• Convergence Security Journal
• /
• v.20 no.1
• /
• pp.25-32
• /
• 2020

In the midst of the rising need for Industrial Security experts, the development of National Competency Standards(NCS) with regards to industrial security is a very important and urgent task. The NCS standardizes university-level academic curriculum and qualification systems and connects them with the industry's needs. This study has extracted, classified and analyzed security-related jobs and tasks requiring security expertise that is required within NCS. Through this study, many tasks have been confirmed to require security competencies that are different from those in IT-security, physical security that already exist as a NCS tasks. It is expected that the industry's needs of industrial security expertise will be reflected in future NCS development, which will be used as basic data for systematizing industrial security jobs and competency.

• Korean Security Journal
• /
• no.39
• /
• pp.269-294
• /
• 2014

Korea is concerned with information security industry due to recent leak-out private information of 3 card companies. Executives are aware of damage from breach of security such as personal data spill, is more dangerous than any other financial risks. The information security industry, which was limited in physical security and network security formerly, is evolving into convergence security of public and facility security industry. The field of interest has also been changed into security of smart phone and intelligence image recently, from firewall or Anti-virus. The convergence security is originally about access control of facility, but recently its demand has been increased mostly by public institutions and major companies. The scope of the industry also varies from finance, education, distribution, national defense, medical care to automobile industry. The market of convergence security has been expanded and new various products and services of security of intelligent vehicle, 'U' healthcare, finance, smart grid and key industries are also developed. It is required to create and enhance of new curriculum and cultivate human resources for the development of knowledge information security industry. Raising standard of education and security consciousness of the nation is also necessary to strengthen the global competitiveness.

• Convergence Security Journal
• /
• v.20 no.3
• /
• pp.89-97
• /
• 2020

Recently, security issues on industrial technology are undergoing rapid changes around the world. Developed countries are establishing response strategies to protect their own core technologies while creating conflicts with global value chains and foreign capital movement. Also in Korea, we are approaching industrial security issues in the mid- to long-term industrial competitiveness. The purpose of this study is to survey on the awareness of the industrial security ecosystem and derive key policy issues. Based on a three round survey, four policies were suggested as followings : systemization of industrial security control tower, enhancement of security company's technical skills and training of security specialists, improvement of technology leakage prevention system through retirement personnel and M&A, reinforcement of research security in R&D process and proactive technology protection. It is hoped that this study will serve as a basis for policy-making as an evidence-based study reflecting the policy demands of industrial security.

• Review of KIISC
• /
• v.26 no.4
• /
• pp.28-35
• /
• 2016

초기의 산업제어시스템은 독립적인 네트워크를 구성하고 있어서 외부 네트워크와는 분리되어 있어 안전하다는 의견을 갖고 있었으나, 악성코드에 의한 우회적 공격이 발생함으로 단순 공극(Air-gap) 정책으로는 대처하는 것에는 한계가 드러났다. 또한 정보통신(ICT: Information & Communication Technology) 기술의 발달로 산업제어네트워크는 비즈니스, 정보공유 그리고 유지보수를 위하여 외부 네트워크와 연결이 필요하게 되었다. 이로 인하여 ICT의 보안 취약점도 전수되는 상황이 되었다. 그러나 산업제어시스템은 독립적인 플랫폼과 제어기술로 구축되어 있어서, ICT의 기 개발된 보안 메카니즘이 그대로 적용될 수 없다는 것이 문제로 인식되고 있다. 산업제어시스템 보안을 위하여 단품의 보안 제품이나 서비스로 대응하는 것으로는 보안강도를 충족하지 못하는 것이 일반적이며, '심층 방어' 체계를 구축하여 종합적이고, 체계적인 보안대책이 필요하다. 이와 상응하여 산업제어시스템 영역에 최적의 보안 수준을 유지하기 위하여 장비의 호환성을 제공하기 위하여 표준화 필요성이 대두되고 있으며, 이에 현재 진행되고 있는 표준화 동향을 분석한다.

• The Journal of Society for e-Business Studies
• /
• v.24 no.2
• /
• pp.29-53
• /
• 2019

Of all the 55 security departments in colleges, the information security departments occupies the majority of 45. Though existing security focused too much on information security, a new research stream on industrial security from a perspective of convergence has emerged. Since the first department of industrial security was established in a college in 2014, the total of four departments have been established until 2018. A new discipline to solve the existing problems and an opportunity to cultivate industrial security professionals have been greatly appreciated; however, the definition of industrial security is not yet specific, and more discussions on education categories and subjects with a focus on the characteristics of convergence are needed. The demand for industrial security professionals has gradually increasing and the departments of industrial security have been established to meet the demand. It is necessary, in this circumstance, to find out how the industrial security departments are teaching students. To this end, the purpose of this article is to deliver an overview of the educational curriculums of the four industrial security departments. This study analyzed 127 subjects in the curriculums, categorized educational areas, and employed Social Network Analysis to understand the relationships between subjects of each departments.

• The Optical Journal
• /
• v.14 no.5 s.81
• /
• pp.14-18
• /
• 2002

지금 국내의 CCTV 업계는 DVR 업체를 제외하고는 방향성을 상실하고 있는 것 같이 보여진다. CCTV 시스템은 보안 시스템의 일부를 구성하는 중요한 파트로서 앞으로도 보안산업의 발전과 그 맥락을 같이하는 분야이므로, 전체 보안 시스템 산업의 방향성을 잘 관찰하여 사업계획을 수립해야 한다. 카메라업계의 경우 무엇보다 R&D에 중점을 두고 기술개발에 계속 매진해 나가야 할 것이다. 향후 카메라의 시장 방향은 저조도용 칼라 카메라, 고해상도 및 고 색상재

• Proceedings of the Korea Information Processing Society Conference
• /
• 2015.04a
• /
• pp.428-430
• /
• 2015

보안은 오직 기술을 관리하는 것이 아닌 사람관리, 조직관리, 경영관리이다. 그 중에서도 인적자원은 모든 산업에서 가장 중요한 자원임과 동시에 보안의 측면에서 볼 때 가장 통제해야 하는 존재이다. 이는 산업보안에서 가장 큰 이슈인 산업기술 기밀 유출이 주로 전 현직 임직원 및 협력업체 직원 등 인적자원을 통했기 때문이다. 미래 산업의 중심이 될 IoT환경에서는 산업기술이 핵심자산이므로 이에 더 주목해야 할 필요가 있다. 이처럼 인적자원에 대한 통제와 관리가 산업보안에서 중요한 의미를 갖는 것에 비해 기존의 보안관리체계의 통제항목은 대부분 IT적인 부분에 치중되어있다. 또한, 체계적인 운영이 부족하고, 산업스파이, 정보절취 등 다양한 위험요소가 존재한다. 특히, 인적자원은 완벽한 예측이 불가능하므로 위험을 최소화하는 방법을 고안해 대는 것에 유념하여 IoT환경에서의 인간중심적인 보안관리체계 구축해야한다. 이를 위해 기존의 정보보호 관리체계 분석을 통하여, 기존의 인적보안 지침들의 적합성을 따져 우선순위를 적용하여 효율적인 인적자원관리 방법론을 설계하였다. 본 연구결과는 보유자원을 가장 효율적으로 활용하여, 그 조직에 적합한 보안체계를 구축하는데 도움이 될 것으로 기대된다.

• Information Systems Review
• /
• v.21 no.3
• /
• pp.49-61
• /
• 2019

As the number of security incidents and damages increase steadily, interest in the security of society is growing, and the amount of academic interest and research is steadily increasing. However, despite these concerns and the quantitative increase in research, the terms 'security' and 'safety' have been mixed and studies have been conducted without the conceptual definition of various security terms being clearly defined. As a result, various forms of security concepts based on ICT environments have been misused. Therefore, we tried to derive the consensus of experts among the various security terms which are mixed in this study, and to summarize the concepts based on the analysis of domestic and foreign documents based on the concept of the terms. Through this research, we intend to contribute to the establishment of the academic identity of security by preventing related mistakes caused by the mixed use of terminology.

• Convergence Security Journal
• /
• v.15 no.7
• /
• pp.3-8
• /
• 2015

According to the advent of the seriousness of industrial technology outflow, concerns are mounting about the importance of security, recently. In this paper, I studied a research trend about industrial technology security and real condition of the outflow, analyzed it in various ways, and showed a seriousness of the issue and urgency of the security. Finally, I suggested methods of improving needed in the industrial technology security in legal, business and technical ways.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2021.11a
• /
• pp.1036-1039
• /
• 2021

산업제어시스템에 침해사고가 발생하여 서비스 제공이 중단될 경우 사회에 큰 혼란을 야기할 수 있기 때문에 주기적으로 내부 자산의 보안 수준을 관리하는 것은 매우 중요하다. 위 논문은 산업제어시스템 내부 자산의 보안성 확립을 위한 산업제어시스템 자산 유형별 보안성 평가 프로그램을 제안한다. 동일 자산 그룹에 따라 보안조치를 선별적으로 적용하고 신규 취약점을 지속적으로 파악하는 프로세스를 프로그램에 적용하여 제어시스템 보안 수준을 안정적으로 유지하는 사내 프로그램으로 활용될 수 있도록 한다.