Líder 2 veces en el Cuadrante Mágico de Gartner® para SASE Plataforma. Descargue el informe

cerrar
lupa
¡Empezar!
lupa
chevron
Soporte Idioma
cerrar
Su red del mañana
Su red del mañana
Planifique su camino hacia una red más rápida, más segura y más resistente diseñada para las aplicaciones y los usuarios a los que da soporte.
chevron Obtenga el whitepaper
Descubra Netskope
Ponte manos a la obra con la plataforma Netskope
Esta es su oportunidad de experimentar de primera mano la Netskope One plataforma de una sola nube. Regístrese para participar en laboratorios prácticos a su propio ritmo, únase a nosotros para una demostración mensual del producto en vivo, realice una prueba de manejo gratuita de Netskope Private Accesso únase a nosotros para talleres en vivo dirigidos por instructores.
chevron Descubra Netskope
Líder en SSE. Ahora es líder en SASE de un solo proveedor.
Netskope ha sido reconocido como Líder con mayor visión tanto en plataformas SSE como SASE
2X líder en el Cuadrante Mágico de Gartner® para SASE Plataforma
Una plataforma unificada creada para tu viaje
chevron Descargue el informe
Protección de la IA generativa para principiantes
Protección de la IA generativa para principiantes
Descubra cómo su organización puede equilibrar el potencial innovador de la IA generativa con sólidas prácticas de seguridad de Datos.
chevron Obtenga el eBook
Prevención de pérdida de datos (DLP) moderna para dummies eBook
Prevención moderna de pérdida de datos (DLP) para Dummies
Obtenga consejos y trucos para la transición a una DLP entregada en la nube.
chevron Obtenga el eBook
Libro SD-WAN moderno para principiantes de SASE
SD-WAN moderna para maniquíes SASE
Deje de ponerse al día con su arquitectura de red
chevron Obtenga el eBook
Entendiendo dónde está el riesgo
Advanced Analytics transforma la forma en que los equipos de operaciones de seguridad aplican los conocimientos basados en datos para implementar una mejor política. Con Advanced Analytics, puede identificar tendencias, concentrarse en las áreas de preocupación y usar los datos para tomar medidas.
chevron Vea la demo
2025-10-UZTNA-ebook
6 razones por las que Universal ZTNA es un escape inteligente del caos de VPN y NAC
Olvida la complejidad de las VPN y el NAC. Descubre cómo Universal ZTNA protege a cada usuario y a cada Dispositivo con un único marco coherente.
chevron Obtenga el eBook
Colgate-Palmolive Salvaguarda su "Propiedad Intelectual" con Protección de Datos Inteligente y Adaptable
Colgate-Palmolive Salvaguarda su "Propiedad Intelectual" con Protección de Datos Inteligente y Adaptable
chevron Leer el caso de éxito
Netskope GovCloud
Netskope logra la alta autorización FedRAMP
Elija Netskope GovCloud para acelerar la transformación de su agencia.
chevron Más información sobre Netskope GovCloud
Soporte técnico Netskope
Soporte técnico Netskope
Nuestros ingenieros de soporte cualificados ubicados en todo el mundo y con distintos ámbitos de conocimiento sobre seguridad en la nube, redes, virtualización, entrega de contenidos y desarrollo de software, garantizan una asistencia técnica de calidad en todo momento
chevron Soporte técnico
Vídeo de Netskope
Netskope Training
La formación de Netskope le ayudará a convertirse en un experto en seguridad en la nube. Estamos aquí para ayudarle a proteger su proceso de transformación digital y aprovechar al máximo sus aplicaciones cloud, web y privadas.
chevron Explora la formación de Netskope
""
Logre valor empresarial con Netskope One SSE
Netskope One Security Service Edge (SSE) permite a las empresas lograr un valor de negocio considerable mediante la consolidación de los servicios de seguridad críticos para el negocio dentro de la plataforma Netskope One
chevron Obtener el estudio
Hagamos grandes cosas juntos
""
La estrategia de venta centrada en el partner de Netskope permite a nuestros canales maximizar su expansión y rentabilidad y, al mismo tiempo, transformar la seguridad de su empresa.
chevron Partners de Netskope
Informe

Threat Labs Report: Japan 2026

This report analyzes the primary cybersecurity risk trends impacting organizations within the Japan region. It addresses the increasing adoption of generative AI (genAI) tools and their associated data security challenges. Furthermore, it highlights the growing number of data policy violations, where sensitive information is increasingly being leaked through unauthorized cloud services, personal applications, and genAI platforms.

Compartir vía Etiquetas
Informes de laboratorios de amenazas Protección contra Amenazas
Cambiar el idioma
DeutschEnglishEspañolFrançaisPortuguês日本語

Saltar a una sección

En este Informe Uso de GenAI
GenAI: Tendencias de adopción y uso GenAI: Uso de la aplicación y violación de la Política de Datos Las aplicaciones genAI más bloqueadas
Adopción de IA agencial
Aumento de Usar de las API de genAI fuera del navegador
Malware descargas
Distribución de Malware a través de aplicaciones en la nube
Uso de aplicaciones en la nube
Actividad de aplicaciones personales Violaciones de Datos Política en aplicaciones personales Infracciones de datos personales de la aplicación
Recomendaciones
Netskope Threat Labs Acerca de este Informe
10 minutos de lectura

enlace enlace

The 2026 Netskope Threat Labs Japan report details the increasing adoption of generative AI, trends in data policy violations, and malware distribution via cloud applications observed over the last year.

En este Informe enlace enlace

This report explores recent trends in the adoption and governance of generative AI applications, enterprise AI platforms, API usage, cloud app activity, and data policy violations across Japan. It highlights how organizations are balancing rapid innovation with the need for stronger data protection, compliance, and risk management controls.

Mitigating shadow AI risk: While genAI adoption continues to rise, organizations in Japan are working aggressively to curtail shadow AI risks by guiding their employees to organization-managed genAI apps, rising to 79% (up from 15% one year ago) of AI users now using managed genAI apps instead of personal ones, which fell sharply from 85% to 11% over the same time period. In both instances, Japan is well ahead of global averages.

A new top genAI application: Google Gemini has overtaken ChatGPT as the most popular genAI app in Japan. This is the first region in the world where Netskope Threat Labs has reported this, with more expected in 2026.

Data exposure risks: Users continue to expose sensitive data to third parties in violation of organization policies, with intellectual property accounting for 50% of data policy violations involving personal cloud apps and regulated data accounting for 48% of data policy violations involving genAI apps.

Uso de GenAI enlace enlace

GenAI: Tendencias de adopción y uso

GenAI adoption in Japan has steadily increased over the past year, with genAI usage now observed in 80% of organizations, up from 69% a year ago. This upward trend reflects growing maturity and confidence in genAI technologies across Japanese organizations, which are gradually closing the adoption gap with global counterparts.

Organizations using genAI apps in Japan

Organizations in Japan have aggressively mitigated the shadow AI risk associated with genAI adoption by aggressively driving their user base away from using personal instances, and toward company-managed tools. The following chart illustrates the radical change in behaviour that occurred over the past year as the use of personal genAI accounts dropped sharply, falling from 85% to just 11%, while the adoption of organization-managed genAI solutions surged from 15% to 79% over the same period. In both of these areas, Japan is doing much better than the other regions, where 62% of employees use organization-managed AI apps and 47% still use personal genAI apps. This dramatic change points to a strong move toward company-managed platforms that provide better data protection, governance, and compliance controls. As this transition accelerates, organizations in Japan are increasingly prioritizing enterprise-grade genAI solutions that enable innovation while reducing risk.

GenAI usage personal vs organization account breakdown in Japan

In Japan, the top genAI applications differ from global usage patterns. While ChatGPT is still the most popular genAI app globally. Google Gemini has become the most popular genAI app in Japan, where 60% of organizations are using it compared to 53% using ChatGPT. In fact, this is the first time that we are reporting the dethroning of ChatGPT as the most popular genAI app in any region. As usage of genAI apps managed by organizations continues to increase across the globe, we expect more regions to follow suit in 2026. Microsoft 365 Copilot is used by 31% of organizations, with Microsoft Copilot close behind at 30%. The remaining top applications include a mix of specialized and embedded AI tools tailored to local business and operational needs.

Most popular genAI apps based on the percentage of ogranizations using those apps in Japan

The chart below shows how usage of the top genAI applications in Japan has evolved over the past year, highlighting rapid shifts in the genAI landscape. Google Gemini surpassed ChatGPT in June 2025, marking a notable change in leadership among genAI tools that we expect to see occurring in other regions in 2026. ChatGPT usage declined over the year, while Gemini continued to gain momentum. Microsoft 365 Copilot also showed steady growth, driven by its integration into core productivity and enterprise workflows. In addition, Google NotebookLM emerged as a new entrant, with adoption beginning in April 2025 and reaching 16% by the end of the year, reflecting growing interest in specialized, knowledge-focused genAI tools.

Most popular apps by percentage of organizations in Japan

GenAI: Uso de la aplicación y violación de la Política de Datos

As genAI adoption continues to grow across Japan, concerns around data exposure are becoming increasingly important. Organizations are using genAI tools for tasks such as summarizing documents, generating reports, and supporting development workflows, all of which can involve sharing sensitive information and expanding the potential attack surface. As genAI becomes more embedded in daily operations, data protection has become a top priority, particularly as shadow AI remains a challenge.

Recent analysis of data policy violations in Japan shows that regulated data is the most frequently exposed category, accounting for 48% of incidents, followed by intellectual property at 38%. Source code represents 9% of exposures, while passwords and API keys account for 5%. On average, organizations in Japan experience more than 500 genAI-related data policy violations per month, underscoring the scale of the challenge. This shift highlights a higher risk around compliance-sensitive and proprietary information, reinforcing the need for robust DLP controls and secure, well-governed genAI deployments.

Type of data policy violations in Japan

Las aplicaciones genAI más bloqueadas

Organizations across Japan are taking a cautious approach to genAI adoption, with many choosing to block specific applications due to security, privacy, and compliance concerns. While policies vary by organization, certain tools are restricted far more often than others, highlighting where perceived risk is highest. In some cases, blocking entire categories of genAI apps may offer more consistent protection than managing individual tools.

DeepSeek is the most frequently blocked genAI application at 30%, followed by Tactiq at 27% and Grok at 25%. These blocking patterns suggest that organizations in Japan are not only responding to risks associated with individual applications, but also strengthening broader governance strategies to manage genAI usage within established security and compliance frameworks.

Most blocked AI apps by percentage of organizations enacting a blanket ban on the app in Japan

Adopción de IA agencial enlace enlace

Aumento de Usar de las API de genAI fuera del navegador

Even when genAI agents and applications are deployed on-premises in Japan, the underlying models are often hosted in the cloud through SaaS or enterprise genAI platforms. These agents and applications typically connect via dedicated API endpoints rather than browser-based interfaces. For example, browser interactions with OpenAI occur through chatgpt.com, while internal tools, workflows, and AI agents commonly access models programmatically through api.openai.com.

Despite Google Gemini surpassing ChatGPT in application usage, api.openai.com remains the most widely used genAI SaaS API in Japan, with 61% of all organizations connecting to it. This is followed by api.anthropic.com at 33% and api.deepinfra.com at 14%, underscoring the continued importance of API-based genAI integrations in enterprise systems and agent-driven workflows.

The Top 10 SaaS API domains by percentage of organizations in Japan

Malware descargas enlace enlace

Distribución de Malware a través de aplicaciones en la nube

Attackers frequently abuse trusted cloud platforms in Japan to distribute malware, taking advantage of the fact that users are more likely to open files hosted on familiar services. While these platforms work to remove malicious content, even short delays before detection can be enough for attacks to succeed and for infected files to spread internally.

In Japan, Box has emerged as one of the most commonly abused cloud platforms for malware distribution, impacting 10% of organizations, followed by GitHub at 7.6% and Microsoft OneDrive at 7.1%. These trends highlight how attackers adapt to regional cloud usage patterns and continue to leverage widely trusted services to deliver malicious payloads.

Top apps for malware downloads in Japan

Uso de aplicaciones en la nube enlace enlace

Actividad de aplicaciones personales

Across Japan, the widespread use of personal cloud and online applications in workplace environments continues to blur the boundaries between corporate and personal data management. Google Drive is the most commonly used personal app at 79%, followed closely by ChatGPT at 77% and Twitter/X at 76%. While much of this activity supports legitimate use cases such as collaboration, research, and productivity, it also introduces meaningful data security risks when sensitive information is involved. From personal genAI accounts to social and collaboration platforms, these applications remain key points of potential data exposure, particularly when used outside approved workflows or during employee transitions.

Top apps for upstream activities to personal apps in Japan

Violaciones de Datos Política en aplicaciones personales

Across Japan, many organizations actively use DLP controls to monitor and manage the movement of sensitive data into personal applications, aiming to reduce accidental exposure or misuse. Recent incident analyses show that intellectual property accounts for 50% of policy violations, followed by regulated data at 37%, passwords and API keys at 10%, and source code at 2%. On average, organizations experience around 17 data policy violation incidents per month involving personal applications, reinforcing the scale and persistence of the risk. These figures continue the same trend observed año pasado, highlighting the persistent challenge of protecting commercially sensitive information in unmanaged or personal apps. Strengthening DLP coverage, improving employee awareness, and enforcing clear data-handling policies remain essential for minimizing both insider and external risks.

Data policy violations for personal apps in Japan

Infracciones de datos personales de la aplicación

Organizations in Japan use a variety of tools to reduce the risk of data leaks through personal cloud and genAI applications. Measures include blocking uploads to personal apps, providing real-time guidance to employees to prevent sensitive information from reaching unmanaged services. Google Drive is the application that most frequently triggers such blocks, followed by Google Gmail at 19% and OneDrive at 18%. These efforts reflect ongoing attempts to limit unauthorized data movement and mitigate risks from personal accounts on unmanaged platforms.

Top apps for upstream blocks to personal apps in Japan

Recomendaciones enlace enlace

Con el creciente uso de las herramientas genAI, tanto administradas como personales, y el mal uso de las aplicaciones personales en la nube, es esencial fortalecer la visibilidad, refinar la política y priorizar las defensas proactivas para proteger a su organización en este panorama de amenazas que cambia rápidamente.

Based on the trends uncovered in this report, Netskope Threat Labs strongly encourages organizations across the Japan region to take a fresh look at their overall security posture:

  • Inspeccione todas las descargas HTTP y HTTPS, incluido todo el tráfico de Web y de la nube, para evitar que Malware se infiltre en su red. Los clientes de Netskope pueden configurar sus Netskope One Next Gen Secure Web Gateway con una protección contra amenazas Política que se aplica a descargas de todas las categorías y a todos los tipos de archivo.
  • Bloquear el acceso a aplicaciones que no sirvan a ningún propósito comercial legítimo o que representen un riesgo desproporcionado para la Organización. Un buen punto de partida es una Política para permitir aplicaciones de buena reputación que actualmente están en Usar mientras se bloquean todas las demás.
  • Uso DLP Política para detectar información potencialmente sensible, incluyendo código fuente, datos regulados, contraseñas y claves, propiedad intelectual y datos cifrados, que se envía a instancias de aplicaciones personales, aplicaciones genAI u otras ubicaciones no autorizadas.
  • Uso Remote Browser Isolation (RBI) tecnología para proporcionar protección adicional cuando sea necesario visitar sitios web que se agrupan en categorías que pueden presentar un mayor riesgo, como dominios recién observados y recién registrados.

Netskope Threat Labs

Con el personal más importante del sector, investigadores de amenazas en la nube y malware, Netskope Threat Labs descubre, analiza y diseña defensas contra las últimas amenazas en la nube que afectan a las empresas. Nuestros investigadores son ponentes y voluntarios habituales en las principales conferencias de seguridad, incluyendo DEF CON, Black Hat y RSA.

Acerca de este Informe

Netskope proporciona protección contra amenazas a millones de usuarios en todo el mundo. La información presentada en este Informe se basa en el uso anónimo de los Datos recopilados por el Plataforma Netskope One relating to a subset of Netskope customers in Japan with prior authorization.

Las estadísticas de este Informe se basan en el periodo comprendido entre el 1 de octubre de 2024 y el 31 de octubre de 2025. Las estadísticas reflejan tácticas de atacantes, comportamiento de los usuarios y la Organización Política.

Recursos relacionados

Resultados