Main article:
Tokyo – Jun 2, 2026 – CYFIRMA (Headquarters: Chiyoda-ku, Tokyo; hereafter CYFIRMA), a provider of an external threat landscape management platform, today announced that The Kansai Electric Power Company, Incorporated (Headquarters: 3-6-16 Nakanoshima, Kita-ku, Osaka, hereafter referred to as Kansai Electric Power) announces that it adopted the platform “DeCYFIR,” which comprehensively visualizes cyber threats and risks. This platform visualizes external cyber threat landscapes and is used to strengthen organizational cybersecurity by preparing for potential attacks and cyber risks.
Challenges Before Implementation
At Kansai Electric Power, the problem was that they could not visualize how their company appeared to external threat actors. They regularly conduct vulnerability assessments and collect information in-house, but it was necessary to understand how servers and network devices accessible from the internet were actually publicly disclosed, and what vulnerabilities or configuration deficiencies are present. Furthermore, it was necessary to collect and analyze threat intelligence to determine whether these assets could actually become targets for attackers.
Additionally, Kansai Electric Power has maintained a reactive approach, responding to security only after detecting something. While recognizing the critical importance of identifying uncertain threats early and considering the need for response, they also needed information for proactive threat response, such as what kinds of threats are emerging globally, what trends they tend to have, and how they might be accessed.
The Good Points of CYFIRMA, and the Changes and Benefits Felt After Implementation
Kansai Electric Power has experienced three major benefits from the introduction of DeCYFIR.
The first was that it was possible to visualize the “threat actors’ perspective of the organization,” which was previously unclear.
At Kansai Electric Power, they truly feel this was the biggest change. Traditional baseline assessments allowed for identifying weaknesses within an organization, but it was difficult to determine whether those vulnerabilities or threats could actually lead to attacks.
After implementing CYFIRMA’s DeCYFIR, they conducted dark web monitoring and ASM to identify where assets attackers could target and how imminent the threat is. They were able to visualize it. Before implementation, they spent time conducting initial research to determine whether new threats could be exploited in their environment. By monitoring the dark web, they can detect and grasp signs and interactions of attackers targeting Kansai Electric Power, enabling them to know that threats are approaching just around the corner. Additionally, regarding ASM, they have been able to check not only software vulnerabilities but also the status of port openings. Since implementing DeCYFIR, they have been able to proactively monitor our own assets, determine whether attackers are vulnerable or potentially targeted, and respond based on priorities.
Additionally, Kansai Electric Power enables identification of assets found on Attack Surfaces down to the relevant departments. On top of that, it compiles external visibility, issues and vulnerability information, enabling relevant departments to verify and assess the assets they hold. Since DeCYFIR contains information to determine response priorities, they believe it can operate while minimizing the burden on the relevant departments.
The second point is that they have become able to respond proactively to threats.
Before implementation, reactive responses were mainly based on detection by security products and system anomalies, but even before Kansai Electric Power was affected, it became possible to actively recognize which threats and attackers are in the public eye, as well as what attack methods and malware are used, and to consider countermeasures based on these factors.
At Kansai Electric Power, based on IoC (Indicator of Compromise) information such as IP addresses and malware hashes about threat actors analyzed by DeCYFIR, it is registered as blocking and detection information in various security products. Thanks to these efforts, they feel we are becoming able to respond proactively to threats.
Furthermore, they are utilizing the recently released generative AI feature “Ask DeCYFIR.” This feature allows Kansai Electric Power to directly query intelligences they want in Japanese and extract intelligence of the appropriate granularity at the necessary time. For example, “Are there any cases of cyberthreats, cyberattacks, or incidents related to power companies that have occurred within the past month?” From gathering such intelligences, they evaluate the ability to quickly grasp new threats and countermeasures, including CYFIRMA’s proprietary knowledge.
The third point is the thorough support provided by our Japanese customer success team.
Kansai Electric Power evaluates that the monthly regular meetings with CYFIRMA always provide suggestions for countermeasures based on the latest cyber threat landscape and observations from their own organizations.
The security field involves many global products and vendors, so when making inquiries, additional investigations of analysis results, or suggestions for improvement, it may be necessary to verify through agencies or specialized global teams. As a result, users tend to have to spend more time checking and responding to these issues. However, in the case of CYFIRMA, Kansai Electric Power feels that inquiries to the customer success team enable quick resolution of questions. Through such prompt inquiries and regular meetings, they feel that Kansai Electric Power has improved its own security level and awareness.
Furthermore, the implementation of AI capabilities (Ask DeCYFIR) has enabled the use of threat intelligence even more quickly and accurately.
In addition to DeCYFIR’s diverse features, Kansai Electric Power is satisfied with the comprehensive customer success services mentioned above, which deliver excellent cost performance.
Customer Feedback Mr. Akio Ueda, Head of IT Strategy Office, Kansai Electric Power.
As we promote DX at our company, the importance of cybersecurity is increasing. In addition to analyzing external cyberthreats, CYFIRMA provides analysis and provision services based on observational intelligence about our own organization, along with customer support, enabling effective countermeasures against increasingly advanced and sophisticated cyberattacks, thereby contributing to the reduction of management risks.
Case Study Details
For details on case studies, please refer to the URL below.
関西電力 DeCYFIR導入事例: https://www.cyfirma.com/jp/news/usecase_kepco/
About CYFIRMA and DeCYFIR
CYFIRMA is a global leader in proactive external threat landscape management, enabling the prediction and prevention of cyberattacks through its AI-powered intelligence platform DeCYFIR. By integrating nine external threat management pillars—including attack surface visualization, vulnerability intelligence, brand and digital risk management, third-party risk management, cyber situational awareness, predictive threat intelligence, threat-adaptive training, and industry-specific optimized deception intelligence—cybersecurity is leveraged to realize We support the transformation from reactive to predictive.
Our platform provides early warnings derived from hackers’ perspectives, personalized insights to customers, and actionable intelligence, supporting the reduction of cyber risk and costs through threat prioritization, context-based decision-making, enhanced threat visibility, and enhanced operational resilience.
CYFIRMA serves Fortune 500 companies and government agencies, is headquartered in Singapore, and has offices in Japan, APAC, the United States, and EMEA.
