows the selection and collection of mechanical information suspected of being related to the attack in an automated way without consent in urgent cases, such as when a serious threat to national security is expected. In order to secure the appropriate use of such communication information, the Cyber Communication Information Supervision Committee is established under the jurisdiction of the Prime Minister. In addition, the government has established a legal basis for implementing harmless measures to remove threats by directly accessing the detected attack server by reorganizing related laws. Korea needs to first enact the Framework Act on National Cyber Security by referring to Japan's experience. Through this, a distributed response system must be integrated and a legal basis for the control tower must be established. In addition, based on social consensus, the concept and scope of active defense should be established, and a Korean-style active defense model with strict control devices should be established step by step.