Professional Documents
Culture Documents
Republic of Korea
Republic of Korea
Republic of Korea
CYBERSECURITY POLICY
Strategy Documents
Devised in line with the National Security Strategy to integrate all capabilities against cyber threats
Vision: Create a free and safe cyberspace to support national security, promote economic prosperity, and contribute to international peace
Goals
Ensure stable operations of the state: Strengthen the security and resilience of the nation's core infrastructure to enable continuous
operation despite any cyber threats
Respond to cyber attacks: Strengthen security capabilities to deter cyber threats, detect and block them quickly, and respond to any
incident promptly
Build a strong cybersecurity foundation: Nurture a fair and autonomous ecosystem where cybersecurity technology, human resources,
and industries are competitive
Basic Principles
Balance individual rights with cybersecurity: Strike a balance between protecting cyberspace and safeguarding the fundamental rights of
the people, e.g. privacy
Conduct security activities based on the rule of law: Carry out the government's cybersecurity policies and activities in a transparent
manner and in compliance with the domestic and international laws
Build an system of participation and cooperation: Encourage individuals, businesses, and the government to participate in cybersecurity
activities, and pursue close cooperation with the international community
Source Source 2
03 April 2019
Source
2 August 2011
Source Source 2
2016
Implementation Frameworks
Stipulates the organizational structure and operation of national cyber safety and strengthens the cooperation between the agencies performing cyber
Republic of Korea Last Updated: April 2021
security work, thereby protecting the national information network from cyber attacks that threaten national security.
Source
2 September 2013
System that verifies the safety of information security systems used in government and public organizations in order to enhance the security level of the
national information communications network and respond to external cyber threats.
Source
1 October 2014
STRUCTURE
Areas of responsibility:
Source
20 February 2004
Key Positions
Head
National Cyber Security Center
Source
Main activities:
Source
July 2009
Cyber Bureau
National Police Agency
Includes Cyber Security Division, Cybercrime Investigation Division, and Digital Forensic Center
Minimize damages to people and companies by employing anticipative cyber crime prevention scheme
Improve expertise by continous research & gain control over cyber crime effectively
Source
1997 (as computer crime investigation team)
Source
1 February 2004
National responsibility to effectively prevent and respond to any internet incidents in the private sector based on 24/7 monitoring of cyber threats
such as DDoS attacks and distribution of malicious codes.
Three-part mission:
24/7 monitoring and early detection/response to cyber attacks in the private sector;
Cooperation with domestic entities such as ISPs and anti-virus companies, as well as with foreign partners including FIRST, APCERT,
Microsoft, Symantec, etc.; and
Guarantee of a rapid response to major nationwide Internet incidents in order to prevent and minimize damage.
Source
LEGAL FRAMEWORK
Republic of Korea Last Updated: April 2021
Legislation
Act on Promotion of Information and Communications Network Utilization and Information Protection
Directed to facilitating utilization of information and communications networks, protecting personal information of people using information and
communications services, and developing an environment in which people can utilize information and communications networks in a healthier
and safer way.
Source
22 March 2016 (amended)
Protecting privacy of individuals from the unauthorized collection, leak, abuse or misuse of personal information.
Source
29 March 2011
Aims to facilitate projects for materializing electronic government, improve the productivity, transparency, and democracy of administrative
agencies, and ultimately improve the quality of lives of citizens in the knowledge information age by providing for fundamental principles,
procedures, promotion methods, and other relevant matters for the electronic processing of administrative works.
Source
28 March 2001 (Act of); 22 May 2009 (Amended by Act No. 9705 of)
The Purpose of this Act is to operate critical information and communications infrastructure in a stable manner by formultaing and implementing measures
concerning the protection of sunch infrastructure, in preparation for intrusion by elctronic means, thereby contributing to the safety of the nation and the
stability of the life of people. In order to fulfill the purpose of the Act, it:
Establishes the Committee for Protection of Information and Communications Infrastructure to deliberate on matters concerning the protection of
critical information and communications infrastructure designated under Article 8 of the Act;
Provides a provision for designation of critical information and communications infrastructure and analysis of vulnerabilities thereof;
Provides a framework for response to intrusion incidents;
Mandates the Government to support the developmrent of technology necessary for protecting information and communications infrastructure in
collaboration with research institutes and private organizations;
Provides penalty provisions including imprisonment (in some cases) for any person in violation of Artiles 12, 27 and 11of the Act.
Source Source 2
21 February 2018
COOPERATION
UN Processes
Represented at the Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context
of International Security
Source
2004, 2009, 2014/2015, 2016/2017
Republic of Korea Last Updated: April 2021
Expressed views to the Annual Report of the UN Secretary-General on Developments in the Field of Information and Telecommunications
in the Context of International Security
Source
2014, 2015
Expressed Views at the Open-Ended Working Group on Developments in the Field of Information and Telecommunications in the Context
of International Security
Source Source 2
2019/2020
Agreement to continue dialogue on a regular basis, and on the necessity fo exploring further cooperative measures through the next dialogue;
In December 2019, the Ministers reaffirmed their joint commitment to support international efforts to ensure an open, free and secure
cyberspace, and to address common cyber threats. The ROK and Australia decided to continue to hold regular bilateral cyber policy dialogues.
Australian Federal Police and the Korean National Police Agency decided to continue to cooperate on investigations and knowledge-sharing
activities on cybercrime strategy and countermeasures.
Source
10 April 2014 (established); 13 October 2017; 10 December 2019
Review of the joint incident handling operations and prevention efforts concerning significant cross-border incidents relating to the three countries
Source
6-7 September 2017
Cyber-Secretariat, Foreign Ministers' Meeting of the Forum for East Asia-Latin America Cooperation (FEALAC)
Foreign Minister
In operation since 2011, host and operator
Source
31 August 2017
Cooperation framework in cyber security based on equality and mutual benefits, with a view to promoting cooperation in addressing threats
relevant to each country’s cyber space
Builds on 2012 memorandum of understanding
Source Source 2
31 July 2017
A global platform for countries, international organizations, and private companies to exchange best practices and expertise on cyber capacity
building.
Source Source 2
16 April 2015 (Member since)
Republic of Korea Last Updated: April 2021
Malaysia and South Korea signed a memorandum of understanding (MOU) to forge bilateral cooperation in the area of information and
communication technology (ICT).
Source
29 November 2019
Membership
International Telecommunications
Union (ITU)