0
Kim Myung-joo, Director of the AI Safety Institute, and Lee Jae-hyung, Head of the AI Security Response Team at the Korea Internet and Security Agency (KISA), deliver presentations at the '2026 ASC Conference' held in the main hall of Dreamplus in Gangnam-gu, Seoul on May 26. / Photo by Reporter Kim Min-ju

As Artificial Intelligence evolves into "agents" capable of autonomous decision-making and action, the tech landscape has entered an era where a single high-performance AI model can instantly uncover over 10,000 security vulnerabilities that had eluded humans for 27 years. Experts unified their voices at a recent industry event, asserting that as AI autonomy intensifies, the core variable in the AI race will pivot from "how smart the model is" to "how safe and controllable it is."

The International Association for AI and Ethics (IAAE) hosted the "2026 ASC (AI Safety Compass) Conference" on May 26 at the Dreamplus Main Hall in Gangnam-gu, Seoul. Marking its third anniversary, this year's conference focused on the theme of "AI Agent Security and Corporate Strategies for Implementing Trust."

During his opening remarks, IAAE Chairman Jeon Chang-bae stated, "Until now, humans and animals were the only entities possessing autonomy, but we are now at a juncture where AI is acquiring autonomous capabilities. As AI autonomy deepens, the issues of control, safety, and trust will become increasingly paramount." He also noted that the US Trump administration's shift from AI self-regulation toward ex-ante and mandatory regulation shares this very same context.

Kim Myung-joo, Director of the AI Safety Institute, took the podium and outlined core principles for managing the risks of agentic AI: granting minimum necessary permissions, ensuring traceable identities, and securing auditability. He explained that agents should only be allocated the bare minimum authority required for a task, and connections to unverified external services or plugin installations must be prohibited.

Director Kim also emphasized the necessity of a "Kill Switch" concept to halt AI activities immediately. "If an agent exhibits abnormal behavior, the system must be capable of cutting external connections and scaling back permissions," he said. "A human-in-the-loop framework is essential at critical decision-making nodes." As an example, he noted that a kill switch is indispensable to immediately freeze a stock-trading AI agent if it begins making reckless, uncoordinated bets.

Lee Jae-hyung, Head of the AI Security Response Team at the Korea Internet and Security Agency (KISA), diagnosed during his presentation that AI is transforming from a mere object of security into the "subject of security." Team Leader Lee remarked, "In the AI era, we have reached a point where we must redesign organizational structures themselves and carefully deliberate on how much operational scope to delegate to AI. Major threats are now emerging from AI misjudgments, uncontrollable decision-making, and dual-use dilemmas."

Concerns have mounted recently regarding the potential deployment of AI to automate hacking and cyberattacks. Because AI can generate highly manipulative smishing texts that exploit human psychology and break down language barriers to raise attack success rates, even non-experts are now empowered to become threat actors.

Lee also cited a striking real-world case involving Anthropic's high-performance AI model, Claude Mythos, which unearthed a massive volume of vulnerabilities that humans had missed for nearly three decades. "According to the preliminary findings disclosed on May 22, Mythos identified over 10,000 vulnerabilities within partner networks alone," Lee explained. "We have entered an era where powerful AI serves simultaneously as a weapon for hacking and a tool for defense." He reiterated the gravity of security, concluding, "To leverage safe and trustworthy AI, incorporating security features is an absolute prerequisite."

                                                                                                                Kim Min-ju