Anthropic's AI model 'Mitos' is shaking up the global security landscape. The Ministry of Science and ICT officially requested a prior sharing channel for security vulnerabilities from Anthropic's senior officials. Neighboring Japan is also pushing to secure access to Mitos. The US AI company Anthropic has emerged as a negotiation partner for governments.

This move is not simply a matter of technological gap. It raises a fundamental question: In the AI era, how do we protect our national security sovereignty?

In a structure where information about vulnerabilities discovered by Mitos is shared first with selected partners, a response gap is inevitable. Even if we sit at the table of cooperation, without our own capabilities, dependence is only a matter of time. It is time to fundamentally reconsider the initiative and response system of national security in the AI era. Both Korea and Japan face the same question.

The solution does not lie in waiting for stronger foreign models. It lies in jointly designing AI that reads attacks and security technologies that block them, using our own hands. By combining domestic security technologies with Korean large language models (LLMs), we can design vulnerability detection, penetration scenario analysis, and attack sign identification and response within a single system.

This combination is not just an abstract slogan. Korean LLMs can become a real-world security engine. The core elements are the "AI ethical hacker" that autonomously designs penetration scenarios and probes vulnerabilities first, and the "AI guardrail" that monitors attacks targeting operational AI in real time. When the ability to simulate attacks and defensive controls interlock within a single structure, the speed and precision of response become entirely different.

Along with this, control after penetration is crucial. Without authentication and access control, a system that has been breached once will collapse completely. Security questions are no longer limited to "how strong is the model?" We must also consider "how far can it move after penetration?"

War, too, is not just about weapons. Command authority, operational control, and friend-or-foe identification systems must all work together for effective control. If it is unclear whose command it is or how far entry is permitted, the front line collapses from within, not from outside. AI is no different.

Global big tech companies are already moving in this direction. Microsoft has introduced a system that assigns separate IDs to AI and manages access rights. Okta is moving toward identifying and controlling verified AI. OpenAI directly joined the board of the global authentication standards organization FIDO Alliance last month.

Related articles

South Korea also has the capacity to enter this competition. A representative example is the blockchain-based decentralized identity (DID) technology applied to national mobile ID cards. This is an important alternative that can record and verify the identity and activity history of AI actors without forgery or tampering. Combining this with domestic LLMs would further clarify the outline of an AI security infrastructure that is not dependent on external platforms.

Being under a security umbrella and designing its order are two different matters. A country that can design the entire process—reading attacks, preventing intrusions, and tracking actions—with its own technology will hold the security initiative in the AI era. AI security sovereignty does not come from a protected position, but from the ability to design it independently.

*The content of this column may differ from the editorial direction of this publication.