Lee Jong-hyun, the new Chief Information Security Officer (CISO) of SK Telecom, explained the security strategy following the hacking incident in an interview with the SKT newsroom on the 12th.
This CISO noted, "In the rapidly changing cyber threat environment, I believe the answer lies in understanding technologies ahead of attackers, identifying inherent risks, and responding promptly."
After the recent hacking incident, SK Telecom elevated the CISO organization to report directly to the CEO and launched a centralized security center on the 1st of this month. This CISO has worked as a security leader at Amazon and Samsung Electronics and was responsible for planning and operating a long-term cybersecurity program for the government of British Columbia, Canada.
This CISO stated, "A key task we need to reinforce is strengthening security governance," adding, "To achieve this, we need to establish a specialized system for protection, detection, response, and recovery of security operations."
He mentioned, "We plan to soon proceed with the re-education of non-security personnel joining the integrated security center to transition them into security roles, and we are also working on recruiting external talent to secure specialized capabilities."
He continued, "The security functions and capabilities that SK Telecom needs to establish cannot be completed in a short time," stressing, "While proceeding with a mid-term construction plan over 1 to 2 years, complementary tasks must be carried out simultaneously until that system is completed."
He added, "Trust is formed through the accumulation of positive experiences over a certain period," stating, "In the short term, activities that deliver results through prompt actions are necessary, but at the same time, a change in the corporate culture must be internalized through the construction of systems that require time and effort, process improvement, and enhancing employee security awareness."