The Center for Strategic and International Studies has released a report recommending that the United States and South Korea develop a new mechanism to advance their cyber defense cooperation.
According to the study, cyber defense cooperation options are limited under the two countries’ Mutual Defense Treaty, as currently being pursued through the U.S.-South Korea Strategic Cybersecurity Cooperation Framework, or SCCF. The MDT’s provisions mainly cover armed aggression.
Join the Potomac Officers Club’s 2025 GovCon International Summit on Oct. 16, where discussions on global collaboration and defense are expected to uncover potential opportunities for contractors. Register today!
Future-Forward Approach
The research suggests a new cooperation structure that includes a more proactive defense approach against malicious activities, including cyberthreats outside combat battlefields.
The 10-page CSIS paper also recommends that common U.S.-South Korea cyberthreats be defined for a proactive cyber defense partnership. Besides North Korean threats, which South Korea mainly focuses on with an offensive response, the study identified China and Russia as common cyber threats for Seoul and Washington.
The paper suggests that the various elements that should be included in identifying and assessing common risks include the threat actors’ technical capabilities and infrastructure footprints.
Cyber Framework Revamp
In addition, the CSIS study recommends that South Korea revamp its national cybersecurity organizational framework to a setup similar to the single command structure in the United States that could initiate speedy cyber operations.
The paper noted that the South Korean National Intelligence Service and the Cyber Command under the Ministry of National Defense are both empowered to conduct proactive defense, which may delay cyber defense operations.
To pursue Seoul-Washington partnerships under the SCCF, NIS signed a memorandum of understanding with the U.S. Cybersecurity and Infrastructure Security Agency in November 2023 to define collaboration areas, including regular consultations on technical capabilities to address cyber threats.