KT announced on June 7 that it is enhancing its Zero Trust security strategy to implement a continuous prevention and proactive response system across its entire organization.
Previously, KT introduced a Zero Trust Network Access (ZTNA) solution to verify access to work systems based on the trust level of users and devices. Building on this operational experience, the company plans to establish a threat detection system and strengthen its capabilities to prevent the spread of security incidents.
To achieve this, KT has implemented a behavior-based detection system. The Endpoint Detection and Response (EDR) system will identify abnormal activities on devices such as PCs and servers, while the Network Detection and Response (NDR) system will analyze abnormal traffic and signs of attacks in real-time.
Additionally, KT has developed a multi-layered detection system to identify unusual behaviors occurring on devices and networks, enabling early detection of new types of attacks and abnormal access following internal breaches.
The company is also enhancing its micro-segmentation architecture to prevent the spread of damage in the event of a security incident. Micro-segmentation is a technology that limits an attacker's lateral movement within the system by segmenting access rights and communication ranges for each system, thereby preventing the spread of security threats.
KT has completed pilot applications of micro-segmentation for key systems and certain work environments, with plans to expand its application to the entire work environment after verifying operational stability and policy effectiveness this year.
Based on its Zero Trust security strategy, KT aims to proactively respond to evolving cyber threats by expanding the application of intelligent threat detection technologies.
Kim Chang-o, Chief Information Security Officer (CISO) at KT, stated, "We are continuously enhancing our Zero Trust security framework focused on ongoing prevention and proactive response based on our ZTNA operational experience. We will actively adopt advanced security technologies such as micro-segmentation and behavior-based detection to maintain the highest security levels for our key work systems and services."
Zero Trust is a modern cybersecurity framework based on the principle of 'never trust, always verify,' requiring strict identity verification and approval for all access requests. It is founded on three core principles: continuous verification, least privilege, and the assumption of breach.
* This article has been translated by AI.
Copyright ⓒ Aju Press All rights reserved.