Logos of SK Telecom, KT and LG Uplus. [Photo: each company]

South Korea’s three telecom carriers are stepping up investment in information security. Hacking incidents and AI-based cyber threats are combining to make security spending a key task for the telecom industry.

Data disclosed by the Korea Internet & Security Agency (KISA) on Thursday showed the three carriers spent a combined 367.5 billion won on information security last year. That was up about 22 percent from 301.2 billion won a year earlier. SKT and its fixed-line unit SK Broadband invested 143.4 billion won, up 53.7 percent from the previous year. KT invested 127.5 billion won, up 2 percent, and LG Uplus invested 96.6 billion won, up 16.7 percent.

Their approaches to strengthening security differ slightly. SKT has focused on overhauling security governance and its incident response system after a USIM hacking incident. In its recently published "Information Security White Paper 2025", it presented a zero trust-based security architecture, AI-based threat detection and analysis, and standard response procedures by incident type. SKT plans to invest about 700 billion won over the next 5 years to strengthen its customer protection system as well.

Still, SKT and SK Broadband had the highest outsourcing share for dedicated information security staff among the three, at 77.3 percent. Separate from the increase in investment, securing in-house specialists and upgrading outsourcing management systems are cited as tasks. Using external specialist firms can improve cost efficiency, but the nature of core telecom infrastructure also requires an understanding of internal systems and an accountable operating framework.

KT is focusing on in-house specialists and strengthening the stability of its telecom infrastructure. Of KT’s 317.1 dedicated information security staff, 164.8 are in-house, more than half. A KT official explained, "Because security requires an understanding of the organisation and systems, we operate a framework in which in-house specialists carry out everything from establishing security strategy to system protection and incident response."

KT’s growth rate in information security investment last year was the lowest among the three carriers, but it is moving to make up for it through a mid- to long-term security investment plan. It plans to invest about 4 trillion won over the next 3 years in information security and IT innovation to overhaul companywide security systems. It will accelerate its AI transformation (AX) company strategy by establishing an always-on prevention and response system based on zero trust, integrating security operations governance, separating the chief information security officer (CISO) and chief privacy officer (CPO) roles, and expanding information security staff.

LG Uplus is placing emphasis on AI-based monitoring and preventing customer harm. Its information security spending accounted for 7.7 percent of its IT investment, the highest among the three carriers. LG Uplus is building AI-based integrated security monitoring and a zero trust system centred on an information security centre under the CEO.

It is also stepping up efforts to respond to everyday security threats that arise at customer touchpoints. In particular, it is positioning responses to voice phishing and smishing as a point of differentiation. It judges that a prevention system combining detection and blocking with user guidance is important because smishing impersonating an investigator, inducing the installation of malicious apps, and financial fraud-type voice phishing lead directly to user harm.

Industry watchers see a strong likelihood that the three carriers’ security spending will continue to expand. That is because the spread of AI services is widening the attack surface and social demands are increasing for personal data protection and telecom network stability. AI-based attacks in particular have limits that existing response systems cannot address in terms of speed and scale, so the companies are expected to focus on securing automated detection, analysis and response capabilities.

An industry official said all three companies appear to be making the strengthening of security capabilities a key task alongside expanding new AI businesses. The official said hacking incidents and AI-based threats are combining to create an atmosphere in which the telecom industry as a whole is moving fully toward improving its security fundamentals and responding to threats.

Keyword

#Korea Internet & Security Agency #SK Telecom #KT #LG Uplus #Zero Trust
Copyright © DigitalToday. All rights reserved. Unauthorized reproduction and redistribution are prohibited.