Manual: AI Security Threat Mitigation Manual (AI 보안 위협 대응 매뉴얼)
Publisher: Ministry of Science and ICT · Korea Internet & Security Agency (KISA)
Participating Institutions: SK Shieldus EQST Lab · TrustworthyAI Lab, Dept. of Industrial Security, Chung-Ang University (Advisor: Prof. Hoki Kim)
Download: KISA Notice
On July 8, Information Security Day, the “AI Security Threat Mitigation Manual”—developed by our TrustworthyAI Lab together with the Korea Internet & Security Agency (KISA) and SK Shieldus—was released.
The AI Security Threat Mitigation Manual was issued by the Ministry of Science and ICT and KISA, with SK Shieldus EQST Lab and TrustworthyAI Lab (Dept. of Industrial Security, Chung-Ang University; Advisor: Prof. Hoki Kim) taking part as participating institutions. The manual centers on field-ready checklists, roles, and response procedures, with a focus on strengthening an organization’s AI security capabilities. As AI technology spreads rapidly and new security threats emerge alongside it, the manual lays out—from a practitioner’s perspective—what organizations should check and who should respond and how.
Going forward, our lab will continue to pursue practical research and guideline development to strengthen AI security response capabilities across industry and the public sector.
📰 The following summarizes the Etoday article.
The Ministry of Science and ICT and KISA released the “AI Security Threat Mitigation Manual” and an “AI Security Red-Teaming Guide” to strengthen the security of AI services against emerging threats such as prompt injection, privilege misuse, and data leakage. The manual organizes threats across data, models, agents, supply chains, and high-performance models, and presents scenarios and countermeasures for eight sectors — finance, healthcare, public administration, education, manufacturing & energy, telecommunications, legal, and IT — pairing key risk cases for executives with diagnostic and response criteria for practitioners. The accompanying red-teaming guide covers the full process from planning to reporting, includes checklists, inspection tools, and job descriptions, and reflects the ISO/IEC 42119-7 international standard for field usability and global compatibility.
Jeonggyu Lim, Director-General for Information Security and Network Policy at the Ministry of Science and ICT, said that “security threats are evolving rapidly alongside the spread of AI technology,” adding that the ministry will continue to expand attack scenarios and advance its validation systems through the AI security red-team program.
Related Links
- Manual: KISA Notice
- News article: Etoday