Being in the spotlight can bring pain and distress to the protagonist. On Thursday, almost all media outlets in South Korea gathered at one place in Seoul to listen to Hwang Hyeon-sik, CEO at LG Uplus, the telecommunication conglomerate which has been brought to the center of attention regarding the recent breaches that took place consecutively. During a speech, Hwang repeatedly lowered his head in front of the press to deliver his regrets to the firm’s customers for negligent security and to apologize for the recent security incidents.
Hwang expressed his remorse in a clear, determined manner. The corporate head referred to “the needs of constant and fortified defense” and “the investment in security personnel.” Among various strategies that he shared with the audience, including the pledge to invest 100 billion won ($80 million) in cybersecurity, the most notable aspect of his plan was his conclusion that the company needs to elevate its cybersecurity division to the office under the direct supervision of the CEO. Up until now, LG Uplus has incorporated its data protection duties within the company’s information technology department. Under the current decision, the chief information security officer (CISO) and the chief privacy officer (CPO) at LG Uplus will have the power to monitor and enhance the overarching security of their company, directly reporting to the CEO.
This dramatic commitment towards cybersecurity shows that the essence of security is nothing but trust. “Regarding everything that was mentioned today, I will take full responsibility of executing the plans and do my best to restore the trust of our customers,” asserted Hwang, closing the press conference. In a statement which was distributed before the conference, he emphasized the importance of trust, writing that “network and information security are the basis for telecommunication and are connected to customer trust.” Publicly humiliated, LG Uplus has agonizingly learned the lesson that security spending is not a cost, but an investment.
Considering that the volume of cyberattacks have been increasing exponentially around the globe, the recent accidents that LG Uplus encountered may not only be bad news for their company. There is not a single organization that is free from cyber threats. Once LG Uplus starts intensifying its security posture, malicious actors will turn their eyes to relatively easier targets because their priority is the return on investment, or ROI. As of last year, LG Uplus is ranked tenth on the list of information security investment among South Korean companies. However, the firm will jump straight into third place when it executes the planned spending on cybersecurity. 100 billion won equals about 10% of the company’s operating income from last year. It is up to LG Uplus whether it can turn crisis into opportunity. Observers outside the spotlight also should not miss a chance to learn.
