Home > Business > Industry

Major Korean firms spend annual average of $2.1 million on cybersecurity

Published: 26 May. 2025, 10:22

Customers wait in a line to replace their SIM cards in front of an official SK Telecom retailer in Seoul on May 20. [YONHAP]

Korea's major companies spent an average of 2.9 billion won ($2.1 million) per year on information protection, industry data showed Monday.

According to data from the Korea Internet & Security Agency (KISA) and other sources, 10 local companies each invested over 100 billion won in cybersecurity over the past three years.

Samsung Electronics topped the list, spending a total of 712.6 billion won from 2021-2023, followed by telecom giant KT, which invested 327.4 billion won during the same period.

SK Telecom, the country's largest mobile carrier that recently suffered a large-scale data breach, came in third with 251.5 billion won in spending.

Other companies in the top 10 include Coupang, SK hynix, LG U+, Samsung SDS, Woori Bank, Naver and LG Electronics.

In 2022, the Korean government mandated that companies operating network infrastructure or generating over 300 billion won in annual sales disclose their cybersecurity investment.

A total of 746 companies reported their spending on information protection for 2023, investing a combined 2.1 trillion won, up from 1.5 trillion won by 658 firms in 2021.

The average annual spending per company increased 24.5 percent from 2.3 billion won in 2021 to 2.9 billion won in 2023.

However, experts warn that many Korean firms remain highly vulnerable to cyberattacks due to relatively weak security capabilities.

"In terms of investment, most companies in Korea have far lower security capabilities than SK Telecom, which was the latest victim of a cyberattack," one industry insider said. "Many are more vulnerable to advanced hacking techniques, and some may have already been breached without even knowing it. Companies need to stay alert and undergo thorough security checks."

Yonhap