[Helpless Against Technology Leaks] "Industry Security, Universities Left Unattentive"... Inadequate Shared Folder Restrictions and Record Management

[Sejong=Asia Economy, Reporter Joo Sang-don] "Compared to large corporations, small and medium-sized enterprises (SMEs) and mid-sized companies, which have relatively lax industrial security management, recognize the need for security. However, universities do not even apply basic security measures such as restricting shared folders or managing usage logs."

On the 3rd, Professor Jang Hang-bae of the Department of Industrial Security at Chung-Ang University sharply criticized the state of industrial security in universities, saying, "Universities are completely neglecting security." Although research on core technologies, including national research and development (R&D) projects, is underway in university-affiliated research institutes, there is virtually no awareness of industrial security.

The KAIST case is a representative example. In 2017, Professor A from the Department of Electrical Engineering at KAIST’s College of Engineering, who was participating as a dean in the international cooperation program with Chongqing University of Science and Technology in China, was selected as a candidate for the Chinese government's ‘Thousand Talents Plan,’ which aims to secure global talent. Professor A was solely selected as a key talent for a program funded by the Chinese government and was even introduced in the department newsletter at the time. However, the following year, a petition was submitted to the Blue House alleging that Professor A violated school and national regulations, accusing him of leaking South Korea’s core technologies. Ultimately, in March last year, the National Intelligence Service reported Professor A to the prosecution on charges of leaking national core technologies, and the prosecution arrested and indicted him for violations of the Industrial Technology Leakage Prevention and Protection Act and the Unfair Competition Prevention and Trade Secret Protection Act.

Professor Jang said, "Although the court has not yet made a final judgment on Professor A’s technology leakage charges, the KAIST case clearly illustrates the university’s awareness of industrial security." He added, "Before the technology leakage controversy arose, there was no awareness that ‘information sharing related to parts funded by government research grants should be restricted,’ regardless of whether it involved national core technologies."

Recently, industrial espionage has appeared in indistinguishable forms such as personnel exchanges or researcher invitations. It is no longer just about poaching personnel from companies, research institutes, or universities. Universities, in particular, are considered a typical security blind spot. A university professor who requested anonymity said, "The fundamental purpose of university research is oriented toward openness rather than technology protection," adding, "As a result, various important technologies are being developed, but security awareness is low and the risk of leakage is high."

Research activities by international students are also one of the blind spots in industrial security. According to the Korea Educational Development Institute’s Education Statistics Service, as of April last year, there were 19,827 Chinese graduate students enrolled in domestic universities, a 21% increase from the previous year. Recently, the U.S. government has imposed regulatory measures, citing concerns that some Chinese international students are stealing advanced technologies. Professor Jang pointed out, "In university-affiliated research institutes, researchers share information and technology in an unguarded manner," adding, "There is a high possibility that various technologies have been leaked during this process."

He advised that universities should mandate security officers in their research institutes to establish at least minimum security regulations. Professor Jang noted, "The National Research and Development Innovation Act only allows for ‘education on research security’ but does not specifically mandate security personnel." He continued, "While ethics and accounting are, of course, important during research, the importance of ‘security’ is also increasing, so funding for security personnel salaries and for researchers to receive training should be provided."

© The Asia Business Daily(www.asiae.co.kr). All rights reserved.