1. Global Newsroom
  2. Fujitsu and PwC Japan partner on economic security measures for sovereign cloud solution

PRESS RELEASE

Fujitsu and PwC Japan partner on economic security measures for sovereign cloud solution

Fujitsu Limited
PwC Japan Group

Kawasaki and Tokyo, Japan, October 29, 2025

Fujitsu Limited and PwC Japan Group (hereinafter PwC Japan) today announced a collaboration to enhance the reliability and accelerate market penetration of the Fujitsu Cloud Service powered by Oracle Alloy [1]. This partnership will focus on supporting compliance with the System for Ensuring Stable Provision of Critical Infrastructure Services under Japan's Economic Security Promotion Act [2].

Through this collaboration, Fujitsu and PwC Japan aim to develop a reference guide clarifying Fujitsu's sovereign cloud service's compliance status with the System for Ensuring Stable Provision of Critical Infrastructure Services [3]. The guide, set to be published in December 2025, will provide a practical framework for specified critical infrastructure operators in Japan to formulate and implement mandatory risk management measures, thereby reducing the burden of compliance and promoting cloud adoption.

Based on Fujitsu's sovereign cloud service, Fujitsu and PwC Japan will provide support for the design and documentation of cloud user-side risk management measures, tailored to the specific risk characteristics and operational requirements of each specified critical infrastructure operator [4]. In addition, the two companies aim to expand their collaboration into areas such as supporting compliance with the security clearance system, assisting with CSPM/CNAPP application [5] for apps on Fujitsu's sovereign cloud service, and promoting the utilization of sovereign AI with data sovereignty and trustworthiness.

Kazushi Koga, Corporate Executive Officer, Fujitsu Limited, comments:

"The new guideline developed together with PwC Japan will clearly articulate the reliability of Fujitsu's sovereign cloud service and its alignment with Japan’s Economic Security Promotion Act. By offering practical guidance for meeting regulatory requirements, we aim to substantially reduce the compliance burden for our customers. Through Fujitsu's secure and dependable sovereign cloud service, we are committed to empowering our critical infrastructure partners to operate safely and sustainably."

Taiji Ayabe, Senior Officer, Partner, PricewaterhouseCoopers Japan LLC, comments:

"We are excited to contribute PwC Japan's expertise in cloud security, supply chain regulations, and digital governance to Fujitsu's sovereign cloud service. This collaboration creates an environment where Japan's critical infrastructure companies can efficiently navigate regulatory compliance, including the development and implementation of risk management measures, and utilize cloud services with greater confidence."

Akihiro Machida, Officer, Partner, Technology Alliance Lead, PwC Consulting LLC, comments:

"This sovereign cloud service, built upon Oracle's robust technology and enhanced by Fujitsu's extensive customer service experience, is a vital offering in today's geopolitical landscape. To effectively leverage the agility and advanced technologies like AI within systems handling critical data, ensuring digital sovereignty through sovereign cloud adoption is crucial. PwC Japan looks forward to collaborating with Fujitsu to support DX promotion and the co-creation of reliability in Japan."

Overview of the reference guide

The reference guide will systematically organize the compliance status of Fujitsu's sovereign cloud service with the System for Ensuring Stable Provision of Critical Infrastructure Services, covering all 27 requirements for constituent equipment and 14 requirements for outsourced critical maintenance and management services as stipulated by the risk management measures. Specifically, it will detail: 1) the shared responsibility model between cloud users and cloud providers, 2) measures taken to meet the requirements for sovereign cloud and verifiable evidence of management status, 3) guidelines for actions that users should implement, and 4) reference information for related services and functions.

The guide will visualize the reliability and suitability of Fujitsu's sovereign cloud service for the Economic Security Promotion Act, leveraging Fujitsu's pioneering framework and operational governance in Japan. Through this, both companies will present a practical framework that connects security acceptance testing, control information such as organizational structures and countermeasures, and the practical responses of users. This will significantly support specified critical infrastructure operators in simultaneously reducing the burden of compliance with the System for Ensuring Stable Provision of Critical Infrastructure Services and promoting cloud utilization.

Note

  • [1] Fujitsu Cloud Service powered by Oracle Alloy:

    Fujitsu's sovereign cloud service, provided from Fujitsu's domestic data centers, offering hyperscaler-equivalent functionality, data sovereignty, and operational sovereignty to support mission-critical systems.

  • [2] System for Ensuring Stable Provision of Critical Infrastructure Services under the Economic Security Promotion Act:

    A system requiring prior notification and implementation of risk management measures for the introduction of specified critical equipment and outsourcing of important maintenance and management in critical infrastructure sectors.

  • [3] System for Ensuring Stable Provision of Critical Infrastructure Services:

    With the enforcement of the System for Ensuring Stable Provision of Critical Infrastructure Services in Japan, critical infrastructure sectors (e.g., electricity, gas, water, transportation, telecommunications, finance) must now submit prior notifications and implement risk management measures for critical equipment and outsourced maintenance. However, navigating the complex shared responsibility models and supply chain controls inherent in cloud services, especially for multi-layered platforms like PaaS and container bases, presents significant challenges and burdens for users, requiring specialized knowledge and extensive time for comprehensive supply chain visibility.

  • [4] Specified critical infrastructure operators:

    Operators in sectors such as electricity, gas, water, transportation, telecommunications, and finance designated under the System for Ensuring Stable Provision of Critical Infrastructure Services.

  • [5] CSPM/CNAPP application support:

    Support for the application of comprehensive security functions, including security detection and auditing, for applications in cloud environments, from development to operation. CSPM stands for Cloud Security Posture Management, and CNAPP stands for Cloud Native Application Protection Platform.

About Fujitsu

Fujitsu’s purpose is to make the world more sustainable by building trust in society through innovation. As the digital transformation partner of choice for customers around the globe, our 113,000 employees work to resolve some of the greatest challenges facing humanity. Our range of services and solutions draw on five key technologies: AI, Computing, Networks, Data & Security, and Converging Technologies, which we bring together to deliver sustainability transformation. Fujitsu Limited (TSE:6702) reported consolidated revenues of 3.6 trillion yen (US$23 billion) for the fiscal year ended March 31, 2025 and remains the top digital services company in Japan by market share. 

Press Contacts

Fujitsu Limited

Public and Investor Relations Division

All company or product names mentioned herein are trademarks or registered trademarks of their respective owners. Information provided in this press release is accurate at time of publication and is subject to change without advance notice.

Date: 29 October, 2025
City: Kawasaki and Tokyo, Japan
Company: Fujitsu Limited, PwC Japan Group

page top