Overview
- The National Security Office unveiled an immediate, government-wide check of 1,600 IT systems—288 infrastructure facilities, 152 public agencies, 261 financial firms, and 949 telecom and platform operators—as part of a short-term action plan.
- Regulators will conduct unannounced on-site investigations, and telecom carriers face high-intensity tests that simulate real-world hacking attempts.
- Penalties increase for failures such as delayed breach reporting or repeated data leaks, and all listed companies will be required to disclose cybersecurity spending.
- The National Intelligence Service will share investigative and forensic tools with the private sector, with an AI system expected to cut forensic analysis time from 14 days to five.
- Industry groups warn that proposals including CEO liability, expanded CISO authority, and a penalty-funded compensation pool could raise costs and dampen investment, calling for a unified national control tower.