On Current Cybersecurity Issues In Korea
7월 15, 2013

Cybersecurity is one of the 'hot issues' and arguably one of the top priorities for the Korean financial industry.

SMEs

According to Judd Gregg, the CEO of the Securities Industry and Financial Markets Association, the global trend for the past few years was the "increasing number of cyberattacks on smaller financial institutions and businesses [that do not have the defence resources of larger companies]".

Larger Companies

Hackers are adapting and are becoming more dangerous than ever, and they are using individuals and institutions as gateways to infiltrate larger banking organizations. Hackers are also using individuals and smaller institutions as a gateway to infiltrate larger banking organizations. The Korean government should take comprehensive measures in order to provide the public and private financial sector with the tools to defend themselves.

Efforts In Korea

Cybersecurity is becoming a vital issue not only in Korea but across the Asian region - malicious attacks can and will result in capital markets disruptions and will also weaken the confidence of investors in the Korean financial system.

So, Korea is making significant efforts to develop infrastructures and develop processes that will protect companies and individual clients.

A Global Issue

Malicious attacks threatens the integrity of the Korean capital markets, and this is not only a 'Korean' issue. Not only is this an issue only for giant financial institutions.

Solution

What is the U.S. doing about cybersecurity? Here are a couple of solutions:

1. Gregg's trade group, the Securities Industry and Financial Markets Association, have organized an industrywide exercise called “Quantum Dawn 2” that will be launched in July 18, which will simulate a cyberattack on the U.S. financial system.

"It will force [more than 50 companies and exchanges] to test their response plans in order to maintain effective and orderly markets and protect client data," Gregg wrote in an article. The simulation also involves the U.S. Treasury Department, the Securities and Exchange Commission and the Department of Homeland Security.

2. There must also be a strong partnership between the government and private sector businesses as industry efforts alone are not sufficient. Barack Obama issued an executive order on the 12th of February so that they will cooperate.

3. Timely and actionable information about the diverse and evolving threats from the Korean government is necessaary. The Korean government may have the resources to gather, process and disseminate intelligence on cyberthreats, but the information cannot be shared with the private sector until a cyberattack has occured. The financial industry needs access about the threats before an attack is made.

This works both ways. If a financial company is the target of an attack or has the information that an attack will be made, it needs to be shared with government agencies and other companies that could potentially be affected. There needs to be greater encouragement to do so because private companies are understandably cautious about sharing the knowledge.

In Korea, there are no liability protections for companies that share pertinent data. U.S. Treasury Secretary Jacob Lew recently noted that the U.S. needs to urge the Congress to pass legislation that encourages and simplifies the flow of information between the government and the private sector.

Info-sharing and building partnerships are the best ways to keep clients and companies protected. In June 2013, Microsoft Corp. and the U.S. Federal Bureau of Investigation successfully coordinated the global takedown of a ring that raided bank accounts around the world and netted more than half a billion dollars.

4. Common-sense legislation would promote information-sharing, update the criminal penalties associated with cyber-attacks, and provide protections for companies that share information and respond to malicious activity. Of course, legislation must also ensure the privacy of information that flows between companies and the government.

Criticisms

Critics say that the practice raises too many privacy concerns, because of the reality about attackers is that they have no respect for privacy. They will try to access and exploit client information by any means.

However, that criticism can be considered as unfounded because the financial industry and the Korean government (should) take client privacy very seriously. Information should be shared when "absolutely necessary" and the data should be kept anonymous.

Conclusion

The government, the private sector and all Americans must remain vigilant in the face of cyber-attacks. The time is right for Congress to pass legislation that will ensure the resiliency of the economy as we navigate this new frontier of criminal activity.

익명 댓글

avatar