Cyber Mission Asia

By participating in an official U.S. industry delegation, rather than traveling to Taiwan, South Korea, and Japan on their own, U.S. companies will enhance their ability to secure meetings in those markets and gain greater exposure to the region.

U.S. companies will partake in customized, one-on-one, business appointments with pre-screened potential buyers, agents, distributors, and/or joint venture partners through which they may export their products and services to the region. The Mission will provide opportunities for participants to have policy and regulatory framework discussions with officials from government and authorities in order to advance U.S. cybersecurity sector interests and it will provide participants with an opportunity to meet with officials from governments and authorities, and/or associations, to foster long-term partnerships, and to share best practices.

Mission Participants Will:

• Learn about regional priorities, policy and regulatory changes, projects, and business opportunities.
• Make industry and government/authority contacts.
• Have one-on-one business appointments with pre-screened potential buyers, agents, distributors, or joint venture partners.
• Participate in Networking Receptions.
• Solidify business strategies and advance specific project goals.

The mission is designed for U.S. firms and organizations who play a part in the industry, especially those with products in the following categories:

EXECUTIVE-LED CYBERSECURITY BUSINESS DEVELOPMENT MISSION TO

TAIWAN, SOUTH KOREA, AND JAPAN

Dates: September 18-26, 2023

Mission Description

The United States Department of Commerce (DOC), International Trade Administration (ITA), is organizing an Executive-led Cybersecurity Business Development Mission to Taiwan, South Korea, and Japan, September 18-26, 2023.

The purpose of the mission is to introduce U.S. firms to East Asia’s information and communication technology (ICT) security and critical infrastructure protection markets, and to assist them in finding business partners and export their products and services to the region. This trade mission will also promote the tenets and adoption of the U.S. National Institute of Standards and Technology (NIST) Cybersecurity Framework globally. The trade mission is intended to include representatives from U.S. companies and U.S. trade associations with members that provide cybersecurity and critical infrastructure protection products and services. The trade mission will visit Taiwan, South Korea, and Japan, where U.S. firms will have access to business development opportunities across East Asia. Participating firms will gain market insights, make industry contacts, solidify business strategies, and advance specific projects, with the goal of increasing U.S. exports of products and services to East Asia. The mission will include customized one-on-one business appointments with pre-screened potential buyers, agents, distributors, and joint venture partners; meetings with officials from government and authorities, as well as industry leaders; and networking events.

Commercial Setting 

Cybersecurity threats exploit the increased complexity and connectivity of critical infrastructure systems, placing a company or country’s security, economy, and public safety and health at risk. Similar to financial and reputational risks, cybersecurity risk affects a company’s bottom line. It can drive up costs and affect revenue. It can harm an organization’s ability to innovate and to gain and maintain customers.   With the ascending growth and sophistication of cyberattacks in recent years, strict compliance and unified security packages are in demand to protect the critical data, infrastructure, and safety of governments, military, public utilities, banking, financial services, ports, hospitals, and other businesses. The damaging effects of cyber threats and incidents can be felt on many levels from the business to the individual and can spill over across borders. Therefore, Taiwan, South Korea, and Japan are currently increasing resources at the public sector level, as well as at the private sector level, in order to deal with these complex cyber threats. These resources have been well utilized as is evident from the innovations and demand for cyber defense equipment and service technologies. Events in the region have also heightened the importance of improving cybersecurity protection. In 2022, malicious cyber activities disrupted Japanese government websites across various ministries, while Taiwan and South Korea continue their defense against cyberattacks.

The cybersecurity companies of the United States are the most cutting-edge cybersecurity providers in the world. Whether it is cybersecurity products, such as network-monitoring systems or firewalls, or cybersecurity services, such as security testing and audits or cyber risk consulting, the technology providers of the United States are the world’s leaders in enterprise and consumer cybersecurity solutions. This is why U.S. cybersecurity products and services are continually in high demand overseas and why the U.S. Department of Commerce is focused on promoting U.S. cybersecurity exports around the world. The Asia-Pacific market is one of the most lucrative for U.S. cybersecurity companies.

In 2014, recognizing that national and economic security depends on the reliable functioning of critical infrastructure, (NIST) released the Cybersecurity Framework, consisting of voluntary guidelines for organizations to manage cybersecurity risk.  NIST subsequently released an updated version in 2018 and is currently undertaking a second update. The Cybersecurity Framework, created through collaboration between industry and government, is widely adopted by organizations in the United States, as well as internationally, and is available in several languages including Spanish, Portuguese, Italian, Hebrew, Japanese, Arabic, and Bulgarian.

This trade mission will seek to also support the tenets and adoption of the NIST Cybersecurity Framework globally. While the Framework was created in the United States, it provides an important risk-based approach that has been adopted by industries across the globe and has influenced the way other governments have formulated their own approaches to cybersecurity risk management. Private sector stakeholders have made it clear that the global alignment of cybersecurity practices and standards is important to avoid confusion and duplication of effort. Countries and economies in Asia are currently considering approaches aligned with the Framework. NIST has had conversations with stakeholders in Taiwan, South Korea, and Japan regarding the Cybersecurity Framework and continues to engage with them on the update process for the Cybersecurity Framework version 2.0.  The potential adoption of the NIST Cybersecurity Framework by organizations in healthcare, finance, and other critical infrastructure sectors across Asia can facilitate alignment, adoption, and internationalization of a common risk-based approach to managing cybersecurity risk, which provides market access opportunities in the region to U.S. firms with cybersecurity expertise and solutions.

TAIWAN

Taiwan is a well-known ICT manufacturing hub due to its strong ICT industry base, robust semiconductor manufacturing clusters, and advanced manufacturing capacity. These advantages have enabled it to rapidly develop many companies that offer advanced ICT-related products and services in the sectors of electronics components, personal computers, optics, telecommunications, and ICT, but also increases vulnerability to cyberattacks. There have been several high-profile hacking cases in the past few years, as it is threatened by cyber-espionage from outside parties.  This provides business opportunities for developing advanced security protocols.

In 2022, the estimated size of the cybersecurity market in Taiwan was $2.8 billion, with healthcare, financial services, and the public sectors reporting the largest market shares. The growth rate for 2023 is projected to be between 12-18 percent, with U.S. solutions being a primary driver for growth.

Foreign companies have been accused of infiltrating security systems in Taiwan over the past decade.  Taiwan authorities further maintain that all departments face the risk of cyberattacks. To protect critical supply chains, Taiwan established its Ministry of Digital Affairs (MODA) in 2022, to oversee the development of digital infrastructure and cybersecurity in Taiwan. MODA is responsible for promoting Taiwan’s National Cyber Security Program and implementing the Cybersecurity Management Act to build a more resilient, secure, and smart Taiwan. In 2022, MODA secured US$47 million in funding to cover projects related to defensive planning and cybersecurity.

This funding creates excellent prospects for U.S. cybersecurity firms in Taiwan as the authorities see the United States as a strategic ally in the cybersecurity field. Taiwan has a thriving ICT market and is a major trading partner with the United States. Opportunities lie in the crisis management field, as the market size for information security in Taiwan has grown significantly over the past few years.

There are also opportunities for firms specializing in data leakage prevention, information security solutions, and vulnerability management software. Furthermore, U.S. companies specializing in IT service are in high demand. The Taiwan authorities have also recognized how computer software development and service industries are the most promising sectors of the Taiwanese economy.

The U.S. Commercial Service in Taiwan (CS Taiwan) recommends that U.S. technology firms seek qualified local partners with established track records for entering the cybersecurity market in Taiwan. CS Taiwan maintains a list of pre-screened distributors and joint venture partners for U.S. technology firms to work with to increase their export revenues in Taiwan. 

SOUTH KOREA

As the world becomes more interconnected, cyberattacks have become more serious and sophisticated. Due to the focus of global hacker groups and cyber terrorists, cyberattacks are better organized, more persistent, and executed on a larger scale. That focus broadened to include not just critical infrastructure, but also private sector assets. The borderless nature of the internet is contributing to the vulnerabilities of certain devices and data storage.

With South Korea’s introduction of a 5G network, high degree of network connectedness, high penetration of mobile devices, and significant intellectual property, the country has become a prime target for cyberattacks. According to the 2020 VMware-Deloitte’s Cyber Smart Index, South Korea is the second-most exposed country to cyberattacks in the APAC region.  Cyberattacks in South Korea continue to increase in both frequency and complexity. The latest attacks on South Korea include the use of advanced malwares, supply chain attacks, crypto jacking, and zero-day attacks. Not surprisingly, as the awareness of cyber vulnerabilities became apparent, the market demand for cybersecurity products and services in Korea continues to grow. According to a Korean government survey in 2022, for the past five years, the cybersecurity market grew at a compound annual growth rate of 12 percent, reaching $3.3 billion in 2020.

South Korea has deemed cybersecurity as a matter of national security. The frequency and gravity of recent cyberattacks prompted the South Korean government to re-evaluate its cybersecurity strategy. In 2019, led by the office of the President, the Korean government announced its first National Cybersecurity Strategy. This strategy includes strengthening international collaboration on cybersecurity and expanding investment in cybersecurity. In 2022, to accelerate the promotion of its cybersecurity industry, the Korean government established the “Strategic Plan to Foster Data Protection Industry”.

There is a growing number of domestic and U.S. companies providing cybersecurity services in Korea. There are 530 cybersecurity firms registered in Korea. While most of these firms have developed their own products, some are open to partnering with small and medium sized exporters from the United States. These Korean companies are interested in filling gaps in technology and product/service line-up, helping the company to meet a wide range of cybersecurity needs.

To enter the local public sector, foreign cybersecurity companies must understand local requirements. For example, foreign companies must obtain appropriate security certification before they can supply to public agencies. The Korean public and private sectors predict that the key sub-sectors for the domestic cybersecurity market in 2022 include solutions for ransomware, data security, operational technology, and AI for cybersecurity.

Due to its leads in high-speed internet use and advanced ICT infrastructure, South Korea is an ideal market for U.S. firms seeking to test cybersecurity solutions before deployment in other markets. While firms that produce sophisticated and cutting-edge products for critical infrastructure are more likely to succeed, there are also opportunities for firms that provide cybersecurity related consulting and training services. Overall, the Korean market favors the quality and reliability of U.S. products, and demand for American products is expected to continue.

To enter the cybersecurity market, the U.S. Commercial Service in Korea recommends that U.S. technology firms partner with pre-screened South Korean companies which maintain existing sales networks in both private/public sectors and are fully aware of local market characteristics and unique regulatory requirements.

JAPAN

With a GDP of $4.9 trillion, Japan ranks as the world’s third largest economy. The country is the fourth largest importer of U.S. goods and services, and bilateral U.S.-Japan trade totaled $280 billion in 2021. Japan is also the single largest source of foreign direct investment in the United States ($690 billion in 2021). The U.S.-Japan trade relationship is strong and is underpinned by shared democratic values, adherence to a rules-based trading system, and robust protections for intellectual property.

There are substantial export opportunities across the cybersecurity sector in Japan. A May 2022 IDC report valued Japan’s information security market (software and hardware) at $3.6 billion (up 16 percent from 2021). As with other countries, the pandemic affected the work environment in Japan and has led to increased cybersecurity risks (e.g., phishing, malware, credential theft); companies and governments are thus seeking to strengthen their network and endpoint security, identity verification systems, and cloud computing networks. This increased demand presents strong opportunities for U.S. suppliers.

Recent policy developments in Japan highlight the country’s focus on bolstering its cybersecurity defenses. These include the designation of 14 critical infrastructure sectors/industries (financial, information and communications, government and administrative, medical, water, electricity, gas, chemicals, credit, petroleum, logistics, aviation, airports, and railways) in the June 2022 Cybersecurity Policy for Critical Infrastructure Protection, published by the Cybersecurity Strategic Headquarters (a Cabinet-led group). In December 2022, Japan released its first National Security Strategy (NSS) in nearly ten years. The document specifically addresses the need to improve the country’s cybersecurity response capabilities. Notably, the NSS outlines the establishment of a mechanism to regularly assess information systems of government agencies, improve measures against cyber threats, and constantly monitor vulnerabilities, as well as the development and implementation of active cyber defense.

Japan’s economic strength, its renewed focus on cybersecurity, and current geopolitical dynamics in Asia and beyond make now an excellent time for U.S. companies to explore opportunities in this burgeoning market.

Other Products and Services   

The foregoing analysis of the cybersecurity opportunities in Taiwan, Korea, and Japan is not intended to be exhaustive, but illustrative of the many opportunities available to U.S. businesses. Applications from companies selling products or services within the scope of this mission, but not specifically identified, will be considered and evaluated by the U.S. Department of Commerce. Companies whose products or services do not fit the scope of the mission may contact their local U.S. Export Assistance Center (USEAC) to learn about other business development missions and services that may provide more targeted export opportunities. Companies may go to https://www.trade.gov/commercial-services-offices-us to obtain such information. This information also may be found on the website: https://www.trade.gov/

MISSION GOALS

The purpose of this trade mission is to introduce U.S. firms to the rapidly expanding market for cybersecurity products and services in East Asia and advance U.S. cybersecurity standards and policies. The mission will help participating firms and trade associations to gain market insights, make industry contacts, solidify business strategies, and advance specific projects, with the goal of increasing U.S. exports to Taiwan, South Korea, and Japan. By participating in an official U.S. industry delegation, rather than traveling to Taiwan, South Korea, and Japan on their own, U.S. companies will enhance their ability to secure meetings there and gain greater exposure to the region.

MISSION SCENARIO

The business development mission will include one-on-one business appointments with pre-screened potential buyers, agents, distributors, and joint venture partners; meetings with officials from national and regional governments and authorities, chambers of commerce, and business groups; and networking receptions for companies and trade associations representing companies interested in expansion into East Asian markets. Meetings will be offered with public officials that can address questions about policies, tariff rates, incentives, regulations, projects, etc.

Proposed Timetable:

*Note: The final schedule and potential site visits will depend on the availability of host government, authorities, and business officials; specific goals of mission participants; and ground transportation.

PARTICIPATION REQUIREMENTS

All parties interested in participating in the trade mission must complete and submit an application package for consideration by the DOC. All applicants will be evaluated on their ability to meet certain conditions and best satisfy the selection criteria as outlined below. A minimum of 15 and maximum of 20 firms and/or trade associations will be selected to participate in the mission from the applicant pool.

FEES AND EXPENSES

After a firm or trade association has been selected to participate on the mission, a payment to the Department of Commerce in the form of a participation fee is required. The participation fee for the Cybersecurity Business Development Mission to Taiwan, South Korea, and Japan will be $5,900 for small or medium-sized enterprises (SME) and $7,500 for large firms or trade associations. The fee for each additional firm representative (large firm or SME/trade organization) is $1,000.  Expenses for travel, lodging, meals, and incidentals will be the responsibility of each mission participant. Interpreter and driver services can be arranged for additional cost. Delegation members will be able to take advantage of U.S. Embassy or AIT rates for hotel rooms.

If and when an applicant is selected to participate on a particular mission, a payment to the Department of Commerce in the amount of the designated participation fee below is required. Upon notification of acceptance to participate, those selected have 5 business days to submit payment or the acceptance may be revoked. 

Participants selected for a trade mission will be expected to pay for the cost of personal expenses, including, but not limited to, international travel, lodging, meals, transportation, communication, and incidentals, unless otherwise noted. Participants will, however, be able to take advantage of U.S. Government or AIT rates for hotel rooms. In the event that a mission is cancelled, no personal expenses paid in anticipation of a mission will be reimbursed. However, participation fees for a cancelled mission will be reimbursed to the extent they have not already been expended in anticipation of the mission.

If a visa is required to travel on a particular mission, applying for and obtaining such a visa will be the responsibility of the mission participant. Government or relevant authorities’ fees and processing expenses to obtain such a visa are not included in the participation fee. However, the Department of Commerce will provide instructions to each participant on the procedures required to obtain business visas.

Trade Mission members participate in trade missions and undertake mission-related travel at their own risk. The nature of the security situation in a given foreign market at a given time cannot be guaranteed.  The U.S. Government does not make any representations or guarantees as to the safety or security of participants. The U.S. Department of State issues U.S. Government international travel alerts and warnings for U.S. citizens available at https://travel.state.gov/content/passports/en/alertswarnings.html.  Any question regarding insurance coverage must be resolved by the participant and its insurer of choice.

CONDITIONS FOR PARTICIPATION

Applicants must submit a completed and signed mission application and supplemental application materials, including adequate information on their products and/or services, primary market objectives, and goals for participation that are adequate to allow the Department of Commerce to evaluate their application. If the Department of Commerce receives an incomplete application, the Department may either: reject the application, request additional information/clarification, or take the lack of information into account when evaluating the application. If the requisite minimum number of participants is not selected for a particular mission by the recruitment deadline, the mission may be cancelled. 

Each applicant must also certify that the products and services it seeks to export through the mission are either produced in the United States, or, if not, are marketed under the name of a U.S. firm and have at least fifty-one percent U.S. content by value. In the case of a trade association or organization, the applicant must certify that, for each firm or service provider to be represented by the association/organization, the products and/or services the represented firm or service provider seeks to export are either produced in the United States or, if not, marketed under the name of a U.S. firm and have at least 51% U.S. content.

A trade association/organization applicant must certify to the above for all of the companies it seeks to represent on the mission.

In addition, each applicant must:

• Certify that the products and services that it wishes to market through the mission would be in compliance with U.S. export controls and regulations;
• Certify that it has identified any matter pending before any bureau or office in the Department of Commerce;
• Certify that it has identified any pending litigation (including any administrative proceedings) to which it is a party that involves the Department of Commerce; and
• Sign and submit an agreement that it and its affiliates (1) have not and will not engage in the bribery of foreign officials in connection with a company’s/participant’s involvement in this mission, and (2) maintain and enforce a policy that prohibits the bribery of foreign officials.

In the case of a trade association/organization, the applicant must certify that each firm or service provider to be represented by the association/organization can make the above certifications.

SELECTION CRITERIA

Targeted mission participants are U.S. firms, services providers, and trade associations/organizations providing or promoting U.S. products and services that have an interest in entering or expanding their business in the mission’s destination country. The following criteria will be evaluated in selecting participants:

• Suitability of the applicant’s (or in the case of a trade association/organization, represented firm’s or service provider’s) products or services to these markets;
• The applicant’s (or in the case of a trade association/organization, represented firm’s or service provider’s) potential for business in the markets, including likelihood of exports resulting from the mission; and
• Consistency of the applicant’s (or in the case of a trade association/organization, represented firm’s or service provider’s) goals and objectives with the stated scope of the mission.

Balance of company size and location may also be considered during the review process.

Referrals from a political party or partisan political group or any information, including on the application, containing references to political contributions or other partisan political activities will be excluded from the application and will not be considered during the selection process. The sender will be notified of these exclusions.

TIMELINE FOR RECRUITMENT AND APPLICATIONS

Mission recruitment will be conducted in an open and public manner, including publication in the Federal Register, posting on the Commerce Department trade mission calendar and other Internet web sites, press releases to general and trade media, direct mail, notices by industry trade associations and other multiplier groups, and publicity at industry meetings, symposia, conferences, and trade shows. Recruitment for the mission will begin immediately and conclude no later than June 23, 2023. The U.S. Department of Commerce will review applications and inform applicants of selection decisions on a rolling basis. Applications received after June 23, 2023, will be considered only if space and scheduling constraints permit.

Contacts

Pompeya Lambrecht, Recruitment Lead

International Trade Specialist

U.S. Department of Commerce

Northern VA, VA

Phone: 703.235.0102

Cell: 703.835.3753

Pompeya.Lambrecht@trade.gov 

Gemal Brangman, Project Lead

Project Officer

U.S. Department of Commerce

Washington, DC

Tel: 202-482-3773

Gemal.Brangman@trade.gov

Ross R. Belliveau

Commercial Attache

U.S. Embassy – Tokyo

U.S. Department of Commerce

Ross.Belliveau@trade.gov

Michael Kim

Commercial Attache

U.S. Embassy – Seoul

U.S. Department of Commerce

Michael.Kim@trade.gov

Clint Brewer

Commercial Attache

American Institute in Taiwan

US Department of Commerce

Clint.Brewer@trade.gov