Cybersecurity Governance,Xero–Trust Architectures, and Digital Resilience: ComparativeInformation System Transformation in The United States and South Korea, 2020 -2026
Keywords:
cybersecurity governance; zero trust; digital resilience; information systems; United States; South Korea; cyber risk; critical infrastructure; identity governance; socio-technical securityAbstract
This article examines how cybersecurity governance and zero-trust architectures have transformed digital
resilience, institutional implementation, and socio-economic security in the United States and South Korea
between 2020 and 2026. The study argues that cybersecurity is no longer merely a technical defense domain
but a computational governance system linking network architecture, institutional coordination, publicprivate accountability, national security, and economic continuity. The United States and South Korea were
selected because both possess highly advanced digital economies and major cyber capabilities, yet they differ
in governance structure, institutional coordination, regulatory centralization, and public-private
implementation. The United States has advanced zero-trust adoption through federal cybersecurity
modernization, CISA coordination, software supply-chain policy, and critical infrastructure reporting. South
Korea has pursued a more centralized and state-coordinated cybersecurity model shaped by national security
threats, digital government integration, and strong telecommunications infrastructure. The findings indicate
that zero-trust effectiveness depends on identity governance, continuous verification, interoperability,
incident reporting, organizational culture, and institutional trust. This article contributes to computing and information sciences by conceptualizing zero trust as a socio-technical governance architecture rather than a
purely technical security model.