Financial AI Security (PART 1. Basics)

- Policy revision for establishing cloud management systems (CSP/MSP contracts and SaaS contracts) - Vulnerability assessment for ISMS-P/ISO27001 certification or major information communication/electronic financial infrastructure response in cloud environments (public/private asset identification and vulnerability remediation) - Security operations and incident response in cloud environments - ISO27017&ISO27018 certification response

- Understanding the establishment and inspection of personal information management systems in accordance with the Personal Information Protection Act - Inspection and status assessment of personal information processing systems - Creation of personal information flow charts and flow diagrams - Identification of personal information breach factors - Publication of personal information impact assessment summaries

Training on inspection know-how for privacy officers, business department managers, and trustees subject to consulting Providing improvement plans for negligent trustee management and supervision, and detailed explanations of inspection methods

In Financial AI Security (PART 1. Basics), I provided an overview of AI security. Please note that this is a practitioner's training session on the AI inspections required during actual security reviews for penetration testers (Red TEAM). This lecture contains practical content and explains how to perform penetration testing on technical aspects (including checklists). When studying, you may find AI difficult, or you might find that many companies have failed to apply AI guidelines because they are focused on modeling, making reviews challenging. I expect many companies have received various feedback during audits regarding the establishment of AI security governance. This is naturally because there is no clear evidence of AI security within internal operations. Now is the time to establish it. I hope you study AI security and pursue a path as an AI security professional.

This training was created to first help privacy officers recognize and understand the requirements for establishing a proactive protection system, as previously announced through the June 2026 Personal Information Protection Act and the Personal Information Protection Commission's (PIPC) compliance inspections. It aims to help companies review their current status, identify areas for improvement, and establish future action plans. Based on over 8 years of experience in providing advisory and consulting services for personal credit information protection, this course is designed to support strategy formulation and the preparation of reporting documents for executive management.

The shortage of PMs in security consulting firms is a persistent issue. Consequently, there are many cases where individuals in their 40s and 50s from completely different fields have been entering the industry to handle PM duties and client communications. Since these PMs in their 40s and 50s lack experience in technical areas, consulting, and security, they find the work very challenging. They often join with the mindset of learning through handovers from other PMs. I have also been providing training and handovers to these PMs based on the following content, and the satisfaction levels have been high.

Achieved the highest rating for all clients over 6 years of performing Personal Information Protection Level Evaluation consulting for public institutions (covering various types from central administrative agencies to public enterprises, small-scale public institutions, and local governments), maintained the highest rating for all (continuous consulting experience with the same institutions), and holds a track record of achieving a perfect score of 100 (ranked 1st nationwide). Based on the 2026 manual, it is possible to effectively allocate the necessary tasks and performance records for writing quantitative/qualitative reports considering the strengthened penalties and changed indicators following the Coupang incident. Depending on the company's situation, it is fully possible to be designated as a best practice through either over-investment or strategic passive response.

Insufficient capability to audit new technologies (cloud management systems) due to a lack of theory and knowledge among management system inspection personnel. Training to strengthen the expertise of personnel who proactively prevent incidents by identifying management system deficiencies to protect companies from hacking. Training for existing infrastructure and penetration testing personnel to transition into management system roles. Securing definitive capabilities and materials through the provision of back data!

In cases where there is a lack of experience with electronic financial infrastructure due to only having experience in critical information and communications infrastructure, or where there is a lack of overall understanding of infrastructure projects due to insufficient experience as an Infrastructure PL or PM despite having experience with servers, DBs, networks, and security equipment, it is necessary to secure assessment capabilities for network infrastructure check items and provide assessment back-data.

As PaaS (previously categorized as WEB/WAS) in public and private cloud environments is integrated into in-house PaaS operations, this training is designed for Infrastructure Project Leaders (PLs) overseeing approximately 10 infrastructure inspection personnel, as well as vulnerability assessment specialists. The curriculum covers certification requirements such as ISMS-P, including cloud asset identification, asset classification, importance rating, and risk assessment reflection. It also addresses the 2026 Financial Company Security Standards (for Electronic Financial Infrastructure Vulnerability Analysis and Evaluation), which include the establishment and strengthening of container inspection and private cloud management system inspection items, as well as the addition and modification of virtualization and cloud items within Critical Information and Communication Infrastructure.

Lack of back data for private cloud inspections!! A severe shortage of experienced personnel for IaaS inspections!! Improve practical skills by providing back data and utilize it for various certifications such as Major Information and Communication Infrastructure, Financial Security Institute (FSI) assessments, ISMS-P, ISO27001, etc. Professional training for Infrastructure Project Leaders (PLs) who manage around 10 infrastructure inspection personnel. Providing inspection data and understanding of the technical areas within the cloud management framework!

Providing insights and materials for overall management of penetration testers (WEB, Mobile, HTS) targeted at Project Leaders who oversee financial company mock hacking/penetration testing. Situations have occurred where "blank" reports are repeatedly submitted when no vulnerabilities are found in each part (the same applies to the public sector). Therefore, controls are implemented to ensure that inspection results for each item are produced in the same format as educational materials. Perform inspections tailored to each theme and utilize them for security reviews and internal security deliberations to verify results.

Conducting Windows server competency training to break the trend of new and career-transitioning security consultants focusing solely on Linux servers. Understanding the Windows OS and its relationship with servers and programs installed on the OS, such as PC, WEB, WAS, and DBMS. Understanding vulnerabilities and continuing vulnerability assessment and improvement activities.

Education on the most basic Linux server inspection methods and items due to the continuous assignment of new security consultants for vulnerability assessment and the continuous placement of experienced professionals from other fields into management roles. Risk assessment for risk evaluation (remediation planning) and implementation review. Understanding and application of third-party security solutions. Establishment of the ISMS-P management system through appropriate analysis of technical and administrative domains.

Classification of inspection items and establishment of an inspection plan (strategy) during network inspection Establishment of inspection criteria considering the risk and difficulty of actions Inspection of network service items and strategies for utilizing server access control solutions Command-based inspection after remote network access and preparation of risk assessment reports Interviews with network personnel and application of manual inspection items

A lecture for security consultants who have experience only in Linux, DB, WEB, networks, and security equipment, but lack experience with PCs. Securing response capabilities for cases where PC inspections are replaced by security solutions or conducted via scripts. Categorizing inspection items to prepare inspection strategies and establish response strategies based on inspection experience. One of the business improvements (KPIs) to shorten inspection time and increase accuracy.

Security equipment cannot be inspected using scripts or solutions like databases. Experienced personnel must be assigned. Difficulty in recruiting, including experienced individuals, diligent diagnosticians, or freelancers. Numerous defects found during ISMS-P certification of security equipment; skill levels vary significantly depending on the inspector. Sharing inspection methods and management strategies (methodologies, etc.) for security equipment with those who need them.

Database vulnerability assessment training for the protection of critical information and communication infrastructure in the public sector. Demand for vulnerability assessments arises as a legal requirement. Characterized by the need to secure sufficient assessment time and budget, particularly in the public sector. Lack of specialized personnel for vulnerability assessments in the public sector. Lectures for establishing protection measures in response to revisions of critical information and communication infrastructure and annual changes.

This content is composed of insights from experienced professionals—ranging from newcomers to those with 35 years of experience—performing vulnerability analysis and evaluation for Financial Security Standards and Major Information and Communication Infrastructure. It is designed to provide valuable information for new employees or experienced professionals transitioning from other fields. Among the various types, Database was selected, and the evaluation criteria are based on the Financial Security Standards. While basic training or handovers are typically based on the previous year's standards, I believe it would be helpful to familiarize yourself with various analysis techniques as well. Since diverse strategies are required for accurate and rapid diagnosis within a limited timeframe, this may also be beneficial for PMs who plan from the perspective of methodology and approach.

Career concerns in security consulting: 5 hours of audio explanations covering career solutions from entry-level to 30-year veterans. Includes mental stability and salary negotiation strategies for new security consultants or those struggling to adapt. Includes methods for upgrading job skills and improving internal/external reputation. A lecture designed to resolve concerns for those considering a job change or career path shift.

Genspark Ambassador's Lecture >> Genspark, the AI Super Agent that smartly handles everything from PPT, Excel, images, and videos to Vibe Coding! You’ve been waiting because there were no lectures or books that covered Genspark in depth, right?! Rated 4.8 by 100 students ⭐️⭐️⭐️⭐️⭐️ After using it for a year, I have organized all the detailed features into extensive learning materials and a 4-hour lecture. If you know how to use it, Genspark solves all your work; if you don't, it just eats up your credits. Increase your productivity by 300% through this lecture!

Have you wanted to make good use of AI, but felt it was too difficult and complex to get started? This course was prepared specifically for you. Rather than complex theories or difficult technical explanations, we have selected only the practical applications that professionals can use in their work immediately. From schedule management and meeting minutes to press releases, reports, presentation materials, image generation, infographics, and automation of repetitive tasks. We explain in simple terms how to connect AI to the tasks that professionals encounter most frequently. Point 1. Reduce Work Time - Learn how to quickly handle repetitive tasks such as organizing meeting minutes, managing schedules, and drafting reports. - Understand the workflow of generating and editing practical documents like press releases and proposals on the spot. - Shorten overall work speed by connecting multiple tasks into a single flow. Point 2. Improve the Quality of Results - Learn structuring methods to make reports and presentations more readable and persuasive. - Create various outputs such as PPTs, images, and infographics all at once. - Improve visual quality using data and design guides. Point 3. Utilize AI as a Work Partner - Go beyond just using features and understand how to integrate AI into your specific workflow. - Consistently derive desired results based on prompts and data. - Learn collaboration methods that maintain context without the need for repetitive instructions.

The start of smart work - work intelligently anywhere, mobile or PC! Go beyond the limits of content creation with the most advanced Google AI tools available today.

There may be people who have never taken my lecture, but no one has taken it only once. After teaching in person for so long, I have finally had the opportunity to create this online course. Since the commercialization of AI, I have produced and researched countless pieces of AI content. Based on that knowledge and experience, I have built a logical philosophy of my own and organized it into concepts that are easy for anyone to understand. For those who have been generating AI images without considering the underlying concepts, I will instill a proper foundation in you. Once you take this course, you will be able to create any AI image in the future. Have you never created an AI image before? That’s perfectly fine. You don't need any prior experience in AI image generation. By simply learning and practicing through this lecture, you can become an expert in AI content creation.

Are you using AI but still unable to get it to do the work for you? This course is not just about simple usage; it is a process of creating your own "high-performing AI assistant." By mastering everything from prompt principles to personalization settings and task automation at once, you can delegate repetitive tasks to AI and create a new way of working that allows you to focus on your core responsibilities.

This course is designed to learn the fundamental theories and practical processes necessary for applying AI modeling and service planning to real-world work environments. Learners can acquire essential foundational knowledge to skillfully perform AI modeling projects and experience various practical procedures used in actual business settings. The course is specifically structured to provide step-by-step learning of the entire workflow from AI service environment analysis → goal setting → requirements analysis → service model design → scenario planning → utilization planning → execution plan development → performance evaluation planning. Through this approach, learners can develop systematic thinking and practical application skills for how to introduce and utilize AI from business and service planning perspectives, rather than limiting themselves to purely technical learning. Upon completing this course, learners will understand the overall planning and execution process of AI projects and will be able to strengthen their capabilities as AI service planners, PMs, and data-driven strategists in actual corporate environments.

We will create various design outputs such as logos, product photos, mockups, banners, wedding snaps, invitations, POPs, menus, and product detail pages using ChatGPT Images 2.0. This is a practice-oriented course where you will learn how to write prompts to achieve your desired results and master template structures that can be used repeatedly.

Build a Saju (Four Pillars of Destiny) analysis AI agent that integrates Manseryeok, Astrology, Zi Wei Dou Shu, Onomancy (Name Study), and MBTI using n8n workflows and Python algorithms. We will complete a production-level service system from start to finish where 13 specialized agents collaborate to generate professional-grade Saju reports.

Create high-quality AI videos with Midjourney & Runway. Director Dong-ah Kim, who collaborated with Samsung, will personally guide you through the step-by-step process of AI video production based on a virtual brand.

This course is a practical training program that utilizes various generative AI tools such as Napkin AI, Gamma AI, Felo AI, Imagen 3, and Suno AI based on ChatGPT to automatically generate and utilize content needed in real office environments. It focuses on multimodal content creation capabilities including report summarization, presentation composition, image generation, and music production, and includes hands-on practice of application cases for each task that leverage the characteristics of each tool.

The lecture explains why the harness is more important than the model through the Claude Code architecture. It covers how to design the Claude Code task system using six structures: Context Harness, Permission Harness, Verification Harness, Tool Harness, Subagent & Worktree Harness, and Debugging Harness. Afterward, it connects these concepts to CLAUDE.md, session management, large codebase control, worktree parallel operations, error log analysis, and tracking environment variables and configuration scope issues, establishing the standards for continuously using Claude Code in practical backend and DevOps workflows.

AI is no longer a choice, but a matter of survival. Shorten development tasks that used to take 3 days down to 30 minutes; leave repetitive tasks to AI and focus on solving more important problems. Through AI-native development methods that are practical rather than theoretical, we will show you the definitive way to be recognized as an "AI-savvy developer" at your company.

Learn context engineering techniques for creating high-quality AI agents through hands-on practice.

In the rapidly changing era of AI, IoT, metaverse, and blockchain, understanding technology alone is not sufficient. This course is an introductory guide designed to help you easily identify the security risks brought by the latest digital technologies in just 1 hour. With easy explanations that can be understood even without technical background knowledge and a composition centered on real-world cases, you can organize the security points you must know in the next-generation digital environment all at once.

Notes keep piling up, but work only gets busier. Structure your notes with Obsidian and transform your workflow to be faster and easier.

: "From Mathematical Foundations to the Latest Models, Completing the Deep Learning Pipeline with PyTorch (44 Lectures in Total)" The era of simply learning how to call model.fit() is over. From the very basics of artificial neural networks—differentiation and gradient descent—to essential PyTorch techniques used in the industry, and CNN/RNN for handling image and time-series data! We will help you systematically master the entire process of deep learning. Go beyond analyzed data and step into the amazing world of deep learning, where artificial intelligence mimicking the human brain learns and makes decisions on its own.

This course is a hands-on program that covers everything from the basics of understanding and utilizing AI platforms to AI image generation technology. Learners can master the fundamental concepts and tools of AI and develop the ability to generate AI images using these skills. The course is designed to be easily accessible even for learners who are new to AI technology, providing an opportunity to quickly master AI image generation techniques that can be applied in real life.

Beyond the era of simply using AI, we are now in an era that requires people who can design AI. This course is a master roadmap that systematically organizes the entire design map of AI agents, from "Introduction → Structure → Design → Operation." Based on RAG, Tool Calling, Memory, and Multi-Agent structures, you will learn how to design and scale AI agents from an architect's perspective. If you want to grow into someone who designs AI systems rather than just someone who "uses" AI, this course will provide the direction.

This course is an AI music generation introductory program designed so that even learners who are new to artificial intelligence (AI) technology can easily understand and follow along. Through the lectures, you will learn the basic concepts and usage methods of AI platforms, and proceed step-by-step through hands-on practice to create your own music using these tools. Going beyond simply pressing buttons to make music, this course guides you to understand the principles of AI models and the key factors that influence music generation, and to complete creative results by adjusting the desired atmosphere, genre, and instrumental composition. Upon completing the course, you will gain confidence in using AI in a friendly manner, along with AI music generation capabilities that can be applied to various fields such as daily life, projects, and content creation.

[Up-to-Date Knowledge for Current Times] 1. Changes brought by AX, ChatGPT, and robot technology. 2. Commonalities of Blockbuster-Kodak Film-Nokia. 3. Five Current AX Keywords. - OOOO coin to maintain dollar hegemony. - Musk's OOOO to cut government operating costs. - Trump's OOOO strategic reserve. - China's OO kindergarten, OO receiving private education. - China's OO factory, with no workers, OO is no longer needed. 4. ChatGPT/Gemini/Grok - Write prompts based on previously learned content and compare results - Generate images with Claymotion infographics