The government is considering measures to prevent the recurrence of IT system failures domestically, including establishing a gradual software deployment system, conducting thorough testing before applying to actual environments, and building a centralized management and control system. It also plans to recommend cloud multi-tenancy to value-added telecommunications providers such as portals.
On the 23rd, the Ministry of Science and ICT held the 3rd Telecommunications Disaster Management Deliberation Committee meeting to gather opinions from IT and security experts on accident prevention measures and consider reflecting them in policies.
At the Telecommunications Disaster Management Deliberation Committee, the IT system failure caused by a conflict between Microsoft’s operating system (OS) and CrowdStrike’s security software was presented as a special agenda item, with reports on the cause and damage status, followed by discussions on countermeasures.
During the meeting, the guidelines for establishing the basic telecommunications disaster management plan for next year were also reviewed and approved. According to the guidelines, from next year, disaster management obligated operators must prepare telecommunications disaster management plans, submit them to the Ministry of Science and ICT, and implement them.
Since the 2022 fire accident at the Pangyo data center, the government has designated and managed 11 major telecommunications operators including SK Telecom and KT, 7 value-added telecommunications operators including Naver and Kakao, and 8 data center operators including SK C&C as disaster management obligated entities.
The meeting reported plans to designate Coupang as a value-added telecommunications operator and Kakao and Equinix as data center operators subject to disaster management obligations starting next year.
According to the guidelines, from next year, value-added telecommunications operators are recommended to ▲ conduct prior verification in a simulated test environment when introducing or updating third-party products such as security software ▲ and diversify major services based on two or more clouds (multi-cloud) rather than a single cloud.
In the data center sector, strengthening the battery fire early detection system is required, including shortening the measurement cycle of the Battery Management System (BMS) and operating additional detection systems.
In the major telecommunications sector, disaster management obligated operators who lease or own international submarine communication cables are required to establish emergency communication plans such as securing alternative routes in case of submarine cable failures. Additionally, they must report the operational status of cables, including capacity and number of lines.
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
