This article studies the problem of Japan''s insufficient inputs in cybersecurity from the perspective of market and government failures . The slow growth of information and communications and the low proportion of IT investment resulted in the phenomenon of market failure during the development of Japanese cybersecurity. Since cybersecurity comes from major technological innovations, once innovative technologies are launched and easily imitated by other companies, which reduces R&D revenue and makes companies unwilling to provide necessary and sufficient cybersecurity supplies. Moreover, NTT highly monopolized the telecommunications market in the early days, which caused Japan’s telecommunications industry to lag behind the international trend and hindered the development of its cybersecurity. NTT''s long-term monopoly was the result of Japanese regulatory policies. Second, the article analyzes problems and challenges including the huge financial losses by cyber threats, the lack of a full-time information security chief and cybersecurity talents. Third, a case study of Mitsubishi Group under cyber-attacks indicates its fragile network protection. Finally, there is an explore of Japan’s cybersecurity countermeasures and actions. In order to strengthen the capabilities of cybersecurity protection, Japan in 2015 established its CSSHQ and NISC to attach importance to cross-domain and public-private cybersecurity cooperation. The nation has reinforced threat intelligence exchanges with other countries, formulated relevant international rules, and advanced bilateral or multilateral cybersecurity dialogues. Accordingly, Japan not only increases discourse power in the cyberspace but also actively practices cybersecurity diplomacy toward international collaboration and linkages.