South Korea

보안 인증 8년만에 대폭 손질...컨설팅기업들 "특수 온다" 함박웃음

ZD Net Korea | Local Language | News | Jan. 13, 2026 | Regulation

The South Korean government is undertaking a major overhaul of the Information Security Management System (ISMS) and the integrated ISMS-P certification system after repeated hacking incidents compromised even certified companies. The ISMS, introduced in 2002 and maintained for roughly 24 years, merged with the Personal Information Management System (PIMS) in 2017 to form ISMS-P to reduce overlapping certification burdens. Despite these efforts, recent breaches have exposed weaknesses in the certification's effectiveness, prompting the government to advance stricter reforms.

Key reform measures include expanding mandatory ISMS-P certification to major public systems, telecommunications companies, and large platforms, as well as strengthening audit methods through on-site inspections, more rigorous pre-audit reviews, and vulnerability checks using simulated hacking drills. The government will also operate sector-specific certification committees and train auditors on emerging technologies like AI. The Personal Information Protection Commission and the Ministry of Science and ICT submitted amendments to the Personal Information Protection Act to expand mandatory certification, which have passed and are set for phased implementation starting in early 2026.

Security consulting firms are poised to benefit significantly from these changes, as organizations seek expert assistance to meet the heightened certification standards efficiently. The domestic security consulting market has been growing steadily, with revenues rising from 572.6 billion KRW in 2022 to 642.6 billion KRW in 2024. About 22.7% of 876 security-related companies engage in consulting, and 29 firms hold special government designations as information protection professional service companies. Experts expect demand for consulting services to increase as more companies face mandatory certification and revised compliance requirements.

Korea Herald | English | News | Jan. 13, 2026 | Extreme Weather Events

A powerful cold wave will continue to affect South Korea on Monday, with morning temperatures expected to drop as low as minus 14 degrees Celsius. The Korea Meteorological Administration forecasts daytime highs between zero and 10 degrees Celsius, with Seoul around minus 9 degrees and inland mountainous areas of Gangwon Province reaching minus 15 degrees. Snow or rain is predicted across central regions and North Jeolla Province, alongside precipitation on South Chungcheong’s west coast and Jeju Island. Authorities warned of hazardous icy roads and black ice, posing risks to motorists and pedestrians.

The cold snap follows a weekend of severe weather that resulted in at least eight fatalities nationwide. Incidents included a man in Gyeonggi Province killed by a sign torn loose by winds, and a multi-car crash on the Seosan-Yeongdeok Expressway in North Gyeongsang Province attributed to black ice, causing five deaths and eight injuries. Strong winds also escalated a wildfire in Uiseong, North Gyeongsang Province, forcing evacuations and challenging fire containment efforts.

Widespread damage was reported, including injuries from falling debris and power outages affecting nearly 2,000 households and businesses in North Chungcheong Province. North Gyeongsang alone received over 100 wind damage reports. Air travel disruptions included 19 flight cancellations on routes linking Jeju with Gimhae, Yeosu, and Wonju. Authorities urged the public to remain cautious, secure loose structures, and avoid unnecessary travel as adverse weather conditions continue and emergency services stay on high alert.

Korea Herald | English | News | Jan. 13, 2026 | Privacy

Ju Byung-gi, chairman of South Korea's Fair Trade Commission (FTC), indicated that a temporary suspension of Coupang Corp.'s business operations could be possible amid an ongoing investigation into a large-scale data breach at the US-listed e-commerce giant. He stated that if the company fails to comply with orders or if relief for affected consumers is inadequate, the FTC might consider suspending Coupang's business operations.

Coupang disclosed on December 25 that a former employee stole personal information from 33.7 million user accounts, though the company claimed that only about 3,000 accounts' data were saved and later deleted. However, the science ministry criticized Coupang’s findings as one-sided and incomplete, highlighting that a joint public-private investigation had not yet concluded.

In addition to examining the data breach, the FTC is reviewing other concerns regarding Coupang’s business practices. The commission plans to soon release the results of its inquiry into allegations that Coupang shifted losses from low-priced sales onto its partner suppliers.