1. Miyeon Yoon, Korea Internet & Security Agency
Document No:
GSC17-PLEN-83
Source:
Korea Internet & Security Agency
Contact:
Miyeon Yoon
GSC Session:
PLEN
Agenda Item:
10.3
Introduction to KISA
Miyeon Yoon,
Korea Internet & Security Agency

2. Contents 1. Foundation 2. History & Challenges 3. Key Facts
Contents are as follows.
Foundation
History & Challenges
Key Facts
And What we do
4. What we do
5. What we have done on Standardization

3. 1. Foundation Legislation Main Roles Internet Development
Act on Promotion of Information and Communications Network Utilization and Information Protection, Etc.
· Article 52 (Korea Internet and Security Agency)
- to upgrade the information and communications network, encourage the safe use thereof, and promote the international cooperation and advancement into the overseas market in relation to broadcasting and communications.
Main Roles
Internet Development
- Create a Better and Safer Internet Environment
- Encourage New Internet Related Services
- Policy Development and Law
Information Security on Public and Private sector
- Internet Incidents Prevention and Response
- Protection of Personal Information
- Management of Korea Network Information Center
International Cooperation
- International Cooperation on Broadcasting & Communication
KISA was established with basis of the Act on Promotion of Information and Communication Network Utilization and Information Protection, etc.
Our main roles are comprised of 3 parts.
1st is the internet development, which is to create a better and safer internet environment, and encourage new internet related services
2nd is the information security on pubic and private sector which is to prevent and response to the internet incidents, to protect personal information, etc
3rd is the international cooperation which is to cooperate in the areas of broadcasting and communications with other countries and international organizations like World Bank.

4. 2. History & Challenge
MISSION
Building up sound and safe Internet environment
and carrying international cooperation for broadcasting
and communication
VISION
Becoming the world-wide professional agency for
internet & information security
Korea Internet & Security Agency
(merger of KISA, NIDA and KIICA, 23rd. July)
Our organization, KISA was unified with 3 organizations, which are KIICA, NIDA and KISA in July 2009.
Main role and job of information security has been carried out by Korea Information Security Agency since 1996.
Korea IT International Cooperation Agency (KIICA)
National Internet Development Agency of Korea (NIDA)
Korea Information Security Agency (KISA)

5. <Annual Budget>
3. Key Facts
Staff : 568 Staffs
Structure : 1 Center, 4 Groups, 10 Divisions, 46 Teams
Budget : ₩ billion ($122million)
(Unit : billion in Korean Currency)
84.5
154
127.1
Currently, KISA comprised of over 500 staffs, comprised of 1 center, 4 groups, 10 division and 46 teams.
Amount of budget is about 122 million dollars as of 2012.
132.6
<Annual Budget>

6. Management Support Division
3. Key Facts
Organization Chart
President
Public Relations Division
Internal Audit and
Inspection Section
Korea Internet Security Center
Information Security Group
인터넷진흥본부
International Cooperation
Center
Management Planning
Group
Internet Development Group
Internet
Policy
Research
Center
Industry
Development
Division
Culture
Management Support Division
Korea
Network
Information
Personal
Protection
Security
Public
Incidents
Response
Prevention
This is current organization chart, and it’s getting bigger with the ICT development and growing importance of information security of Korea.
Main function of information security has been carried out by Information security group and Korea Internet Security Center as you can see in this diagram.
The two red box groups have mainly responsibility for standization of internet and security parts.
4 Teams
7 Teams
3 Teams
12 Teams
10 Teams
KISA Academy,
6 Teams
3 Teams

7. Korea Internet Security Center
4. What we do (1/4)
Information Security
[Public Sector Information Security]
Critical Information Infrastructure(CII) Protection measures & support for incident recovery
Information Security Consulting for e-Government services, and G-ISMS
SW assurance services for IT security product(smartcard, firewall, etc.)
Operating Root CA for National PKI & Promoting PKI usages
[Personal Information Protection]
Operating the Privacy Incident Response System (PIRST) 24/7
Operating 118 CALL CENTER 24/7
Providing Consultation & Alternative Dispute Resolution(ADR) for personal information dispute
Korea Internet Security Center
[Reliable and Secure Internet Environment]
Operating Korea Internet Security Center(KrCert/CC)
Early detecting and responding to prevent damages from Internet incident
Strengthening domestic and international cooperation for incident response
Operating Spam Response Center
Strengthening collaboration with specialized institution(agency)
Supporting developing countries to establish CERT(Computer Emergency Response Team)
In the area of information security, KISA is in charge of public sector information security and personal information protection in private sector.
And KISA operates KISC, Korea Internet Security Center.

8. Internet & Security Research Better Internet Environment & Development
4. What we do (2/4)
Internet & Security Research
Providing the Issue Report on Global IT, ICT Policy Trends etc
Studying legal system related with Internet and Supporting governments’ enactment
Analyzing Internet & Security Policy and Statistical Research on Internet Businesses
Making effort to improve legal system in compliance with ICT convergence environment
[International Cooperation]
Strengthening ICT SMEs’ capabilities for global market
Hosting ICT training programs and creating human networks
Promoting cooperation in ICT areas with International Organization such as OECD, ITU, World Bank
Developing and sharing best practices for cyber security policy and implementations
Better Internet Environment & Development
[Better and healthier Internet environment]
Raising awareness of youth about the importance of Internet
Researching on global issues on Internet ethics
Running national campaign to make beautiful Internet world
[Industry Development]
Testing and certifying service for domestic biometric system [K-NBTC]
Developing new services for Near-Field Communication(NFC)
Promoting domestic cloud services and cooperating with global partners
Also KISA provides the issue reports on global ICT policy & technology trends and analysis of internet & security policy.
To make better internet environment, KISA has been doing various tasks such as, raising the awareness of youth, research on internet ethics and national campaign.
And also, KISA has developed new services of Near Field Communications and promotion of domestic cloud services and cooperation with global partners like MS, and google.

9. 4. What we do (3/4) Standardization Activities - Security
[Development of Standards for Infrastrucure Security Technologies in Smart Environment]
Smart grid and Mobile phone technologies in ITU-T
USN and sensor network technologies in ITU-T
Cyber securities in ITU-T
Multicast technologies in ITU-T and ISO/IEC
Cryptography and Applied cryptography technologies in ISO/IEC, ITU-T and IETF
[Development of Standards for New-convergence Technologies on Mobile Biometrics ]
Mobile biometrics technologies in ISO/IEC and ITU-T
Medical & mobile securuty for telebiometics in ITU-T
Telebiometrics technologies in ITU-T
Testing Techniques for biometrics in ISO/IEC
Standardization Activities - Internet
[Standardization of Internet Address Resources and OID-based application technology]
Research and national standardization on internet addresses resources (domain, IP address, DNS)
Standardization of OID resolution system and expanded application of OID in various areas

10. 4. What we do (4/4) Current Works Current Works
[Development of Standards for Infrastrucure Security Technologies in Smart Environment]
ITU-T, (X.sgsec-1)Security functional architecture for smart grid services using telecommunication network
ITU-T, (X.msec-8)Secure application distribution framework for communication devices
[Development of Standards for New-convergence Technologies on Mobile Biometrics ]
ITU-T, (X.1092)Integrated framework for telebiometric data protection in e-health and telemedicines
ITU-T, (X.tam)guideline to technical and operational countermeasure for telebiometric applications using mobile devices
ISO/IEC WD TR 30125, Biometrics - Use of mobile biometrics for personalization and authentication
ISO/IEC WD Rev1, Conformance Test for BioAPI part 1 – Test methods and Procedure(Revision)
ISO/IEC FDIS , Biometric data interchange format part14- DNA data/AMD.1 : Conformance testing methodology
Current Works
[Standardization of Internet Address Resources and OID-based application technology]
Researching on next identification system on IoT(Internet of Things)
Developing OID resolution system and its test-bed

11. 5. What we have done

12. Thank you!
Thank you very much.