Amid large-scale intrusion incidents like the hacking of SK Telecom, there are claims that the existing firewall-centric security strategy has reached its limits. Global security company Kaspersky proposed a strategy of 'Cyber Immunity,' which emphasizes the need for a shift in the security paradigm, at a press conference held on the 14th at the Fairmont Ambassador Hotel in Yeouido, Seoul, stating that systems must be designed with breaches in mind.
Adrian Hia, Kaspersky's Asia Pacific (APAC) President, noted, 'The key is to design systems robustly from the outset, under the assumption that a breach will eventually occur,' criticizing existing defensive strategies. He said, 'Assume Breach is the new standard in cybersecurity.'
According to Kaspersky, 'Cyber Immunity' is an architecture based on Secure by Design. Rather than relying on security solutions, it involves equipping systems with structures that can withstand hacking. Hia stated, 'In the past, adding layers of firewalls and repeatedly installing antivirus software was effective, but with AI-based attacks becoming sophisticated, we need to change the structural design itself.'
To this end, Kaspersky has developed its own operating system, 'KasperskyOS.' Originally initiated for industrial embedded systems, this OS has recently expanded its application scope to IT systems as a whole. Hia described it as 'a structural shield to prevent hacking in advance and a tool to enhance infrastructure resilience.'
This strategic approach is gaining a certain level of sympathy within the industry. According to a survey conducted by Kaspersky with 850 security experts worldwide, 85% recognized the concept of Cyber Immunity, and among those, 73% assessed it as an effective response strategy. In the Asia Pacific region, 35% of respondents said they could 'reduce both the frequency of attacks and the damage simultaneously.'
Hia stated that the recent pattern of hacking is evolving, 'No longer targeting individual devices or users, but evolving into complex intrusions via smart meters, IP cameras, IoT devices, and so forth,' and emphasized that 'integrated monitoring covering both IT and OT (Operational Technology) is key.' Kaspersky is also operating a platform that allows integrated management of IT and OT assets from a single dashboard.
At the conference, Kaspersky presented its market strategy for Korea, including ▲enhancing AI-based threat detection ▲expanding Managed Security Service Providers (MSSP) ▲advancing cyber intelligence. Hia noted, 'Korea is an absolutely under-resourced market in cybersecurity, so a structure that provides security in partnership with partners is effective,' stating that they are strengthening customer response capabilities through training and technical support for partners.
In Korea, there are already over 200 certified partners, and recently, a distributor agreement was signed with KG ICT to strengthen projects targeting large enterprises. Lee Hyo-eun, Kaspersky's Korea branch manager, stated, 'We are targeting the domestic market centered on expanding enterprise solutions and customized security design, increasing strategic partnerships, and enhancing transparency.'
AI technology is also evolving. Kaspersky has been utilizing machine learning since 14 years ago to detect up to 470,000 new viruses and malware daily. Recently, they combined generative AI with their Extended Detection and Response (XDR) solution to enhance response speed and accuracy. The company explained that 'AI agents learn from the customer environment to recommend optimal response scenarios and even provide playbooks.'
Kaspersky is rapidly shifting its strategy from a consumer-focused (B2C) model to a corporation-focused (B2B) model in response to changes in the security market landscape. The branch manager emphasized, 'Based on an integrated portfolio that includes Endpoint Detection and Response (EDR), Extended Detection and Response (XDR), OT security, and Security Information and Event Management (SIEM), we will respond to the complex security needs of Korean corporations,' emphasizing that 'what we need to dispel with technology is prejudice, not security itself.'
Meanwhile, Kaspersky recorded an annual revenue of $822 million (approximately 1.18 trillion won) in 2024, achieving its highest performance ever. Although the company faced difficulties in some overseas markets following the U.S. government's restrictions on the use of its products, it maintained its business in Korea based on trust in its technology without losing customers. The branch manager said, 'Even after the U.S. measures, domestic customers continue to trust our technology,' adding, 'We plan to further increase our workforce next year.'