Preliminary Demand Survey for Financial Companies in the First Half of the Year
Full-Scale Evaluation Starting from 2022
[Asia Economy Reporter Park Sun-mi] The Financial Security Institute announced on the 6th that it has established security vulnerability assessment criteria to proactively identify and respond to security threats posed by innovative technologies such as artificial intelligence (AI), Internet of Things (IoT), authentication technologies, and blockchain used in the financial sector.
Recently, the financial sector has been developing and operating various financial services using AI, IoT, and authentication technologies. The Financial Security Institute has identified that new types of security threats, different from those previously encountered, are emerging in these services. To eliminate security threats arising from the introduction of new technologies in advance, it has newly established security vulnerability assessment criteria focused on AI, IoT, authentication technologies, and blockchain.
The Financial Security Institute plans to conduct a preliminary demand survey targeting financial companies in the first half of the year, followed by pilot evaluations in sequence, and to fully implement the assessments starting in 2022.
Until now, the Financial Security Institute has played a leading role in financial security by annually revising the security vulnerability assessment criteria used in the financial sector and distributing them to financial companies and information security professional service firms. The preliminary demand survey for the pilot evaluation will be conducted in the first half of this year targeting financial companies, and evaluations will be carried out sequentially based on the survey results. From next year, it will transition to full-scale evaluations.
The security vulnerability assessment criteria established by the Financial Security Institute include unauthorized access and the possibility of inputting values outside the normal range for AI training data and models. It also covers the leakage of critical information from IoT servers and the possibility of internal intrusion into financial companies, tampering with results and reuse of authentication information in simple authentication technologies, and the possibility of personal key leakage in blockchain interfaces.
The Financial Security Institute stated that by presenting trusted assessment criteria through pilot evaluations, it expects financial services to become more stabilized by actively responding to financial security threats arising from the operation of new technologies.
Kim Young-gi, the director, said, “As the digital transformation of finance accelerates, the introduction of financial services integrating innovative technologies is becoming active, but cyber threats that could destabilize financial systems must be closely monitored,” and added, “The Financial Security Institute will continue to strengthen proactive and active efforts to respond to new financial security threats arising in the changing financial IT environment.”
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
