Expansion of Remote Work... Companies Allocating Budgets for Information Security

Published 16 Mar.2021 12:00(KST)

Updated 16 Jan.2025 16:09(KST)

open/close

Ministry of Science and ICT Announces Results of '2020 Information Security Status Survey'
Information Security Budget Establishment Rate 61.8%... Up 29.5%p from Previous Year

Expansion of Remote Work... Companies Allocating Budgets for Information Security

[Asia Economy Reporter Eunmo Koo] Last year, the number of domestic companies establishing information security budgets increased by nearly 30% compared to the previous year. This is interpreted as reflecting an improvement in companies' awareness of information security as non-face-to-face interactions become routine and digital transformation accelerates.

According to the "2020 Information Security Status Survey" conducted by the Ministry of Science and ICT and the Korea Information Security Industry Association on the 16th, the rate of domestic companies establishing information security budgets last year was 61.8%, an increase of 29.5 percentage points from 32.3% in 2019.

An official from the Ministry of Science and ICT explained, "Companies have significantly strengthened activities to prevent and respond to security incidents by establishing information security budgets and expanding the use of information security products and services. In particular, the number of companies responding that they allocate an information security budget, even if it is a small proportion of less than 1% of the IT budget, has greatly increased, and smaller companies showed a larger increase in the rate of establishing information security budgets compared to the previous year."

The main budget expenditure areas were surveyed in the order of information security system maintenance (72.3%), purchase of information security products (67.6%), purchase of information security services (33.3%), personnel expenses for information security staff (13.4%), and acquisition of certifications such as ISMS (1.8%).

Most companies were found to be using information security products or services to prevent and respond to security incidents. In particular, the utilization rate of information security services increased by 27 percentage points to 69.5% compared to the previous year. Among information security products, the information security product groups used were network security, system (endpoint) security, etc., in that order. Among physical security product groups, 'CCTV' and 'biometric authentication security' were used in that order. Information security services were used in the order of certification services, maintenance, training, security monitoring, and security consulting services.

The rate of companies experiencing security incidents decreased compared to 2019, and among the types of incidents experienced, ransomware and malware had a high proportion. Companies that experienced security incidents responded by establishing security incident response plans (15.8%), setting up emergency contact systems (14.7%), outsourcing to external specialized agencies (6.0%), and operating security incident response teams (CERT) (5.6%).

Seunghyun Son, Director of Information Security Network Policy at the Ministry of Science and ICT, stated, "The increase in the rate of companies establishing information security budgets is a positive development. In preparation for the digital economy era brought by non-face-to-face and digital transformation, the government will do its best to secure a digital safety net."

This survey was conducted through interviews with 9,000 businesses with at least one employee possessing a network and 4,500 internet users aged 12 to 69, and the survey results can be found on the Korea Information Security Industry Association website.