Cybersecurity company Genians announced on the 27th that it will voluntarily implement information security disclosure to proactively respond to the rising importance of cybersecurity due to the spread of artificial intelligence (AI) and accelerated digital transformation.
The "information security disclosure system" allows corporations to transparently disclose their information security investment status, dedicated personnel, security certifications, and more, either voluntarily or mandatorily, to inform external parties of their security level. Although Genians is not a mandatory disclosure corporation, it has decided to voluntarily disclose its information as a leading security company with a sense of responsibility. This reflects its commitment to contribute to national cybersecurity and enhance transparency in the security industry.
Recently, as AI technology spreads and digital transformation progresses rapidly, expanding information security investment and securing specialized personnel have emerged as key factors for corporate competitiveness. In particular, the new government has pledged to "strengthen cybersecurity for national critical infrastructure and personal data protection" and has mentioned enhancing the information security disclosure system as a major task. According to the "improvement plan for information security systems" proposed by the Ministry of Science and ICT to the Presidential Committee on Policy Planning, there are discussions to expand the mandatory disclosure target from corporations with existing revenues of over 300 billion won to all listed companies.
Through this voluntary disclosure, Genians has transparently released information on its systematic investment status in information security and staffing for specialized personnel. It invested approximately 13% of its total information technology sector investment in the information security sector, and dedicated personnel account for 12% of the total.
Genians is also enhancing its security system while simultaneously engaging in various information security activities. Its initiatives include establishing internal management plans for personal data, revising and amending 11 internal security regulations and guidelines, and conducting hacking email scenario-based incident response training in collaboration with the Korea Internet & Security Agency (KISA) to organize a company-wide security response system.
In particular, through the operation of a bug bounty program targeting its own products, Genians is conducting vulnerability assessments based on real threats and continuously strengthening the completeness and reliability of its security products. The company is also systematically securing incident prevention capabilities through internal audits and job training for all information security tasks, as well as monthly secure coding and vulnerability assessment activities.
Through these efforts, Genians has officially recognized its information security capabilities both domestically and internationally, obtaining various relevant certifications. These certifications include ISO/IEC 27001:2013 (International Standard for Information Security Management Systems), CSAP (Public Cloud Security Certification), and CC Certification (Common Criteria, Product Name: Genian ZTNA V6.0 SP1).
Lee Dong-beom, CEO of Genians, noted, "Genians establishes information security strategies and policies from the development stage, and is also working to establish a security culture and enhance response capabilities," and added, "Through voluntary disclosure, Genians will increase transparency and trust in security, and contribute to national cybersecurity through continuous investment."