The Japanese government will establish general rules to avoid security risks for critical infrastructure in 14 industries, including private sector-operated communications and electricity. The law clearly stipulates that "national security risks are to be considered" in the procurement of IT equipment and the use of cloud services.
In the case of the U.S. pipeline cyber attack, system vulnerabilities posed a threat to national security. The Japanese government intends to intensify its response to the growing trend of controlling infrastructure through IT and increasing economic losses in the event of an attack.
Once the relevant regulations are in place, the Japanese government can revoke the license to operate the infrastructure or shut down the business if it believes there is a security risk. (Nikkei)