Security Support for SMEs Extended to 'Up to 3 Years'... Concerns Over Concentrated Benefits

The government will extend the maximum usage period for the "cloud-based security service (SECaaS)" it supports for small and medium-sized enterprises (SMEs) vulnerable to hacking to up to three years. However, there are concerns that simply increasing the usage period without expanding the related budget, which is rapidly shrinking, may result in benefits being concentrated among only a few companies.

According to the industry on June 5, the Ministry of Science and ICT and the Korea Internet & Security Agency (KISA) will expand the SECaaS provision period from the existing one year to up to three years starting this year. The government plans to begin accepting applications from interested companies at the end of this month. A government official stated, "There was a lot of feedback from the industry that one year was not enough, so we extended the SECaaS usage period," and added, "We expect that SMEs will be able to use security services for an extended period at an affordable price."

SECaaS refers to a security service provided in the form of cloud computing for SMEs that lack the resources to equip themselves with cybersecurity equipment or personnel. It offers functions such as firewall, malware detection, and defense against DDoS (Distributed Denial of Service) attacks. The annual cost to companies is around 500,000 won.

However, there are concerns that if the government only extends the usage period for the same companies while the SECaaS budget has been reduced to a quarter of its original size, the majority of SMEs will not even have the opportunity to participate. The SECaaS budget has been cut every year, from 10 billion won in 2022 to 5.8 billion won in 2023, and 2.3 billion won last year. The number of companies using the service also dropped from 1,237 in 2022 to 690 in 2023, nearly halving. Since the supplementary budget passed last month did not include SECaaS, the number of companies expected to benefit this year is estimated to shrink to around 300. According to the Ministry of SMEs and Startups, there were 8,042,726 SMEs in Korea as of 2022. Based on last year's figures, only 0.008% of all SMEs used SECaaS. If the same companies continue to use the service for three consecutive years, the number of companies able to benefit from this service in the future will decrease even further.

Jang Hangbae, a professor in the Department of Industrial Security at Chung-Ang University, stated, "SECaaS can only become an effective policy if the support period is extended along with an increase in the budget," and added, "Since the SK Telecom USIM information leak incident, concerns about hacking have grown, and as SECaaS serves as a minimum safety net for SMEs, it requires the attention of the new administration."

© The Asia Business Daily(www.asiae.co.kr). All rights reserved.