In this trend, Korea's security system must also shift significantly. The first shift is from “security that detects and blocks” to “security that anticipates and recovers quickly.” AI-based attacks are so swift and automated that by the time anomalies are detected, data may already have been leaked or the system tampered with.

Going forward, it will be crucial to conduct ongoing checks on 'Exposure Management'—understanding what weaknesses exist within our organization, how they appear externally, and where attackers might aim first. Simultaneously, it is vital to establish a system to “repeatedly train before real attacks occur” by employing red teams and penetration testing that act like real attackers, along with partially automated tools.

Additionally, recognizing AI itself as an important focus of security is necessary. Like humans, AI agents should be granted unique IDs and minimal permissions, with records kept of their actions. Essential tasks involving significant amounts of money and data should have a structure where a human reviews them lastly.

Moreover, security personnel and investments should be transparently disclosed rather than hidden. Publicly sharing information such as “how many security personnel we have and what investments are being made” should function like a kind of management report card. This transparency can make the security industry an attractive career option for talented individuals, and allows citizens and investors to judge how committed a company is to security.

Reflecting on Korea's cyber threats in 2025, there's a simultaneous feeling of despair at having hit rock bottom and urgency that “things cannot remain the same.”

Examples from SK Telecom, KT, Lotte Card, and Coupang signal the end of the era when security was viewed as a minimal cost concern. The global predictions of AI-based attacks serve as warnings that a much fiercer storm is heading our way.

We are at a crossroads now. The year 2025 could just be remembered as the “worst year for security.” However, it could also be the starting point where we began to completely overhaul our security consciousness and systems.

Instead of resigning to “We will get hit someday,” we should ask, “What will we change today in preparation for someday?” We must shift from “reactive security after a hacking incident” to “proactive security by self-testing before being hacked.” We must aim to become a “country preparing first for a security paradigm suited to the AI era” rather than a “nation dragged by AI attacks.”