Updated Jul. 18, 2023 7:49PM GMT+9
South Korea should be making efforts to train the cyber defenders rather than the offenders to protect the country from a new era where everything is connected to the internet, according to a cybersecurity professional on Friday.
“South Korea is more reliant to the internet than North Korea. The difference will get bigger as we go through the fourth industrial revolution,” said Kim Seung-joo, a cybersecurity professor at Korea University and a member of the presidential defense innovation committee, during a panel discussion at South Korea and the European Union’s high-level cybersecurity conference. “This means we need to focus on educating the defenders.”
Among the defenders, the expert stressed the importance of training the security engineers rather than security analysts. Security analysts are those who monitor networks and assess systems to discover their vulnerabilities, whereas engineers work on producing secure products. “It takes much more time and a larger budget to foster engineers, as students prefer to work as analysts, finding security flaws,” said Kim, adding that the country needed to shift its attention to training a workforce that develops safe products.
The professional also called for a change in the education of cybersecurity talents alongside panel members including Jeong Seung-gi, the CEO of SortieLab, Eric Li, the CTO of Stealth Solution, and Julien Provenzano, the CEO of RalfKairos. Adapting the latest technologies at at a fast pace, South Korea implemented the internet in almost every industry, which led to higher demand for security employees. Unlike the internet or a computer, it is not easy to learn industry specific security knowledge in areas such as automobiles, aircraft, and weaponry.
“The government expects that once students graduate with an education in cybersecurity, they could infiltrate Kim Jong-un and extort confidential information, which is not the case,” said Kim. “Schools should be in charge of thoroughly teaching the basics, and students should get their experience from the field.” The expert stressed his argument by comparing cybersecurity professionals with medical school graduates, who need years of additional experience before they get the chance to scrub in for surgery.
