News
Interview
"AI-fueled exploit surge — focus is the best defense"
2026.06.23

🗣 "You have to look at your company from the attacker's perspective, not the defender's. The first step is identifying your attack surface — leaked credentials, exposed data, and other assets visible from the outside. Beyond that, organizations need to move past passive, castle-wall defenses and build a proactive security posture that internalizes external threat intelligence and acts first."

CPO Jaeki Kim and Jongheon Yang, Head of the Threat & Security Intelligence Department (TALON), sat down with IT Daily to share their insights on the increasingly sophisticated cyber threats of the AI era and the surge in vulnerabilities.

According to Verizon's 2026 Data Breach Investigations Report (DBIR), vulnerability exploitation accounted for roughly 31% of all breaches — surpassing credential abuse for the first time since the survey began. This signals a shift in the center of gravity of security, from phishing emails and credential leaks to vulnerability exploitation.

Describing what this shift feels like on the front lines, Yang noted: "In the past, white-hat hackers had to hunt down vulnerabilities one by one. Now, AI-powered automation makes them easy to discover. We've gone from cottage-industry craftsmanship to factory-scale mass production."

He also proposed a defense strategy for coping with this flood of vulnerabilities: "The realistic approach is to drastically reduce the points of contact between hackers and your systems — what we call Attack Surface Management (ASM). ASM is about minimizing externally exposed areas and concentrating your security resources on the business-critical assets that must remain exposed. It also allows organizations to prioritize which vulnerabilities actually need to be managed."

Yang further highlighted the importance of penetration testing, now a mandatory component of ISMS and ISMS-P certification audits, adding that S2W offers a differentiated penetration testing model that goes beyond vulnerability detection by integrating ASM and threat intelligence (TI).

🔗 Read the full article: https://bit.ly/4eQaf6O 
🔗 Read more about Comprehensive Cyber Threat Intelligence Platform, QUAXAR: https://s2w.inc/en/product/pd02

List