SK Telecom Unveils First Security White Paper, Pledges 700 Billion Won Over Five Years

First Information White Paper Since Founding Signals Commitment Zero Trust and AI-Based Verification Red Team Operated Directly Under CISO

Technology|
|
By Seo Ji-hye
||

SK Telecom has published its first information security white paper since the company's founding, unveiling a plan to invest 700 billion won in information protection over the next five years. Following a security breach last year, the company said it has elevated information protection from a technical department's response task to a company-wide management priority, and plans to gradually overhaul its organizational, technical, and personal data protection systems.

Through its "Information Security White Paper 2025," released Monday, SK Telecom disclosed its information security innovation tasks and implementation status in response to the cyber threat environment. The white paper is composed of three areas: information security governance, information security architecture, and personal data protection. In the document, SK Telecom set out transparency, accountability, and continuity as its principles for incident response. This means disclosing incidents rather than hiding them, responsibly carrying out root-cause analysis and follow-up measures, and continuously advancing security to prevent recurrence.

At the core is large-scale investment. SK Telecom will invest approximately 700 billion won in information protection over the five years from 2025 to 2029. The funds will be used for the transition to a zero trust-based security system, AI-based security detection and analysis, and strengthening customer protection services. Zero trust is an approach that does not automatically trust even internal systems, but continuously verifies the entity accessing them and its permissions. The company also plans to more tightly manage access to core systems and customer information through account and permission management, network access control, and micro-segmentation.

null - Seoul Economic Daily Technology News from South Korea

The security organization has been restructured around top management. SK Telecom integrates security strategy, threat detection and response, personal data protection, and security engineering functions under an integrated security center reporting directly to the CEO. The Chief Information Security Officer (CISO) reports major security issues directly to management and the board, and a red team operating directly under the CISO seeks out vulnerabilities in advance and links them to improvement tasks.

The white paper also included the implementation status of a total of 257 information security innovation tasks. As of June this year, 171 tasks were completed, for an overall implementation rate of 66.5%. The company aims to complete 37 tasks within 2026 and 49 tasks by 2027. By area, architecture and technology was highest at 69.3%, followed by personal data protection at 63.3% and governance and culture at 59.5%. However, the white paper did not include figures on exactly how many dedicated information security personnel had been added.

The technical framework was organized into five stages: identify, protect, detect, respond, and recover. The structure first identifies assets and risks, then applies protective measures for accounts, permissions, data, and networks, and uses AI to detect abnormal behavior. When an incident occurs, the company carries out damage-containment and recovery according to response procedures by type, including ransomware, DDoS, account takeover, web hacking, and personal data leaks. In the personal data protection area, the company is also pushing to expand customer-facing protection services, such as guaranteeing customers' rights to view, correct, delete, and halt the processing of their personal data, and responding to smishing and voice phishing.

Through the white paper, SK Telecom said, "Customer trust is not built by a single measure," adding that it would create a digital service environment that customers can use with peace of mind through continuous investment and execution.

Original reporting by Seo Ji-hye for Seoul Economic Daily.

AI-translated from Korean. Quotes from foreign sources are based on Korean-language reports and may not reflect exact original wording.

AI KEY

Preview
Korean Corporate Intelligence HubKOSPI · KOSDAQ · 12 sectors

A live, cap-weighted view of every KOSPI and KOSDAQ sector, with same-day Korean reporting distilled by company — built for foreign investors, correspondents and analysts who need to scan Korea before the next session.

Korea Chaebol Tree

Preview
Families Behind the GroupsKFTC May 2026 · DART filings

An English-first interactive map of Samsung, SK, Hyundai, LG and Lotte — built for foreign investors, correspondents and analysts. Korea translates companies into English. We translate the families behind them.

SIGNAL

Pre-register
English Edition · Capital MarketsM&A · IPO · PE · Fund Flows

Pre-register for SIGNAL English Edition — a premium subscription bringing Korean capital markets coverage (M&A, IPOs, private equity, fund flows) to global institutional investors. First access to the 50% introductory rate.