670 Billion Won Invested Over 3 Years... Establishing 'K-Cyber Defense' to Catch Malicious Hackers
Reducing Corporate Breach Incident Rate by 0.5%P
[Asia Economy Reporter Cha Min-young] The government is establishing a Korean-style cyber defense system that can protect the digital space, similar to the ‘K-Quarantine’ response to COVID-19. As ransomware attacks on small and medium-sized enterprises (SMEs) and mid-sized companies increase, the need for a national-level cybersecurity policy to protect them has grown. The government will also foster the information security industry and nurture experts in artificial intelligence (AI) and the Internet of Things (IoT).
The Ministry of Science and ICT announced on the 18th that it has established the ‘K-Cyber Defense Promotion Strategy’ as a comprehensive information security plan for the success of the Digital New Deal and the safe digital life of the public.
The Ministry plans to invest a total of 670 billion KRW by 2023 to implement the K-Cyber Defense Promotion Strategy. The goal is to reduce the incidence rate of corporate security breaches from the current 2% to below 1.5%, and to expand the information security market size from the current 11.9 trillion KRW to 16 trillion KRW. It also aims to raise global information security capabilities from 15th to 5th place.
Real-time Communication with Private Companies
The three main focus strategies are ▲ Establishing a digital safety national foundation ▲ Strengthening response to changes in security paradigms ▲ Expanding the foundation for fostering the information security industry. First, to build a digital safety national foundation, a ‘Cybersecurity Alliance’ will be established with 60 private companies including integrated data communication facilities (IDC), cloud service providers, and web hosting companies. Until now, cyber threat information was collected through reports, but it will now be collected in real time.
The collected information will be quickly disseminated to the private sector, and support will be provided for security companies to develop and distribute security patches. For approximately 20,000 websites and digital services frequently used by many citizens, security threats will be detected in advance and technical support will be provided in case of security incidents.
A ‘nationwide one-stop incident response system’ will also be established to support everything from incident cause analysis to recurrence prevention measures. A ‘5G-based cyber response network’ will be built to enable communication between affected companies and support agencies even remotely. Security consulting will be provided to companies aiming to build non-face-to-face and digital environments, and security facilities of more than 1,300 SMEs will be inspected annually.
To create a safe digital usage environment for citizens, security inspections will be expanded for 300 non-face-to-face solutions such as remote education and video conferencing, 10 unmanned services annually, and PC caretaker services. A ‘Cyber Alert’ system will also be introduced to notify users of threat information on their PCs or devices.
Strengthening Dedicated Incident Response Functions
Response to changes in the security paradigm will also be strengthened. For the four major digital convergence industries?smart factories, autonomous driving, digital healthcare, and smart cities?a systematic convergence security process will be established, from establishing security guidelines to living labs (demonstrations) → standard models → institutionalization (certification and evaluation), and dedicated incident response functions will be reinforced.
For the four core digital convergence infrastructures expected to surge in the future?edge computing (MEC), cloud services, data platforms, and quantum-resistant cryptography?security will be proactively secured.
Investment in the development (R&D) of core security technologies considering the characteristics of non-face-to-face and digital transformation, such as contactless and remote authentication, next-generation physical security, and intelligent cyberattack response, will be expanded to over 100 billion KRW by 2023. Together with the Personal Information Protection Commission, security technologies necessary for the storage, management, and distribution expansion of personal data will be developed.
To strengthen responses to the rapidly increasing ransomware threats, domestic and international ransomware information will be collected and ransomware prevention and response guidelines will be distributed to SMEs and mid-sized companies. The Information and Communications Network Act will also be amended to block phone numbers used for smishing, malicious app distribution, and call interception.
Discovering 100 Information Security Companies
The foundation for fostering the information security industry will also be expanded. An ‘intelligent physical security platform’ integrating and linking various physical security technologies such as intelligent CCTV, non-face-to-face authentication, and biometrics will be developed, applied, and demonstrated in smart buildings, smart factories, logistics centers, and unmanned stores, encouraging private sector diffusion.
To nurture leading digital security companies, more than 100 promising companies possessing AI and non-face-to-face security technologies will be discovered. Through branding K-Cyber Defense, a diverse information security export portfolio will be composed, and modular exports considering the characteristics and demands of countries and companies will be promoted.
Digital talent development will also be pursued. The number of specialized information security universities will increase from the current 4 to 8 by 2025, and the number of convergence security graduate schools will expand from 8 to 12 by 2025. More than 3,000 field-oriented information security professionals in digital convergence industries will be trained by 2023.
Hot Picks Today
"You Might Regret Not Buying Now"... Overseas Retail Investors Stirred by News of Record-Breaking Monster Stocks' IPOs
- "Not Jealous of Winning the Lottery"... Entire Village Stunned as 200 Million Won Jackpot of Wild Ginseng Cluster Discovered at Jirisan
- Mistaken for the Flu, Left Untreated... Death Toll Surges as WHO Declares Emergency (Comprehensive)
- "Concerns Over Expanded Travel Rule"... FIU Holds Closed Meeting with Virtual Asset Industry on Enforcement Decree of the Act on Specified Financial Transaction Information
- "How Did an Employee Who Loved Samsung End Up Like This?"... Past Video of Samsung Electronics Union Chairman Resurfaces
The mandatory ISMS certification standards will also be improved. Previously, sales in the information and communication service sector were divided into telecommunications service sales and general sales. A reporting reward system will be introduced to provide incentives for private sector participation.
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
