Public Sector Network Security Paradigm Shifts: N2SF Implementation Expands

The government is launching full-scale support for the adoption of a new network security framework for national and public institutions.

The Korea Internet & Security Agency (KISA) announced on Wednesday (June 17) that, in collaboration with the Ministry of Science and ICT, it has selected six consortia consisting of national and public institutions and security firms to carry out the "2026 National Network Security Framework (N2SF) Adoption Support Project."

N2SF is a system that classifies the operational information of national and public institutions into three levels—classified, sensitive, and public—based on importance, and applies differentiated security levels to each.

Until now, national and public institutions have operated business networks that handle sensitive data separately from the internet, in accordance with the National Intelligence Service's network separation policy. However, with the proliferation of new technologies such as generative AI and cloud computing, there has been a growing need for a new security system that can maintain high security standards while enhancing operational efficiency.

In response, the National Intelligence Service established N2SF last year to apply differentiated security levels based on information importance and officially formalized its adoption by revising the National Cybersecurity Basic Guidelines this year.

To support the adoption of N2SF and increase the understanding of related new security technologies among domestic security firms, KISA conducted a public call for proposals in March, totaling 4.5 billion won, targeting national and public institutions as well as domestic security companies.

This project is a follow-up to last year's pilot project, which verified the on-site applicability of N2SF. Its core objective is to support the implementation and application of N2SF information service models required by user institutions into their actual work environments.

Following document and presentation evaluations, KISA announced on June 1 that it has finalized the selection of six consortia. These groups consist of user institutions—including the Ministry of Climate, Energy and Environment, KEPCO KDN, the Ministry of Gender Equality and Family, the Korea Post, the Korea Expressway Corporation, the Korea Real Estate Board, and the National Research Foundation of Korea—along with the security firms that will support the implementation of N2SF information service models for each institution.

The selected security firms will support the N2SF adoption for the user institutions for approximately seven months, until December 2026.

Meanwhile, KISA plans to launch another pilot project in July to further verify the on-site applicability and security of N2SF information service models, such as secure wireless work environments and the use of generative AI, targeting central administrative agencies.

(Photo: Provided by KISA, Yonhap News)
※ Please note: This article was translated by AI and may contain errors.