Skip Navigation
Menu
Newsletters

Ministry of Science and ICT Announces a Private Sector Information Security Plan to Respond to AI-Based Cyber Threats

2026.06.01

On May 29, 2026, the Ministry of Science and ICT (“MSIT”) announced the “(Draft) Private Sector Information Security Promotion Plan to Respond to AI-Based Cyber Threats” (the “Plan”).
 
The Plan prepares for a future in which threat actors routinely use high-performance AI to discover vulnerabilities and exploit them in cyberattacks. In anticipation of this future, the Plan sets out emergency measures the private sector can use to respond to AI-based cyberattacks, as well as a mid/long-term plan to transition Korea’s overall information security framework into an AI-based system.

The Plan includes the following key features:

1. Establish a government-wide governance and cooperation framework, and establish an institution to respond to threats in the private sector;

2. Centralize the management of AI vulnerabilities and patches, and establish an emergency response system to quickly share and disseminate information to the private sector, the government, and the military;

3. Encourage major business entities (such as those managing critical infrastructure and core industries) to enhance their security postures, and assist the general public and small- and medium-sized enterprises to establish security fundamentals;

4. Set out mid/long-term plans to fundamentally transition Korea’s information security framework into an independent AI-based system.
 

Each point is elaborated in the article below:
 

1.

Establish a public-private joint response system to respond to disclosures of AI vulnerabilities

The Korean government is planning to establish an emergency system, centered around the Office of National Security (an agency under the president), to:
 

  • Quickly share and disseminate information related to AI vulnerabilities, security patches, and threat situations; and

  • Enable joint responses during actual or suspected cybersecurity incidents.


MSIT will oversee the private sector and operate a general situation room within MSIT. In addition, each government ministry (or ministries) will establish and operate a dedicated situation room for its respective sector, as follows: Financial Services Commission (Finance); Ministry of Health and Welfare (Health); Ministry of Climate, Energy and Environment (Energy); Ministry of Trade, Industry and Resources & Ministry of SMEs and Startups (Manufacturing); Ministry of Trade, Industry and Resources & Defense Acquisition Program Administration (National Defense); and Ministry of Education (Schools).
 

2.

Centralize the management of vulnerabilities and patches and prepare for emergency responses through the Vulnerability Management Center

The Korean government is planning to establish a “Vulnerability Management Center” as a part of the Korea Internet & Security Agency (“KISA”). The Vulnerability Management Center will centralize the management of vulnerabilities and patches, and provide technical support to relevant ministries and business entities.

Additionally, the Korean government will build an emergency response system around KISA’s National Vulnerability Database (KNVD). The emergency response system will:
 

  • Comprehensively collect and analyze vulnerabilities and patches through internal / external disclosures and reports, inter-agency sharing, and other means; and

  • Quickly share and recommend measures with:

- Chief Information Security Officers (CISOs) at approximately 28,000 business entities;

- Public-Private channels for cooperation, including the C-TAS(Cyber Threat Analysis & Sharing System) and ICT Information Sharing & Analysis Center (ISAC);

- Situation rooms at the relevant ministries; and

- The entirety of the government and the military.
 

3.

Enhance the security posture of major business entities; establish security fundamentals of small- and medium-sized enterprises

For about 1,200 major business entities that will be heavily impacted by AI security vulnerabilities, including:
 

  • Information and communications infrastructure with a high potential for widespread damage;

  • Large-scale business entities in each industry (including finance, healthcare, and energy), including those that are required to receive ISMS(Information Security Management System) certification;

  • Higher-tier general hospitals; and

  • Major private universities


Each business entity must enhance its security posture by independently managing assets, scanning for vulnerabilities, and deploying patches, under the supervision of the relevant ministry. The Korean government is planning to conduct compliance checks for each sector.

 To establish an asset management system, small- and medium-sized enterprises are to identify their own IT assets and assess their current security posture. The Korean government will distribute security investment guidelines, and web-based tools that recommend responsive measures. Additionally, to preemptively identify and mitigate open-source vulnerabilities that are easily exploited by AI, the Korean government will provide technical assistance for generating and analyzing the component specifications of software. In particular, the MSIT will foster a digital industrial ecosystem by utilizing high-performance AI models to scan for vulnerabilities in products (software) developed by small- and medium-sized enterprises.
 

4.

Establish an AI-based proactive response system to cybersecurity threats, and set a mid / long-term strategic direction for securing AI sovereignty

Establish an AI-based proactive response system to cybersecurity threats: In order to quickly respond to AI security threats, the Korean government will continuously monitor domains around the world (around 350 million per day), and quickly detect AI-based malicious activities (i.e. activities in preparation for cybersecurity attacks) and domains as they are created. Furthermore, if a potential or actual AI-service related incident occurs, the Korean government will immediately launch the ‘Security Incident Investigation Deliberation Committee’ to quickly investigate the incident and contain any damage.

Raise Public Awareness and Disseminate Response Guidelines: The Korean government will prepare and distribute response guidelines covering every step, from the discovery of a vulnerability to its patching. The guidelines will address manufacturers, corporations, institutions, and the general public, with content tailored to each type of entity. The government will also continue to raise awareness, for instance by holding a series of meetings with the CEOs of major industry sectors to encourage greater security investment.
 

In addition to the above, the Plan includes mid-term and long-term action items, including:
 

  • Securing access to OpenAI’s Government & Trust Agency Collaboration (GTAC) program;

  • Building a global AI security ecosystem through international cooperation;

  • From 2027, fundamentally transitioning Korea’s information security framework to an independent AI-based technology system; and

  • Launching a project to establish AI security sovereignty.

 
The Plan signals that the Korean government does not view AI-based cybersecurity threats as merely technical risks. Instead, it treats them as a structural risk capable of affecting all of Korea and its industries, and it intends to completely reshape the framework for public-private cooperation in response.

Business entities expected to be heavily impacted by AI-based cybersecurity threats may wish to review and strengthen their security processes and information systems in preparation for the rise of AI-based threats – especially in light of the government’s plan to conduct compliance checks on asset management and vulnerability scanning.
 

[Korean Version]

 

Share

Close

Professionals

CLose

Professionals

CLose