Why do states engage in cybersecurity capacity-building assistance? Evidence from Japan

Abstract

In 2009, Japan began to engage in cybersecurity capacity-building assistance in Southeast Asia. Based on existing literature, there are three plausible motives for Japan to have done so. The first was to strengthen its economic security, either by promoting its own cybersecurity firms or by reducing risks to its supply chain and the regional infrastructure upon which its firms relied. The second was to strengthen diplomatic and security ties with Southeast Asia in the face of a rising China. The third was to promote norms regarding the use of cyberspace in line with its newly-declared “values oriented diplomacy”. By examining both the nature of the assistance given in the first few years and government statements and documents surrounding the decision to provide assistance, this article finds that Japan engaged in cybersecurity capacity-building assistance with ASEAN member-states primarily to maintain a stable economic environment for its firms. This is evidence that, despite reforms made in Japan during the 2000s meant to encourage the use of foreign aid to pursue wider geopolitical goals, in some areas economic security continued to be a major driver of Japanese foreign aid. These findings also highlight that while cybersecurity capacity-building assistance is a form of security cooperation, it cannot be assumed that traditional security concerns are what is driving it.