government too Strengthen financial Security Oversight Following Data Breach Concerns, KT & Lotte Card Lead Investment
SEOUL – South Korean financial authorities are intensifying scrutiny of consumer data protection measures following a surge in sophisticated cyberattacks, with major players like KT and Lotte Card committing critically important investment to bolster security infrastructure. The move comes amid growing concern that the pace of security upgrades isn’t keeping up with evolving hacking technologies, potentially leading to increased data breaches and consumer harm.
Vice Chairman of the Financial Services Commission, Kwon Dae-young, stated the government “will manage and supervise consumer protection, such as prevention of fraudulent use and recurring cards.” Financial regulators, through the Financial Supervisory service and the Financial Security Agency, are conducting thorough security checks, promising ”strict sanctions” for any serious illegal activity uncovered. The government is emphasizing a collaborative approach, urging companies, agencies, and the government to prioritize security as a shared obligation, focusing on systemic improvements and minimizing potential damage to the public.
The escalating threat landscape is driving ample investment. KT has pledged KRW 1 trillion (approximately $770 million USD) towards security enhancements, while SKT and LG Uplus are responding with KRW 700 billion (approximately $540 million USD) each. This surge in demand has together created a critical need for skilled information security personnel.
Experts attribute the increasing severity of data breaches to the adoption of new technologies like AI by malicious actors. “Automated hacking tools and malicious code production through AI lowered the barriers to entry [for attackers] and raised the size of the attack,” explained Yoon Joo-beom, a professor of information security at Sejong University. He further noted a disparity between advanced attack techniques and lagging security systems, exacerbated by companies frequently enough viewing security investments as a cost rather than a priority. Kwon Dae-young echoed this concern, acknowledging that “the rate of response to the financial sector is not following the evolution of the hacking technology.”
To address the growing risks, the government plans to implement a punitive penalty system holding organizations accountable for security incidents and will strengthen the authority of Chief information Security Officers (CISOs), alongside expanding security disclosure requirements.
