Integrated IT security company SGA Solutions said on Monday it will strengthen its business capabilities and solution framework to respond to demand from public institutions shifting to next-generation security systems, as the full implementation of the National Cybersecurity Basic Guidelines is forecast to begin in May.
The revised National Cybersecurity Basic Guidelines centre on N2SF, or laying the foundation for a national network security framework. They include security controls based on classifications such as confidential (C), sensitive (S) and public (O). They also include securing at least 15 percent of the informatization budget as a security budget, securing security staff of at least 10 percent of informatization staff, mandatory multi-factor authentication (MFA) for remote workers and information system administrators, and new security measures for AI systems and private cloud services.
SGA Solutions will support the shift to N2SF, focusing on a zero trust-based integrated security portfolio to meet demand from public institutions for changes to their security frameworks driven by the policy shift. It will support building an N2SF security framework by linking endpoint and cloud security capabilities with its full-stack zero trust solution SGA ZTA, its integrated identity and access management solution SecureGuard ICAM, and its system security solution RedCastle.
The company plans to enable public institutions to progressively implement detailed access controls, account and privilege management, endpoint protection, and server and system security by using a zero trust architecture that centres on policies based on various attribute values such as user, device, authority and access environment, along with dynamic access control.
SGA Solutions Chief Executive Young-cheol Choi (최영철) said, “The implementation of N2SF is a starting point for shifting the public security framework to a data-centric and policy-centric model, beyond a simple regulatory revision.” He said SGA Solutions will support public institutions to respond stably to policy changes based on experience accumulated through three consecutive years of carrying out the Ministry of Science and ICT’s zero trust project, and on capabilities spanning zero trust, ICAM, endpoint and system security. He added, “In an N2SF environment, the level of access control must vary by security grade, and for this a zero trust architecture centred on a policy decision point (PDP) is essential.” He added that the company will focus on providing an execution-oriented security framework that covers build and operation, not only consulting.
Click Here For The Original Source
