By Ian Werther in News — 16 Mar 2026

South Korea Allocates 3.24 Billion Won to Strengthen SMEs' Cybersecurity

The Ministry of Science and ICT (MSIT) said on the 16th that, with Korea Internet & Security Agency (KISA) and the Korea Information Security Industry Association (KISIA), it used the 2025 second supplementary budget to strengthen cybersecurity for regional and small- and medium-sized enterprises. The move aims to address concerns that local economies and smaller firms lag in preparedness after recent widespread cyber incidents.

The program allocated a total of 3.24 billion won to 2,242 companies holding IT assets for attack surface management, a process that scans external-facing assets such as websites, emails, and servers to identify vulnerabilities. About 90,000 vulnerabilities were discovered, and each company received an analysis report plus expert consulting, enabling faster assessment and remediation.

Looking at the empty Security Council chamber of the United Nations at their Headquarters in New York — Representative image for context; not directly related to the specific event in this article. License: CC BY 4.0. Source: Wikimedia Commons.

In addition, 567 organizations with 757 participants took part in emergency cybersecurity training for incident prevention, detection, reporting, and response. A parallel product consultation component involved 22 security companies and yielded more than 500 consultations, tying education to market opportunities for domestic security firms.

The package also supports a web-based Security Investment Guide to help SMEs identify their IT assets, assess current security levels, and prioritize investments within their budget. The guide will be freely accessible through the KISA Regional Information Security Center network at risc.kisa.or.kr and is expected to be released in the second quarter after security reviews.

Looking directly at the empty Security Council chamber of the United Nations at their Headquarters in New York — Representative image for context; not directly related to the specific event in this article. License: CC BY 4.0. Source: Wikimedia Commons.

Im Jeong-gyu, director of the Information Security Network Policy at MSIT, said regional SMEs are a economic backbone and central to the industrial supply chain, but often lack resources for cyber defense. He noted the program’s results will shape stronger ongoing support for SME security capacity.

For international readers, the program illustrates Korea’s efforts to harden its SME base against cyber threats—crucial because many U.S. companies rely on Korean suppliers, manufacturers, and technology vendors. By improving the cybersecurity resilience of these firms, Korea aims to reduce disruptions in cross-border supply chains, safeguard digital infrastructure, and bolster collaboration in security and technology markets. The initiative also highlights how Korea is expanding its domestic cybersecurity industry through public–private partnerships, with KISA and KISIA playing central roles.

Subscribe to Journal of Korea