References
- Aljifri, H. and Navarro, D.S., International Legal Aspects of Cryptography. Computers and Security, 2003, Vol. 22, No. 3, pp. 196-203. https://doi.org/10.1016/S0167-4048(03)00305-5
- Announcement on National Industrial Security Center, NISC, 2015.
- Besnard, D. and Arief, B., Computer security impaired by legitimate user. Computers and Security, 2004, pp. 253-264.
- Bharadwaj, A. and Keil, M. and Mahring, M., Effects of Information Technology Failures on the Market Value of Firms. The Journal of Strategic Information Systems archive, 2009, Vol. 18, No. 2, pp. 66-79. https://doi.org/10.1016/j.jsis.2009.04.001
- Brancheau, J.C., Janz, B.D., and Wetherbe, J.C., Key Issues in Information Systems Management : 1994-95 SIM Delphi Results. MIS Quarterly, 1996, Vol. 20, No. 2, pp. 225-242. https://doi.org/10.2307/249479
- Broderick, J.S., Information Security Risk Management- When should it be Managed?. Information Security Technical Report, 2001, Vol. 6, No. 3, pp. 12-18. https://doi.org/10.1016/S1363-4127(01)00303-X
- Calder, A. and Van Bom, J., Implementing Information Security Based on ISO 27001/ISO 17799. Van Haren Publishing, 2006.
- Cavusoglu, H. and Raghunathan, S., Economics of IT Security Management : Four Improvements to Current Security Practices. Communications of the Association for Information Systems, 2004, Vol. 14, No. 3.
- Deloitte, Touche and Tohmatsu (2005). Global Security Survey, Available at : www.deloitte.com.
- Dhillon, G. and Moores, S., Computer Crimes : Theorizing about the Enemy within. Computers and Security, 2001, Vol. 20, No. 8, pp. 715-723. https://doi.org/10.1016/S0167-4048(01)00813-6
- Doherty, N.F. and Fulford, H., Do Information Security Policies Reduce the Incidence of Security Breaches : An Exploratory Analysis. Information Resources Management Journal, 2005, Vol. 4, pp. 21-38.
- Ettredge, M. and Richardson, V.J., Information Transfer among Internet Firms: the Case of Hacker Attacks. Journal of Information Systems, 2003, Vol. 17, No. 2, pp. 71-82. https://doi.org/10.2308/jis.2003.17.2.71
- Finne, T., Information Systems Risk Management : Key Concepts and Business Processes. Computer and Security; 2000, Vol. 19, No. 3, pp. 234-42. https://doi.org/10.1016/S0167-4048(00)88612-5
- Flint, D.J., Woodruff, R.B. and Gardial, S.F., Exploring the Phenomenon of Customers Desired Value Change in a Business-to-Business Context. Journal of Marketing, 2002, Vol. 66, pp. 102-117.
- Hagen, J.M. and Albrechtsen et al., Implementation and Effectiveness of Organizational Information Security Measures. Information Management and Computer Security, 2008, Vol. 16, No. 4, pp. 377-397. https://doi.org/10.1108/09685220810908796
- Halliday, S., Badenhorst, K., and von Solms, R., A Business Approach to Effective Information Technology Risk Analysis and Management. Information Management and Computer Security, 1996, Vol. 4, No. 1, pp. 19-31. https://doi.org/10.1108/09685229610114178
- Hawkins, S. and Yen, D.C., Awareness and Challenges of Internet Security. Information Management and Computer Security, 2000, Vol. 8, No. 3, pp. 131-143. https://doi.org/10.1108/09685220010372564
- Hu, Q., Hart, P., and Cooke, D., The Role of External and Internal Influences on Information Systems Security Practices : An Institutional Perspective. The Journal of Strategic Information Systems Archive, 2006, Vol. 16, No. 2, pp. 153-172.
- Information Security Specialist's CISSP Note, 2012.
- Jahner, S. and Krcmar, H., Beyond Technical Aspects of Information Security : Risk Culture as a Success Factor for IT Risk Management, AMCIS 2005 Proceedings, 2005, p. 462.
- Karyda, M., Kiountouzis, E., and Kokolakis, S., Information security policies : a contextual perspective. Computers and Security, 2005, pp. 246-260.
- Kim et al., Implication of Industrial Security Capacity Based on Level Evaluation. Journal of the Korean Society for Quality Management, 2013, Vol. 41, No. 4, pp. 649-658. https://doi.org/10.7469/JKSQM.2013.41.4.649
- Korea Communications Commission Report, A Fact-Finding on Leak Out of Personal Data, KCC, 2015.
- Kotulic, A.J. and J.G. Clark, Why There aren't more Information Security Research Studies. Information and Management, 2004, Vol. 41, No. 5, pp. 597-607. https://doi.org/10.1016/j.im.2003.08.001
- Lebek, B., Degirmenci, K., and Breitner, M.H., Investigating the Influence of Security, Privacy, and Legal Concerns on Employees Intention to Use BYOD Mobile Devices, Proceedings of the Nineteenth Americas Conference on Information Systems, Chicago, Illinois, 2005, pp. 15-17.
- Lee, A.S., Retrospect and Prospect : Information Systems Research in the Last and Next Twenty-Five Years. Journal of Information Technology, 2010, Vol. 25, No. 4, pp. 336-348. https://doi.org/10.1057/jit.2010.24
- Lee, J.H., Shin, W.S., and Park, H.J., A Study on Improvement Plans for Technology Protection of SMEs in Korea. Journal of Society of Korea Industrial and Systems Engineering, 2014, Vol. 37, No. 2, pp. 77-84. https://doi.org/10.11627/jkise.2014.37.2.77
- Lewis, A., Time to Elevate IT Security to the Boardroom. e Secure, 2000, Vol. 1, No. 1, p. 28.
- Lohmeyer, D.F., McCrory, J., and Pogreb, S., Managing Information Security, The McKinsey Quarterly, Special Edition : Risk and Resilience, 2002, Vol. 2, pp. 12-16.
- National Defense Science and Technology Vocabulary, 2011.
- National Institute of Standards and Technology, An Introduction to Computer Security : The NIST Handbook, Special Publication, 2000, pp. 800-12.
- NIST, Information Security Handbook : A Guide for Managers, 2006.
- Peppard, J., The Conundrum of IT Management. European Journal of Information Systems, 2007, pp. 336-345.
- Pfhleeger, C.P., Security in Computing, Second edn, Prentice Hall, United States of America, 1997.
- Posthumus, S. and Von Solms, R., A Framework for the Governance of Information Security. Computers and Security, 2004, Vol. 23, No. 8, pp. 638-646. https://doi.org/10.1016/j.cose.2004.10.006
- Ransbotham, S. and Mitra, S., Choice and Chance : A Conceptual Model of Paths to Information Security Compromise. Information Systems Research, 2009, Vol. 20, No. 1, pp. 121-139. https://doi.org/10.1287/isre.1080.0174
- Sarker, S., Lau, F., and Sahay, S., Using an Adapted Grounded Theory Approach for Inductive Theory Building About Virtual Team Development. DATA BASE for Advances in Information Systems, 2001, Vol. 2, No. 1, pp. 38-56.
- Smith, E., Kritzinger, E., Oosthuizen, H.J., and Von Solms, S.H., Information Security Education, in Proceedings of the WISE 4 Conference, Moscow, Russia, 2004.
- Son, J.Y. and Benbasat, I., Organizational Buyer's Adoption and Use of B2B Electronic Marketplace : Efficiency and Legitimacy-Oriented Perspectives. Journal of Management Information Systems, 2007, Vol. 24, No. 1, pp. 55-99. https://doi.org/10.2753/MIS0742-1222240102
- Spears, J.L. and Barki, H., User Participation in Information Systems Security Risk Management. MIS Quarterly, 2010, pp. 503-522.
- Squara, D., LAN Security will become a Priority in the Networks of Tomorrow. Available at: http://itweb.co.za. 29, 2000.
- Stiles, P. and Taylor, B., Boards at work : How directors view their roles and responsibilities. Oxford : Oxford University Press, 2001.
- Straub, D. and Welke, R., Coping with Systems Risk : Security Planning Models for Management Decision Making. MIS Quarterly, 1998, Vol. 22, No. 4, pp. 441-469. https://doi.org/10.2307/249551
- The 9th Korean Standard Industrial Classification, 2007.
- Thomson, M.E. and Von Solms, R., Information Security Awareness : Educating Your Users Effectively. Information Management and Computer Security, 1998, Vol. 6, No. 4, pp. 167-173. https://doi.org/10.1108/09685229810227649
- Unfair Competition Prevention and Business Secret Protection Law, 2007.
- Vidgen, R. and Wang, X., Coevolving Systems and the Organization of Agile Software Development. Information Systems Research, 2009, Vol. 20, No. 3, pp. 355-376. https://doi.org/10.1287/isre.1090.0237
- Von Solms, R. and Von Solms, S.H., From policies to culture. Computers and Security, 2004, Vol. 23, No. 4, pp. 275-279. https://doi.org/10.1016/j.cose.2004.01.013
- Von Solms, S.H., Information Security Management through Measurement, in Prodeedings of the SEC99 conference, Johannesburg, South-Africa, 1999.
- Whiteman, W. and Mattord, H.J., Principles of Information Security, Thomson-Course Technology, Canada, 2003.
- Wood, C.C., Why Information Security is Now Multi- Disciplinary, Multi-Departmental, and Multi-Organizational in Nature. Computer Fraud and Security, 2004, No. 1, pp. 16-17.
Cited by
- 정보보호 관점의 기업 유형 분류 프레임워크 개발에 관한 연구 vol.39, pp.3, 2016, https://doi.org/10.11627/jkise.2016.39.3.018
- 쌍대비교를 활용한 기업 유형 분류에 따른 보안 전략 우선순위 결정 vol.39, pp.4, 2015, https://doi.org/10.11627/jkise.2016.39.4.097
- 기계 학습 알고리즘을 이용한 효과적인 대상 영역 분할 vol.19, pp.5, 2015, https://doi.org/10.5762/kais.2018.19.5.697