In February 2026, VicOne released its 2026 Automotive Cybersecurity Report showing that automotive cyber incidents tripled, while attacks increasingly spread simultaneously across vehicles, cloud platforms, and enterprise IT systems. Researchers described this shift as the “Overlap Era”, where fragmented security governance can impact entire automotive ecosystems rather than isolated systems.
Against the backdrop of growing threats, the focus is on the experience of specialists who can build complex defense systems that operate in global IT infrastructures. Geol Kang, senior cybersecurity architect at Hyundai AutoEver America, began his career at Hyundai’s Seoul headquarters and now influences security standards across the Hyundai Motor Group globally. His work on multi-layered protection architectures demonstrates how Korean specialists are shaping not only national but also international practices in securing corporate and automotive digital platforms.
Hyundai Motor Group’s digital transformation has fundamentally changed the nature of cybersecurity inside the automotive industry. Modern vehicle manufacturers no longer operate as isolated production businesses: they manage large-scale ecosystems that combine manufacturing plants, cloud infrastructures, connected vehicle services, supplier platforms, engineering systems, and customer-facing digital applications. This convergence of operational technology, enterprise IT, and cloud-native mobility services has significantly expanded the attack surface across the organization.
When Geol Kang began working on cybersecurity architecture within Hyundai’s ecosystem, one of the major operational challenges was the fragmented nature of security governance between departments, regions, and infrastructure layers. Factory networks, engineering systems, corporate platforms, and early cloud services often relied on separate protection models and disconnected monitoring processes. This created limited visibility between environments and made coordinated incident response difficult in large-scale enterprise operations.
Geol Kang’s role focused on strengthening the underlying architecture connecting geographically distributed systems across Hyundai’s infrastructure. His work included enterprise VPN frameworks, centralized privilege governance, network segmentation, and access control models designed to secure communication between production environments, engineering systems, enterprise platforms, and remote users.
Rather than approaching cybersecurity as a collection of independent defensive tools, the architecture prioritized segmentation and governance at the enterprise level. Distributed access policies, role-based control models, and segmented trust boundaries were introduced to reduce lateral movement inside enterprise environments and improve resilience across interconnected systems.
One of the most difficult aspects of the environment was the lack of unified access governance across multiple independent IT divisions. Security teams were often forced to manage permissions and monitoring separately, increasing operational complexity and slowing incident visibility. To address this, centralized access governance strategies and differentiated privilege frameworks were introduced across enterprise infrastructure. This work later became part of broader enterprise Network Access Control initiatives and reflected a larger shift taking place across the automotive sector itself. As connected mobility ecosystems continue to expand, cybersecurity architecture increasingly functions not simply as perimeter defense, but as operational infrastructure supporting manufacturing continuity, cloud operations, and connected vehicle services simultaneously.
As Hyundai AutoEver America expanded across AWS, Azure, and connected mobility services in North America, traditional security models became increasingly difficult to manage. Security tools operated independently: IPS monitored network traffic, WAF protected web applications, while cloud security platforms generated isolated alerts without centralized orchestration. This fragmented architecture limited threat visibility and slowed incident response. According to project estimates, cloud defenses initially blocked less than 10% of threats effectively.
Geol Kang participated in redesigning the environment around integrated multi-layer defense architecture. Instead of deploying isolated protections, the system connected IPS, WAF, DDoS mitigation, CSPM, and CWPP platforms into a unified operational framework capable of correlating telemetry and automating response workflows. This allowed security systems to automatically identify suspicious activity, isolate workloads, block malicious requests, and strengthen filtering policies in real time rather than relying entirely on manual escalation. The architecture significantly improved operational visibility across hybrid cloud environments supporting connected vehicle ecosystems and enterprise services.
The results reflected the scale of the redesign: cloud defense effectiveness increased from below 10% to over 90%, while compliance across more than 400 public-facing domains exceeded 99%.
Over time, Geol Kang’s role was not limited to implementation into enterprise cybersecurity architecture and governance. His work included cloud security reviews, incident response coordination, enterprise segmentation strategies, and security assessments across Hyundai Motor Group’s North American operations.
One of the central challenges was maintaining unified security standards across rapidly scaling regional infrastructures. Modern automotive companies now operate simultaneously across manufacturing systems, connected vehicle ecosystems, cloud-native mobility platforms, and customer-facing digital services. In these conditions, cybersecurity architecture must support both operational continuity and regulatory compliance at enterprise scale. Geol Kang’s projects included enterprise-wide Network Access Control deployment, Zero Trust-oriented segmentation, and cloud-native governance for AWS and Azure infrastructures. He also participated in architecture evaluations and technical reviews for connected vehicle and enterprise environments, helping standardize security approaches across distributed operations.
His work in Hyundai Motor Group has also been recognized within the international cybersecurity community. He serves as a Council Member of AITEX, where he participates in the evaluation of AI and cybersecurity initiatives. Here he is a member of Advanced Information Technology & Emerging Tech Council thanks to his contribution to the development of cybersecurity in the automotive industry.
He was also invited as a jury member for the Cases & Faces Awards in Chicago and received American Business Expo Award for contributions to enterprise security architecture and cloud defense strategies. In addition, he is affiliated with IEEE Senior Membership, one of the world’s biggest professional engineering organizations. To get into this association, applicants take a very difficult exam and only 10% of all applicants pass it. Therefore, this association is considered one of the most prestigious among specialists.
As the automotive industry shifts toward software-defined vehicles and cloud-connected mobility services, manufacturers increasingly face architectural risks tied to fragmented security visibility, hybrid cloud exposure, and the complexity of protecting globally distributed ecosystems. In this environment, specialists such as Geol Kang are helping shape how enterprise automotive cybersecurity evolves in practice. Through large-scale multi-layer defense architecture, cloud security governance, and coordinated incident response frameworks implemented across Hyundai Motor Group’s infrastructure, Kang contributed to the transition from isolated security controls to integrated enterprise protection models. As a result, approaches combining network security, cloud governance, automated response, and enterprise segmentation are becoming not only internal operational standards, but part of the broader direction in which the automotive cybersecurity industry itself is moving.