Browse > Article
http://dx.doi.org/10.13089/JKIISC.2020.30.1.123

A Study on the Laws and Regulations in Korea through the Analysis of Cybersecurity Workforce Developing Laws and Regulations in U.S.  

Hong, Soonjwa (The Attached Institute of ETRI)
Kim, Joonsoo (The Attached Institute of ETRI)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.30, no.1, 2020 , pp. 123-139 More about this Journal
Abstract
In 1987, Computer Security Act was enacted, requiring computer security awareness and practical training for federal workforce. This is the beginning of US development of federal cybersecurity workforce. It has been strengthening the development of federal cybersecurity workforce policy by establishing OPM regulations and OMB circulation in cases where it is difficult to define by law. Through GISRA 2000 and FISMA 2002, which has been improved, it played a central role for development of federal cybersecurity workforce for more than 10 years. Since then, FISMA 2014 has been enacted as a necessity for supplementing technology and policy. In 2014, the importance of cyber security personnel in US federal agencies has been increased even more, by enacting a single law on cybersecurity workforce twice. We will review the current state of Korea's development of cybersecurity workforce by reviewing and analyzing the development and federal cybersecurity workforce in the United States.
Keywords
Computer Security Act; FISMA 2002&2014; Federal Cybersecurity Workforce Assessment Act;
Citations & Related Records
Times Cited By KSCI : 6  (Citation Analysis)
연도 인용수 순위
1 Soonjwa Hong, "A Study on US Federal Law for Enhancing National Cyber Security", The Korea Institute of Information Security and Cryptology 29(3), pp. 51-65, June 2019.
2 Public Law 107-347, "E-Government Act of 2002 Tile III. Information Security Federal Information Security Management Act of 2002", Dec. 2002.
3 Soonjwa Hong, "A Study on the Frame- work of Comparing New Cybersecurity Workforce Development Policy Based on the ATE Programs of U.S.", Journal of the Korea Institute of Information Security & Cryptology 28(1), pp. 249-267, Feb. 2018.   DOI
4 Sangho Park, A Study on the Design of Knowledge System for Information Security Professional Training, Master's Thesis, Sangmyung University, Feb. 2016.
5 Wonhyung Park and Seongjin Ahn, "Enhancing Education Curriculum of Cyber Security Based on NICE", KIPS Transactions on Computer and Communication Systems 6(7), pp.321-328, July 2017.   DOI
6 Wongyu Lim and Seongjin Ahn, "A Study on Improvements of the Information Security Department via the Curriculum Analysis", The Journal of Korean Association of Computer Education 17(6), pp. 51-65, Nov. 2014.
7 Jeong-Ho Song and Hwang-Rae Kim, "A Study on the NCS based Curriculum for Educating Information Security Manpower", Journal of the Korea Academia-Industrial Cooperation Society 17(11), pp. 537-544, Nov. 2016.   DOI
8 Hyojik Lee, Onechul Na, Soyoung Sung, and Hangbae Chang, "A Design on Information Security Core Knowledge for Security Experts by Occupational Classification Framework", The Journal of Society for e-Business Studies 20(3), pp. 113-125, Aug. 2015.   DOI
9 Min-Jeong Kim, Haeni Lee, Shin-Jeong Song, and Jinho Yoo, "A Study on the Curriculum of Department of Information Security in Domestic Universities and Graduate Schools and Comparison with the Needs of Industry Knowledge", Journal of The Korea Institute of Information Security & Cryptology 24(1), pp. 195-205, Feb. 2014.   DOI
10 Yoon K.S. and Lee S, "The Problems and Alternatives of Information Security in the Korean Public Sector", Korean Public Management Review 31(4), pp. 195-216, 2017.12.   DOI
11 Public Law 107-347, "E-Government Act of 2002 Tile III. Information Security Federal Information Security Management Act of 2002", Dec. 2002.
12 Public Law 100-235, "Computer Security Act of 1987," Jan. 1988.
13 NIST SP 800-16, Information Technology Security Training Requirements: A Role- and Performance-Based Model, Apr. 1998,
14 Public Law 106-398, "National Defense Authorization Act for Fiscal Year 2001, Subtitle G-Government Information Security Reform", Oct. 2000.
15 KISA, A Comparative Law Study on the Cybersecurity Response System, KISA-WP-2015-0042, pp. 18-19, Dec. 2015.
16 NIST SP 800-16 Revision 1 (3rd Draft), A Role-Based Model for Federal Information Technology/Cybersecurity Training, Mar. 2014.
17 Public Law 113-283, "Federal Information Security Modernization Act of 2014", Dec. 2014.
18 Yeon Soo Lee and Su- yeon Lee, "A Study on Comparison and Development of Cyber Security Related Legal System in Major Nations", The Korea Association of National Intelligence Studies 1(2), pp. 35-116, 2009.
19 Hong, Jun Ho and You, Hyun Woo, "A Study on white hacker training and activation plan", Law Review 17(4), pp. 463-515, Dec. 2017.
20 Public Law 113-246, "Cybersecurity Workforce Assessment Act," Dec. 2014.
21 Public Law 113-274, "Cybersecurity Enhancement Act of 2014," Dec. 2014.
22 Public Law 114-113, "Cybersecurity Act of 2015," Dec. 2015.
23 OPM, "Memorandum on Guidance for Assigning New Cybersecurity Codes to Positions with Information Technology, Cybersecurity, and Cyber-Related Functions", Jan. 2017.
24 Public Law 115-278, "Cybersecurity and Infrastructure Security Agency Act of 2018", Nov. 2018.
25 American Technical Council, Report to the President on Federal IT Modernization, Dec. 2017.