[Security Company to Watch in 2026] PNPSECURE : “Launching New Zero Trust Lineup to Redefine the Market
![[Security Company to Watch in 2026] PNPSECURE : “Launching New Zero Trust Lineup to Redefine the Market](/content/images/size/w2000/2026/02/---------------------------------_2026--------------------------------------------------.png)
“Major Upgrade to Encryption Solutions… IPO Under Careful Consideration, Options Open”
CEO Chun-oh Park
“By launching a new Zero Trust lineup that will reshape the market and by making a major performance leap in our flagship encryption solutions, PNPSECURE will focus all of its energy this year on customers who have one urgent, unwavering need: they never want to be hacked, under any circumstances.”
Chun-oh Park, CEO of PNPSECURE, shared this vision in a New Year interview with ZDNet Korea on the 2nd, stating that the company will concentrate its full capabilities on meeting the intense demand from customers who “absolutely do not want to be compromised, no matter what.”
PNPSECURE is recognized as a pioneer of database access control in Korea. Founded by Park in December 2003, the company is also known for delivering net profit margins of over 30 percent for more than a decade since 2010. Below is a Q&A interview with CEO Park.
Last year saw an especially high number of major security incidents. How do you see the security market evolving this year?
“In 2026, there is one defining question for the security market: why do hacking incidents keep happening even after security solutions are deployed? This year will be a process of finding a fundamental answer to that question. If the market so far has leaned toward checklist-style deployments for compliance, 2026 will mark a complete shift in paradigm toward practical, battle-ready implementations that can truly block attacks and prevent data leakage. In that context, I believe six ‘real-world security’ trends will lead the market this year.
First is Visibility-First security. Real-time discovery of shadow IT, hidden IT assets, will become a prerequisite for any security initiative, as organizations aim to eliminate blind spots entirely.
Second is Dynamic Data Governance by data classification. With the adoption of N2SF-style grading, intelligent security that dynamically adjusts privileges based on data criticality levels such as C, S, and O will become the standard.
Third is strengthening Physical-Based Identity verification. Verification technologies that confirm whether a real person is physically operating a keyboard or mouse, through human interface device input validation, will become the last line of defense against remote attacks.
Fourth is AI-Driven user behavior analytics. AI will learn command patterns and session flows to proactively identify tunneling bypass attempts and early signs of anomalies.
Fifth is the rise of Shadow AI security. Technologies that control pathways through which critical data may leak to external AI services will become a must-have element of enterprise security.
Sixth is the normalization of Micro-Segmentation. By isolating servers and PCs into independent security boundaries, organizations will increasingly adopt approaches that fundamentally block lateral movement. Ultimately, in 2026, customers will rebuild their security architectures based not on which product they purchased, but on whether the technology can actually sever the links in a real attack chain.”
Which customer segments will PNPSECURE focus on this year?
“We will focus all of our capabilities on customers who have an urgent need to never be hacked, under any circumstances. Our core target is enterprises that want to break free from the fear of attackers taking over internal servers after infiltration, or ransomware spreading across the entire organization.
Our strategy for customers seeking ‘root-level defense’ for internal servers is as follows. Some customers say, ‘Even if ID and password credentials are compromised, the server itself must remain safe.’ For them, we use physical input validation to block, at the kernel level, any manipulation attempt where there is no real person in front of the screen, even if a hacker connects remotely. For customers who want to treat internal servers as a protected sanctuary, this is a complete answer.
For customers who want to escape the fear of ransomware ‘spreading,’ the true danger of ransomware lies not in a single infection, but in lateral movement that propagates through the network and shuts down the business. Through micro-segmentation, we densely separate pathways between servers and PCs so that even if an incident occurs, it can be contained and sealed at a specific point immediately. We intend to end tragedies where ransomware brings an entire enterprise to a halt.
We also have a strategy for customers concerned about data leakage and security blind spots. Unmanaged shadow IT and leakage of core assets through external AI services such as ChatGPT are among executives’ biggest worries. By providing real-time visibility across enterprise assets and an integrated framework that automatically blocks exfiltration pathways, we will help customers build a security environment that lets them truly rest easy.”
Please tell us about new products or upgrades coming this year.
“Starting with new products, we are strengthening the DBSAFER ZT lineup. This is a new product family we will launch to complete a Zero Trust security architecture. In addition, ZT Locker and ZT ICA will combine implicit continuous authentication and physical input validation to block remote hacking. WAC will monitor Shadow AI leakage to external AI services, and PAM will set a new standard for privileged account management.
We also have a major upgrade. DataCrypto is a representative example. As a file encryption solution that has long stood as a source of pride, DataCrypto will be released in an upgraded version optimized for the 2026 environment, significantly enhancing kernel-level performance and security. As the last line of defense for data protection, we will further solidify the standing of Korean security technology.”
There are expectations of increased hacker attacks leveraging AI this year. How are you responding?
“In 2026, hackers will use AI to precisely replicate human behavior patterns and will neutralize traditional logical security systems through large-scale automated attacks using AI bots. In response, PNPSECURE has built a practical, optimized response framework aligned to each attack method.
First is neutralizing AI-driven bot attacks. AI excels at automated attacks that attempt thousands of connections per second. However, we verify at the kernel level whether there is a genuine physical input signal from a keyboard or mouse at the moment of resource access. Even if a hacker uses AI to generate virtual keystrokes or runs automated scripts in batch mode, any action without a real person present is blocked at the physical stage.
Second is identifying attacks that mimic human behavior. AI-powered attackers can learn a user’s normal working patterns such as login times and data transfer volume and impersonate legitimate users. To counter this, we have applied an unsupervised learning model. Without administrators defining separate rules, our AI analyzes daily profiles across many users to build individual baselines on its own. Even if a hacker mimics human behavior, subtle anomalies are detected as vector outliers and immediately isolated.
Third is blocking AI-driven intelligent data theft. If an AI attacker steals privileges and attempts to download large volumes of data, our AI compares the activity against real-time scenarios and assigns a risk score. At the same time, an encryption module verified by the National Intelligence Service is used to rigorously protect access records, fundamentally preventing hackers from attempting to manipulate, forge, or tamper with traces of intrusion such as logs.”
Zero Trust is also expected to become more active than last year.
“Our Zero Trust strategy goes beyond ‘entry control’ and focuses on practical control of actions. Through six core strategies, we will fully defend areas that perimeter security has missed.
First is securing visibility and removing shadow IT. We detect all unauthorized assets in the network in real time, eliminate blind spots immediately, and bring them under control.
Second is real-time classification and dynamic control of sensitive information. We identify data locations in real time, automatically classify them by grade according to N2SF criteria such as C, S, and O, and dynamically apply optimal security policies.
Third is completing Zero Trust based on physical identity. To neutralize attacks that occur after account takeover, we recognize only genuine physical HID signals as valid actions at the kernel level, and fundamentally reject AI-automated virtual inputs.
Fourth is AI-based proactive threat detection. Natural-language AI agents derive threat insights from massive logs and detect command bypass attempts in real time.
Fifth is controlling Shadow AI risk. We detect unauthorized AI services and completely control pathways through which sensitive internal data may be copied, uploaded, and leaked via such services.
Sixth is fundamentally blocking lateral movement. By establishing servers and PCs as micro-segments, independent security boundaries, we physically seal movement paths inside the network when an intrusion occurs.”
What is your go-to-market plan for access control, PNPSECURE’s core business?
“The access control market has evolved from verifying who connects to verifying what actions occur after connection, and whether the actor is a real person. Our strategies to win in this market include the following.
First is differentiated Zero Trust supply based on physical entity verification. With a unique technology that blocks, at the kernel level, any remote control or automated attack without physical input signals, we will target the high-end market.
Second is containing lateral movement through micro-segmentation. By separating servers and PCs into independent security boundaries, we will fundamentally block movement paths in the internal network when incidents occur and enhance overall resilience.
Third is AI-based data identification and N2SF-optimized dynamic control. We will implement an intelligent control environment in which AI detects sensitive information in real time, automatically classifies criticality levels such as C, S, and O, and dynamically varies access rights accordingly.”
Please share your overseas expansion status and plans.
“PNPSECURE’s global strategy is to transplant the practical model of ‘K-Security,’ Korea’s security standard, into global markets. We will make this year the first year of our expansion into Taiwan, supplying solutions optimized for local security regulations and the requirements of the financial sector. To do so, we are accelerating local partnerships and stabilizing our technical support framework. We are also expanding our foothold in Southeast Asia. Centered on Thailand, we are preempting demand in finance and public sectors, while aggressively expanding partnerships in markets such as Vietnam and Indonesia.”
What are your management goals and strategy for 2026?
“Our management goal this year is to establish a standard for digital trust. We have set a milestone of KRW 70 billion in revenue, but what matters more is the responsibility of security that customers entrust to us. We will also strengthen technical integrity. By advancing Vision AI and physical entity verification technologies, we will complete an autonomous defense security architecture where human error does not become a security gap. We will innovate our customer support framework as well. Beyond simple maintenance, we will strengthen a ‘Security Success Partnership’ to maximize customers’ security operations efficiency, and we will provide close support through an AI-assistant-driven operating model.”
There is strong market interest in whether PNPSECURE will pursue an IPO.
“An IPO is a strategic option to secure global credit in the international market. Nothing is decided at this time, but we are carefully reviewing it while keeping the possibility open. We plan to make the decision at the most appropriate time, as part of building brand power and demonstrating transparent management systems. In particular, we are also proactively considering participation from strategic investors, which aligns with a partnership-driven management strategy that can help PNPSECURE’s technology establish a strong position in the global ecosystem.”
Looking back, what were some of your key achievements last year?
“2025 was a milestone year in which PNPSECURE fully transformed into a ‘Unified IAM’ company that delivers practical hacking prevention by completing Zero Trust. Moving beyond being a leader in a single domain such as database or server access control, we successfully embedded AI technology and physical input verification technology across our entire product lineup and built a tangible Zero Trust implementation that operates flawlessly under the National Network Security Framework, N2SF.
In particular, by commercializing implicit continuous authentication through Vision AI and kernel-level physical input validation, we achieved a meaningful outcome: remote hacking attempts after account takeover were fundamentally blocked at the physical stage. This is not merely logical control. It is a practical Zero Trust realization that can be applied immediately in real operational environments requiring advanced security standards under N2SF, and I am confident it is a key indicator of our technological leap forward.”
Finally, do you have any recommendations for security and for making Korea a global cyber power?
“For Korea to truly become a leading cyber power, it must completely discard the outdated legacy of static authentication systems based on IDs and credentials. The U.S. Cybersecurity and Infrastructure Security Agency has defined phishing-resistant MFA as the gold standard, and Gartner has also emphasized the importance of identity-centric security. In that context, I recommend three policy shifts: moving from secrets to proofs, reflecting continuity of authentication, and building identity-centered resilience. Only when technology compensates for human error can we finally break the chain of hacking incidents.”
ZDNet Korea, “[2026 주목! 보안기업] 피앤피시큐어 ‘시장 판도 바꿀 새 제로트러스트 출시’,” interview, updated Feb. 4, 2026 (originally published Feb. 3, 2026). Available at : https://zdnet.co.kr/view/?no=20260203225449