The Japanese government, which is pushing for the implementation of a ‘digital platform government,’ is working on the ‘network separation system’ in earnest.

The ‘network separation’ system, which has been gathering dust since its introduction in 2006, is subject to government overhaul.
News of the formation of a related task force is reported, and preparations for the ‘Zero Trust+ Guidelines’ are underway.
The government's choice is a network separation system that is safe but has a high cost and management burden.

The government is focusing on improving the cybersecurity system with a focus on network separation. It is said that a cross-ministerial joint task force (TF) to improve the network separation system was recently launched and is preparing related improvement plans. It is known that the TF is seeking ways to improve security through ‘Zero Trust’ guidelines while increasing the flexibility of the system by introducing a rating system.

Improvement of network separation system, why is it necessary?

Network separation is a system introduced in 2006 for the purpose of strengthening cyber security. It refers to measures to separate the ‘business network’ and ‘external Internet network’ to block illegal access and internal information leakage through the Internet network. Network separation methods are largely divided into △logical network separation, which divides the work network and the Internet network with one PC, and △physical network separation, which uses 1 PCs connected to the internal network and the external network, respectively. Introducing a network separation system can definitely strengthen cyber security, but there is also the risk that excessive regulations will reduce business convenience and increase budget burden.

The need to improve related systems began to emerge in earnest when the ‘digital transformation’ trend began in earnest. Various digital services such as generative AI, cloud, smart office, and SaaS-based subscription services have become common, and each company and organization has begun to utilize new digital technologies in earnest in their work. Non-face-to-face and teleworking, which have spread since the COVID-19 pandemic, also added weight to arguments for system improvement. At the National Defense Innovation Committee meeting held at the end of last year, President Yoon Seok-yeol listened to academic opinions that ‘the network separation system needs to be improved’ and ordered the National Security Office to conduct a related review in earnest. 

Since last year, the National Intelligence Service has been preparing the ‘Zero Trust Plus (+) Guidelines’ to improve the network separation system. The guidelines cover the entire information security field, including prevention (zero attack gaps), monitoring (zero false positives), response (zero internal malicious code spread), and recovery (zero response time when attacked). According to the guidelines, data is classified into three grades: Top Secret, Personal Information, and Public Service, and the grade is expected to be used as a standard to maintain or relax the current network separation policy.

The reason why network separation is ignored because it is “tricky and burdensome”

Why is network separation considered a ‘shackle’ of the current digital society? According to a 2019 survey by security company Illumio, only 19% of IT experts and companies surveyed responded that they were “currently applying network separation.” On the other hand, 55% of respondents said they had no intention of introducing or establishing network separation. The explanation is that building a network separation is a very difficult task, and it is a technology that security officials cannot adopt lightly.

The limitations of the introduction method are also clear. In the case of physical network separation using two PCs, security and safety are excellent, but the cost of equipment for separate networks and PCs is high. There is also a risk that information may be leaked or infected with malware through auxiliary storage media. Logical network separation, which separates the network into one PC, requires less hardware investment, but a large amount of network traffic burden occurs in the process of running a virtual PC and users connecting and using it as a client. The risk of firewall policy setting errors or malware infection through terminal server storage cannot be ignored.

From the government’s perspective, the network separation system is ultimately a task that will have to be fixed at some point. While the current government is pursuing the implementation of a digital platform government that emphasizes free data movement between the government and the private sector, network separation is acting as a barrier to establishing the ‘DPG Hub’, the highest level integrated platform for digital platform government. While the government’s efforts to improve the network separation system are in full swing, related industries are paying close attention to the direction in which the government’s improvement plan is going.