A guideline has been established for domestic companies to refer to when adopting the Zero Trust security model.
The Ministry of Science and ICT and the Korea Internet & Security Agency (KISA) announced on the 3rd that they will distribute the 'Zero Trust Guideline 2.0,' created together with experts from industry, academia, and research institutes, free of charge for domestic companies.
Zero Trust is a security concept that assumes the network has already been compromised when there is a request to access information systems, emphasizing "Never Trust, Always Verify."
With the utilization of new digital technologies such as artificial intelligence (AI) and cloud computing, and the spread of telecommuting and remote work, existing security models have shown limitations, making a fundamental paradigm shift in security necessary.
The Zero Trust Guideline 2.0 is structured from the perspective of users who wish to adopt and apply the security model, reinforcing detailed procedures and methodologies for implementation, including results from previous Zero Trust pilot projects.
In particular, it defines a 'maturity model' that has been specified from the previous three stages to four stages, explains detailed capabilities and characteristics by maturity level for key components that make up enterprise networks, and provides checklists for evaluation along with improvement plans.
Ryu Jae-myung, Director of the Network Policy Office at the Ministry of Science and ICT, said, "We expect the guideline to serve as a good practical reference for the concrete implementation of the Zero Trust security model across various industrial sectors in the future," adding, "The government will continue to support the expansion of Zero Trust among domestic companies."
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
