KISA Strengthens National Digital Safety in Collaboration with Cybersecurity Companies

News Article Link

• 18 projects for the development of cutting-edge security products and services, including AI security, integrated security, and zero trust, selected for project initiation -

The Korea Internet & Security Agency (KISA, President Sang-Joong Lee) and the Ministry of Science and ICT (MSIT, Minister Sang-Im Yoo) announced on Friday, May 9, 2025, that they have finalized the selection of 18 project operators for new technology security product and service development in the information security industry. These include support for the commercialization of AI security prototypes, a pilot project for Korean-style integrated security development, and a zero-trust adoption pilot project.

AI Security Enterprise Development Support Project

Artificial intelligence is driving significant digital transformation across everyday life and industries. However, as concerns grow over sophisticated cyber threats exploiting AI technology, there is an increasing need for security technologies to address these challenges. Since 2021, KISA and MSIT have proactively supported the development, commercialization, and domestic and global adoption of high-quality AI security products and services, funding a total of 66 projects over the past four years.

This year, the program focused on two main themes: "AI for Security" (enhancing domestic security technology competitiveness through AI) and "Security for AI" (ensuring the secure use of AI services, including generative AI and AI assistants). Through a competitive evaluation by external experts, 5 projects in the AI security prototype development category and 4 projects in the commercialization category were selected, tailored to different stages of enterprise growth.

Selected projects in the prototype development category include:

• Development and advancement of zero-shot learning-based physical security threat detection technology (DB Ntech)*

• Automated web application vulnerability detection system using multi-LLM (Large Language Model) (NkeyWhiteHat)

• AI-based API* security threat monitoring solution for API governance (SoftFreak)

• AI-powered malicious deepfake detection and response system (NuriLab)

• AI automatic attack code generation and response system based on Attack Surface Management (ASM) (AISpera)

* Zero-shot: A learning approach that enables the detection of events not seen during training.
** LLM (Large Language Model): An AI model trained on large-scale human language data.
*** API (Application Programming Interface): A set of rules that allows software components to communicate.

Selected projects in the commercialization category include:

• Commercialization of multimodal* generative AI-based multi-channel on-device safety monitoring systems (EdgeDX)

• Adversarial attack detection and response solutions for ship video AI surveillance systems (Cyter)

• Anti-spoofing facial recognition solutions based on chipfake detection technology (SafeAI)**

• Decentralized biometric security system-based deepfake* prevention facial payment verification solutions (GhostPass)**

* Multimodal: AI models that learn and process various types of data, including text, images, and videos.
** Chipfake: A method of counterfeiting or alteration created quickly with minimal effort, contrasting with deepfake.
*** Deepfake: A technique for creating highly realistic synthetic images or videos that are difficult to distinguish from real ones.

Korean-Style Integrated Security Model Development Pilot Project

The Korean-style integrated security model development is a strategic support initiative aimed at responding to the global trend of merging security and technology into seamless, integrated platforms. It supports collaboration between domestic security companies to develop comprehensive security solutions that can compete globally. In 2024, KISA and MSIT launched the "K-Security Alliance" collaboration framework, selecting three projects to support integration and collaboration among domestic security companies.

For the 2025 pilot project, selected companies will be supported in integrating multiple security features into next-generation unified security models that can detect, respond to, and manage security threats. The projects should also enable long-term collaboration and technology integration with other companies after the project period to ensure scalability.

Selected projects include:

• SaaS-based open integrated security (XDR*) service for SMEs (Logpresso, AISpera, Exosphere Labs)**

• APT* detection and response based on integrated cyber threat quarantine models for SMEs (Amjin, EndpointLab, Zion)**

• Integrated personal information protection and threat detection system (OnPeople, GuardianNet)

* SaaS (Software as a Service): A service model that delivers software over the cloud.
** XDR (Extended Detection and Response): A comprehensive security platform that provides threat detection and response across various IT environments.
*** APT (Advanced Persistent Threat): A sophisticated, prolonged cyberattack targeting critical data.

Zero Trust Adoption Pilot Project

Zero trust is a security framework that minimizes risks by enforcing continuous identity verification, strict access controls, and micro-segmentation* for every access attempt to critical data and systems. As cyber threats continue to evolve, the zero-trust approach has become a key security strategy. KISA and MSIT have been supporting pilot projects since 2024, focusing on public and private sector deployments of zero-trust security models.

For 2025, the program aims to expand the adoption of zero trust in corporate environments, supporting projects that implement the three core elements of zero trust (strong authentication, micro-segmentation, and software-defined perimeter) in real-world networks.

Selected projects include:

• Zero trust pilot project for AI cloud infrastructure protection (Led by Initech, with Astron Security, PNP Secure, and Qubit Security)

• Zero trust security model for mobile development environments in the financial sector (Led by SGA Solutions, with NNSP, SSR)

• Zero trust-based security verification project for expanding SaaS environments (Led by SK Shieldus, with Nets, Monoly, Zion, SoftCamp)

• Data-centric zero trust overlay network for financial institutions (Led by Private Technology, with ITSC PNS, SoftBus, PioLink)

• Zero trust security model based on SSE platform (Led by Monitor Labs, with AhnLab, RaonSecure, LG Uplus)**

• Zero trust universal authentication and access control system for cloud and special networks (Led by East Security, with SecureLink, Saisikyu Research Institute, Oktaco)

* Micro-segmentation: A security technique that divides networks into smaller segments for more granular security control.
** SSE (Security Service Edge): A cloud-based security solution that provides secure access for remote users.

KISA's Director of the Information Security Industry Division, Jin-Young Oh, stated, "We will actively support the discovery of new security projects based on digital innovation technologies to strengthen national digital safety. KISA will continue to enhance the stability and growth of the domestic information security industry to keep pace with the rapid development of digital technologies and combat increasingly sophisticated cyber threats."