Experts call for 10% of Korea’s AI investment to go to cybersecurity

(Kim Ho-young)

The recent large-scale cyberattacks on SK telecom and YES24 have laid bare the fragility of South Korea’s cybersecurity infrastructure. Experts say these incidents reflect deeper issues beyond technical failures, exposing a lack of preparedness and coordinated response at the national level.

To address these concerns, Maeil Business Newspaper recently held a roundtable with leading experts including Cho Young-chul, president of the Korea Information Security Industry Association (KISIA); Kim Chang-oh, project manager at the Institute of Information & Communications Technology Planning & Evaluation (IITP); HancomWITH CTO Kim Dong-jo; Lee Won-tae, specially appointed professor at Kookmin University and former head of KISA; and Kim Jeong-nyeo, head of cybersecurity research at ETRI.

According to Cho, recent attacks fall into two broad categories: targeted, organized campaigns like the one suspected against SK telecom, and indiscriminate ransomware incidents such as the one that hit YES24. He warned that the involvement of a hostile state actor could not be ruled out in some cases.

Kim Jeong-nyeo emphasized that cybercrime has become increasingly industrialized and global in scale. “What used to be isolated hacker groups has evolved into cross-border criminal syndicates,” she said. “Meanwhile, cybersecurity continues to fall down the list of corporate priorities.”

From a national strategy perspective, Kim Chang-oh highlighted the growing role of artificial intelligence in both attacks and defense. “AI is becoming a game-changer. Without AI-based detection and response, effective defense is nearly impossible,” he said. “If we do not pivot now, Korea risks falling behind in global competitiveness.”

Cho urged the government to commit at least 10 percent of its 100 trillion won ($72.9 billion) AI investment initiative to cybersecurity. “There is no such thing as an AI powerhouse without strong cybersecurity,” he said, adding that the United States and other leading nations are investing heavily in the sector. He also called for raising Korea’s security spending from 6 percent of total IT budgets to at least 10 percent, which would be on par with global standards.

Kim Jeong-nyeo also stressed that building a sovereign AI infrastructure - where countries develop and operate AI systems independently - will require robust security from the ground up. “In the AI era, the real competitive edge lies in who can create a trustworthy AI environment first,” she said.

Looking abroad, Lee Won-tae pointed to a 2021 U.S. law that grants tax credits for power grid projects that incorporate advanced cybersecurity measures. “The law acknowledges that no system is perfectly secure but incentivizes companies to make maximum efforts,” he explained.

For his part, Kim Dong-jo highlighted the absence of a unified cybersecurity command in Korea. “Countries such as Israel and the United States have central agencies like INCD and CISA,” he said. “In contrast, Korea’s functions are fragmented across multiple bodies - making coordinated response difficult.”