South Korea FSC Chairman Lee Eok-won: CEOs Must Directly Oversee Cybersecurity in AI Era

Lee Eok-won, Chairman of South Korea's Financial Services Commission (FSC), emphasized on the 10th that financial institution CEOs and boards must directly oversee information security rather than delegating it solely to IT departments in the AI era. Speaking at the Information Protection Day event hosted by the Financial Security Institute, Lee stated that consistent security investment, adequate staffing, constant monitoring against hacking, and simulation training require CEO and board-level attention and active decision-making to drive substantive on-site changes. Lee diagnosed that financial institutions face digital threats of a different dimension as AI-powered cyber attacks have become more sophisticated and automated, urging urgent establishment of a financial security framework that the public can trust with confidence, drawing lessons from multiple information leaks and hacking incidents that occurred last year.

FSC Chairman Diagnoses AI-Powered Cyber Attack Evolution

Lee Eok-won diagnosed that the financial sector faces digital threats of a different dimension as recent AI-powered cyber attacks have become more sophisticated and automated. He emphasized that AI has evolved to the stage where it autonomously identifies security vulnerabilities, designs attack routes, and attempts execution. Lee stated that the existing approach of closing networks, restricting access, and responding after incidents cannot keep pace with the speed of AI attacks, announcing that the government will expedite the establishment of a system that defends against AI attacks using AI.

According to Lee's explanation, as attackers utilize AI to identify vulnerabilities and design attack routes, the financial sector must also transition to a system that uses AI to rapidly detect anomalies, confirm vulnerabilities, and respond immediately.

Government Advances AI-Based Defense System and Network Separation Relaxation

The government is implementing the emergency network separation relaxation measures for AI security testing that began in June without disruption. The FSC plans to flexibly improve the eligibility criteria and content to enable more financial institutions to participate. For financial institutions with sufficient AI and security capabilities, the government plans to promptly specify and announce a full network separation removal plan.

Lee explained that exemption measures and guidelines have been prepared to allow financial institutions to conduct AI security testing and security patches with confidence.

FSC Pursues Electronic Financial Transactions Act Amendment with Punitive Measures

Lee Eok-won announced plans to strengthen information security responsibilities alongside regulatory relaxation. He stated that the FSC will pursue National Assembly passage of the Electronic Financial Transactions Act amendment, which includes introduction of punitive fines and enforcement fines for hacking incidents, strengthening of Chief Information Security Officer (CISO) authority, and expanded consumer disclosure. Lee added that the government will prepare the Digital Finance Safety Act without disruption to prevent information security blind spots against increasingly sophisticated and intelligent hacking crimes.

The event was attended by approximately 170 representatives and officials from financial institutions, related organizations, and fintech companies.

FAQ

What did South Korea's FSC Chairman emphasize on the 10th regarding financial cybersecurity?

Lee Eok-won emphasized at the Information Protection Day event that financial institution CEOs and boards must directly oversee information security rather than delegating it solely to IT departments in the AI era, stating that CEO and board-level attention and active decision-making are key to driving substantive on-site changes in security operations.

What AI-based defense measures did the FSC announce?

The FSC announced it will expedite establishment of a system that defends against AI attacks using AI, as the existing approach of closing networks and responding after incidents cannot keep pace with AI attack speeds. The government is implementing emergency network separation relaxation measures for AI security testing that began in June and plans to announce a full network separation removal plan for institutions with sufficient AI and security capabilities.

Disclaimer: The information on this page may come from third-party sources and is for reference only. It does not represent the views or opinions of Gate and does not constitute any financial, investment, or legal advice. Virtual asset trading involves high risk. Please do not rely solely on the information on this page when making decisions. For details, see the Disclaimer.
Comment
0/400
No comments