CYBERSUMMIT2024

레이어 닫기

KOR | ENG
CSK2024
Conference
- Program
- Speakers
APEX
- APEX
CCE
- CCE
Exhibition
- Booth Layout
Registration
- Register
- Registration Confirmation
Contact Information
- Notice
- Inquiries
- FAQ
- Privacy Policy
Travel

Day 3

9.11.
9.12.

9.11.
9.12.

Huy Kang Kim, Professor
Korea University

2017.11- Present: Co-Founder, AI Spera
2010.3-Present: Full Professor, Korea University
2004.5-2010.2: Head of Information Security Dept., NCSOFT
1999.8-2004.4: Founder, A3 Security

Cyber Threat Trends and Response Strategy

Hong Seok Kim, Manager
Korea Internet & Security Agency (KISA)

2010-Present Digital Threat Response & Analysis Division, Korea Internet & Security Agency

Abstract

In a situation where cyberattacks are becoming commonplace and intelligent, infringement accidents such as account leakage, ransomware malicious code distribution, and spear phishing continue to occur. The attacker who caused such an infringement accident is attempting to invade with an organized and planned intention. I would like to look at recent cyber threat trends and infringement incidents, and tell you how to respond to them.

Follow the Money in the Hacking World

Marianne Bender, Senior Public Prosecutor
Økokrim

Senior Public Prosecutor, Specialized in investigation and prosecution of cryptocurrency cases.

Abstract

The speech highlights the importance of tracing cryptocurrency and that countries cooperate closely.

Il-Seok Oh, Research Fellow
Institute for National Security Strategy (INSS)

Dr. OH, Il-seok is a research fellow of ‘the Institute for National Security Strategy(INSS)’ which is a think-tank funded by Korean government. He has also served as a vice-president of ‘the Korean Academy of Space Security(KASS).’ As an expert in emerging security issues, he has published many articles and notes on ‘Space Security’, ‘Cybersecurity’, ‘Energy Security’ and ‘Emerging Technology’ Laws and Policies. He had worked at ‘the National Security Research Institute(NSRI) in the Electronics and Technology Research Institute(ETRI) for 5 years as a senior researcher. He graduated from Korea University with his Ph.D in Law. He also received his L.L.M. from the Northwestern University School of Law at Chicago in the United States of America.

Space Cybersecurity Trends

Jae-Cheol Ryou, Professor
Chungnam National University

2023-Present Non-Executive Director, Korea Internet & Security Agency
1991–Present Professor, Chungnam National University
2018–2022 Non-Executive Director, Korea Communications Agency
2021–2021 President, Korea Institute of Information Security and Cryptology

Abstract

As hackers' interests in space industry growing, cybersecurity in space is becoming more important. The United States has been proposing various measures to protect space assets since announcing the Space Cybersecurity Policy (SPD-5) in 2020, while Japan has also announced space system security guidelines and is carrying out full-scale cybersecurity enhancement projects. In Korea, the Space Asset Cybersecurity Council was launched in June of this year and is working with National Intelligence Service, Ministry of National Defense, and Korea AeroSpace Administration to develop an integrated satellite cyber threat response roadmap.
In this presentation, we will introduce the current status of space development, as well as recent issues related to cybersecurity.

Trends and Issues on the Space & Cyber Security International Norms

Joonkoo Yoo, Chief Executive Director
Emerging Technology Security Institute

2024-Present Chief Executive Director, Emerging Technology Security Institute
2017-Present Inviting Professor of GSIS Yonsei University
2011-2024 Research Professor of KNDA
2015-Present A member of advisory committe of MOFA, MOTIE, MOD
2010-2011 Deputy Director of Presidential Office of G20 Seoul Summit

Abstract

With a rapid development of the space domain and space assets, the safety and security concerns on the space has been also magnifying. In addition, due to the interplay with cyber and space infrastructure, space security issues are closely related into cybersecurity. In this situation, the international norms of the space have been evolving and diversified. The international norms of the cyber security are overlapped and linked with space security norms. During the session discussion, we will examine characteristics and pending issues of the space-cyber international norms and finally explore the future expectation and policy implications.

Sokjoon Lee, Professor
Gachon University

2022-Present: Associate Professor in Dept. of Computer Engineering (Smart Security), Gachon University
2022-Present: Director at the Korea Institute of Information Security & Cryptology
2022-Present Section Chief for Policy/System Committee in Korea Zero Trust Forum
2000-2022: Principal Researcher in Information Security Research Division, Electronics and Telecommunication Research Institute (ETRI)
2010-2019: Ph.D. in school of Computing, KAIST

Trends in ZT Technologies and Policies

Heung Youl YOUM, Emeritus Professor
Soonchunhyang University

Dr. Heung Youl Youm has been working at Sunchunhyang University since 1990 and has worked for Department of information security engineering as a Professor since 2001. He had served as a commissioner of the Personal Information Protection Commission from August 5, 2020 to August 4, 2023. He has been the Chair of ITU-T SG17 (security) since 2017. He also served as the President for the Korea Institute on Information Security and Cryptology (KIISC) in 2022 and has since become its Honorary President. His main interests are cybersecurity and privacy policies and technologies including 6G security, zero trust technology, IoT security, etc, especially international standardization of these technologies. He was a senior research staff at the Electronics and Telecommunications Research Institute of Korea (Republic of) from 1982 to 1990. He received his B.S., M.S., and Ph.D. degree from the Department of Electronics Engineering at Hanyang University.

Abstract

A zero Trust is a new security paradigm that requires information systems to be implemented with the principle of “never trust, always verify”. This presentation will introduce the concept of Zero Trust security technology and present policy trends in major countries. It will also present standardization trends in major standardization organizations.

Zero-Trust Use Case Using Microsoft’s Architecture and Technology

Jong-Whoi Shin, Customer Security Officer
Microsoft Korea

2024.5-Present Microsoft, Customer Security Officer
2019.3-2024.5 NCSOFT CISO, Head of Information Security Center
2016-2019 Amazon Web Services, Security Assurance Lead
2012-2016 Microsoft Korea, National Security Officer
2002-2012 KISA (Korea Internet & Security Agency) Team leader
Korea University, Computer Science, Ph.D

Abstract

In the AI era, intelligent cyber-attacks are rapidly increasing, but many companies are still conducting security management relying on a network perimeter security model that separates the internal network and the Internet network for protecting IT assets. As a result, there are many difficulties in security management in linking with external IT environments such as home/remote work environments or establishing third party collaboration systems, as well as in responding to the increased use of cloud and the demand for productivity improvement using AI. Therefore, in this session, we will look at the Zero-Trust, a new security paradigm and trust-based security model, to overcome the limitations of security management based on network perimeter model and present implementation use case using Microsoft's Zero-Trust architecture and technology.

John Hyung-Jong Kim, Professor
Seoul Women’s University

2007-Present Professor, Seoul Women’s University
2004-2006 Visiting Researcher, CMU CyLab, Pittsburgh, PA
2001-2007 Principle Researcher of Korea Information Security Agency (KISA)

Security Strategy for Secure Cloud Services

Soo Bok Wi, Senior Manager
NHN Cloud

2021 – Present Cloud Security Architect and Product Manager, NHN Cloud
2006 - 2021 Security Solutions and Managed Security Service Lead, AhnLab

Abstract

It highlights the importance of cloud adoption as a key strategy for implementing digital government and the security strategies that support it. The content presents essential security principles to consider in cloud design and provides real-world examples to guide the development of a secure cloud infrastructure.
Key Content
• Fundamental Principles of Security Design
- Account and Authorization Management
- Separation of Cloud Areas
- Segmented Network Design
- Continuous Security Audits
- Network and Application Protection
- Data Protection

Towards Sovereign Clouds with Confidential Computing

Byoungyoung Lee, Associate Professor
Seoul National University

2018-Present Seoul National University (SNU) ECE, Associate Professor
2016-2018 Purdue CS, Assistant Professor
2016 Georgia Tech CS, Ph.D.
2009 POSTECH CSE, BS. 2011 POSTECH CSE, MS.

Abstract

With the rise of AI techniques, securely managing, computing, and sharing data has become crucial for maintaining sovereign clouds. In this context, confidential computing has attracted significant attention from the systems and cloud community, offering robust security assurances with only moderate performance overheads. This talk will introduce the fundamental concepts of confidential computing and explore various solutions provided by CPU vendors (such as Intel SGX, Intel TDX, AMD SEV, and ARM CCA), public cloud providers (e.g., Microsoft Azure's and Google Cloud's confidential computing services), and service vendors (e.g., Apple’s Private Cloud Compute).

Sang-Wook Han, Director
Korea Institute of Science and Technology

2024. 05 – Present President of Quantum Information Society of Korea
2019. 01 – Present Director of Center for Quantum Technology of KIST

Current Status of Quantum Computing Technology

Yonuk Chong, Professor
SungKyunKwan University

2020-current : Director, Quantum Information Research Support Center (QCenter)
2020-current : Full Professor, Dept. of Nano Engineering, SKKU
2005-2020 : Research Staff, Korea Research Institute of Standards and Science
2002-2005 : Postdoctoral Researcher, NIST Boulder, US

Abstract

We have evidenced amazing advances in the development of quantum computing technology for the last three decades. Small-scale quantum computer hardware is already provided by the global tech giants, and many companies are doing research on the utilization of the quantum computers in order to prepare for the future. The current quantum computing technology is entering a utility-level scale, with possible practical applications. I will introduce the current status of the up-to-date quantum computing technology development in this talk.

Migration to PQC: Technologies and Trends

Jihoon Cho, Vice President
Samsung SDS

2018-Present: Director (VP), Security Research Team, Samsung SDS
2013-2018: Project Manager of Security and Privacy Research, Samsung SDS
2009-2013: Mobile Security Architect, LG Electronics,
2004-2009: MSc & PhD in Information Security, Royal Holloway University of London
2002-2004: M.Math (Cryptography), University of Waterloo

Abstract

Quantum computers are expected to break conventional public key cryptography once they reach a certain level of performance. As a result, there have been efforts to standardize post-quantum cryptography (PQC), which offers resistance against attacks enabled by quantum computers. However, considering the widespread use of cryptography in Enterprise IT, transitioning to PQC from conventional public key cryptography is not a drop-in replacement at al. In this talk, Jihoon will share his insights and experience while participating in the 'Migration to PQC' project of NIST NCCoE.

Chang Hoon Kim, Professor
Daegu University

Professor in the Department of Information Security at Daegu University Director of the Information Security Gifted Education Institute, the Yeongnam Region,The Ministry of Education, South Korea Team Leader of the Task Force on Multi-Level Security System Design Technology, The National Intelligence Service, South Korea

KT, Technology for Safety of UAM Operation

Hoseok Seo, Team Leader
KT

2022-Present KT, Service Tech Lab. UAM Project
2017–2022 KT, Convergence Lab, Smart Mobility Project

Abstract

This presentation introduces KT's traffic management and communication technologies for the safe operation of UAM, along with the progress of the K-UAM Grand Challenge Phase 1 demonstration project. It also discusses the security considerations and presents technical solutions to ensure the stability and reliability of UAM.

Cybersecurity in Autonomous Ship

Kaemyoung Park, General Manager
Korean Register

2009-Present : General Manager of Cyber Certification Team , Korean Register
2001~2008 : Manager, Korean Air Aviation Technology Research Institute

Abstract

This presentation introduces the current state of concepts and technologies related to autonomous ship, as well as the current state of cybersecurity and technology in the maritime industry. As ships increasingly adopt ICT technology, they are becoming more autonomous. In response, we propose measures to enhance ship cybersecurity. Specifically, we will explore risk assessment approaches for introducing new ship technologies and examine cybersecurity risk assessment models suitable for autonomous ships.

Cyber Summit Korea 2024 Online Privacy Policy

The Organizing Committee of the Cyber Summit Korea 2024 adheres to the 「Personal Information Protection Act」 and relevant laws, handling personal information in a lawful manner and ensuring its secure management. In accordance with Article 30 of the Personal Information Protection Act, the privacy policy has been formulated and published to inform data subjects about procedures and standards for personal information processing and to ensure swift and smooth handling of related grievances.

Contents
The 『Privacy Policy』 consists of the following details.

Purpose of Personal Information Processing	Processing and Retention Period of Personal Information
Matters Related to Outsourcing Personal Information	Matters Regarding the Rights, Responsibilities, and Procedures for Exercising Rights of the Data Subject and Legal Representative
Personal Information Items Processed	Procedures and Methods for the Disposal of Personal Information
Measures to Secure Personal Information Safety	Personal Information Protection Officer
Remedies for Rights Violation

Article 1. Purpose of Personal Information Processing

The Organizing Committee of the Cyber Summit Korea 2024 processes personal information for the following purposes. The processed personal information will not be used for purposes other than the following, and in the event of a change in the purpose of use, necessary measures, such as obtaining separate consent pursuant to Article 18 of the Personal Information Protection Act, will be implemented.
1. Website user registration and management
- Confirmation of user registration intent, user management, prevention of unauthorized use of services, various notices and notifications, record retention for dispute resolution
2. Verification of user identity, handling of complaints, communication and notification for investigation of facts, notification of processing results

Article 2. Processing and Retention Period of Personal Information

1. The Organizing Committee of the Cyber Summit Korea 2024 processes and retains personal information within the period specified by law for the retention and use of personal information collected from data subjects. Generally, personal information is promptly disposed of once its processing purposes are fulfilled.
2. Under no circumstances does the Organizing Committee provide third parties with personal information collected and held.
3. Personal information of individuals under the age of 14 is not within our scope of processing.
4. The duration of each personal information processing and retention is as follows.
1) Records related to website user registration and management, including unique identification numbers: 1 year after the event ends.

Article 3. Matters Related to Outsourcing Personal Information

1. The Organizing Committee of the Cyber Summit Korea 2024 has assigned the following personal information processing tasks to ensure a seamless operation

Name of Contracted Agency	Commissioned Task
Mec &Wip	Tasks related with the Cyber Summit Korea 2024 and website management

2. The Secretariat of the Cyber Summit Korea 2024 specifies in documents such as contracts the provisions regarding responsibilities under Article 26 of the 「Personal Information Protection Act」, including prohibition of personal information processing beyond the intended purposes of entrusted tasks, technical and managerial protective measures, restrictions on re-entrusting, management and supervision of contractors, and liability for damages, while also supervising to ensure that the contractor securely handles personal information.
3. Article 4 Matters Regarding the Rights, Responsibilities, and Procedures for Exercising Rights of the Data Subject and Legal Representative

Article 4. Matters Regarding the Rights, Responsibilities, and Procedures

1. Data subjects may exercise their rights for accessing, correcting, deleting, or requesting the cessation of processing their personal information from the Organizing Committee of the Cyber Summit Korea 2024 at any time.
2. The rights under Paragraph 1 shall be exercised against the Organizing Committee of the Cyber Summit Korea 2024 in accordance with Article 41(1) of the Enforcement Decree of the Personal Information Protection Act through written documents, electronic mail, fax, etc., and prompt action shall be taken by the Organizing Committee of the Cyber Summit Korea 2024.
3. The rights under Paragraph 1 shall be exercised through a representative, such as the legal guardian of the data subject or an authorized person. In this case, a power of attorney according to Annex No. 11 form of the Guidelines on Personal Information Handling (No. 2023-12) must be submitted.
4. The rights of the data subject to request access to personal information and to demand cessation of processing may be limited under Article 35(4) and Article 37(2) of the Personal Information Protection Act.
5. The Organizing Committee of the Cyber Summit Korea 2024 verifies whether the person requesting access, correction, deletion, or suspension of processing under data subject rights is the individual themselves or their duly authorized representative.

Article 5. Personal Information Items Processed

The Organizing Committee of the Cyber Summit Korea 2024 handles the following types of personal information.
1. Management of website user registration
- Essential items: Name, contact details, email address, phone number, affiliated name, position
2. The following personal information may be automatically generated and collected during the use of internet services:
- IP address, cookies, MAC address, service usage records, browsing history, and others

Article 6. Procedures and Methods for the Disposal of Personal Information

1. The Organizing Committee of the Cyber Summit Korea 2024 promptly destroys the relevant personal information when it becomes unnecessary due to the expiration of the retention period or achievement of the processing purpose.
2. If personal information's retention period agreed upon with the data subject expires or if the processing purpose is achieved but the information must continue to be retained under other laws, it is transferred to a separate database (DB) or stored in a different location.
3. The procedure and method for personal information destruction are as follows:
① Destruction Procedure : The Organizing Committee of the Cyber Summit Korea 2024 ensures that electronically recorded personal information is irreversibly destroyed to prevent record reproduction. Personal information recorded or stored on paper documents is shredded or incinerated for destruction.
② Destruction Method : The Organizing Committee of the Cyber Summit Korea 2024 ensures that electronically recorded personal information is irreversibly destroyed to prevent record reproduction. Personal information documented on paper is disposed of by shredding or burning.

Article 7. Measures to Secure Personal Information Safety

The Organizing Committee of the Cyber Summit Korea 2024 takes the following measures to ensure the security of personal information:
1. Administrative measures: Regular employee training, among others.
2. Technical measures: Access control management of personal information processing systems, installation of access control systems, encryption of unique identification information , installation of security programs.
3. Physical measures: Access control to computer rooms, data storage rooms, and other relevant areas.

Article 8. Personal Information Protection Officer

1. The Organizing Committee of the Cyber Summit Korea 2024 is accountable for all matters concerning the processing of personal information and has designated the following Personal Information Protection Officer to handle complaints and provide redress for any issues related to personal information processing.

▶ Personal Information Protection Responsible Officer
- Position: Head of the Organizing Committee of the Cyber Summit Korea 2024
- Officer: Oh Hyeong-geun
- TEL : 042-870-2114

▶ Personal Information Protection Officer
- Position: External Cooperation Division Manager for the Cyber Summit Korea 2024
- Officer: Kim Woo-nyeon
- TEL : 042-870-2114
- E-mail : csk@nsr.re.kr

2. Data subjects can contact the Personal Information Protection Officer for any inquiries, complaints, or requests for relief related to personal information protection arising from using this website. The Personal Information Protection Officer will promptly respond and handle these inquiries.
3. Data subjects may request access to their personal information from the Personal Information Protection Officer in accordance with Article 35 of the Personal Information Protection Act. The Personal Information Protection Officer will strive to ensure these access requests are processed swiftly.

Article 9. Remedies for Rights Violation

Data subjects can seek remedies for rights violations due to personal information infringement by requesting dispute resolution and consultation with the Personal Information Dispute Mediation Committee and the Personal Information Infringement Report Center of the Korea Internet & Security Agency. Additionally, for reporting or consulting on other personal information infringements, please contact the institutions listed below.
1. Personal Information Dispute Mediation Committee: (No area code) 1833-6972 (www.kopico.go.kr)
2. Personal Information Infringement Reporting Center : (No area code) 118 (privacy.kisa.or.kr)
3. Cyber Investigation Division of Supreme Prosecutors' Office: : (No area code) 1301 (www.spo.go.kr)
4. Korean National Police Agency : (No area code) 182 (cyberbureau.police.go.kr)

Under Article 35 (Access to Personal Information), Article 36 (Correction and Deletion of Personal Information), and Article 37 (Suspension of Processing of Personal Information) of the Personal Information Protection Act, individuals whose rights or interests have been infringed upon by the actions or inactions of the head of a public institution can request an administrative appeal in accordance with the Administrative Appeals Act.
※ For further information about administrative appeals, please check the Central Administrative Appeals Commission's website (www.simpan.go.kr).

Article 10. Amendments to the Privacy Policy
This Privacy Policy takes effect on July 1, 2024.