• Convergence Security Journal
• /
• v.19 no.2
• /
• pp.21-28
• /
• 2019

The emergence of a hyper-connected-super-intelligence society, called the era of the Fourth Industrial Revolution, brought about a new change in the security environment. With ICT (Information Communication Technology) convergence and high-tech technologies introduced across the board, the person-centered driving force that moved the real space is replaced by the code-oriented cyberspace, and its dependency is constantly increasing. Paradoxically, however, these technological changes serve as another security vulnerability that threatens our society, and have brought about the justification for building a cyber defense system while simultaneously facing the opportunities and challenges brought by technology. In this study, the theory of self-defense was put forward on the basis of the theoretical basis for actively responding to the increasingly intelligent and mass-evolving cyberattacks, and firstly, the need to enact a cybersecurity law, secondly, and thirdly, the need to develop a response cooperation system with the U.S. and other cyber powers.

• Korean Security Journal
• /
• no.49
• /
• pp.187-214
• /
• 2016

In the mordern society, the reliance on the cyber domain and the cyber connectivity has been increasingly strengthened. Due to this phenomenon, the cyberterror against critical infrastructures and state organs might lead to fatal consequences. Lately, North Korea's cyberattacks against South Korea's national organizations and financial computer networks are becoming more and more intelligent and sophisticated. The cyberattacks against such critical infrastructures have caused enormous economic loss and social disorder. This paper is designed to examine comparatively the cyberterror related laws and organizations of the advanced countries such as U.S. and U.K. and to draw implications. Although those countries are under different institutional and cultural backgrounds with varying security envrionments, they are identically pursuing measures by establishing government-wide counterterror system for coordination and cooperation. They are also commonly focusing upon creating new organizations equipped with new system and upon enhancing intelligence performance and devising punishment regulations. Korea is lack of framework laws regulating cyber security, having only scattered individual laws. Since such legal base is far from efficient counterterror activities, it is necessary that the legal and policy response of the advanced countries should be closely studied for selective introduction. That will eventually lead to legislation of cyber security law. With such legislation on hand, it is subsequently required to strengthen crisis management for prevention of cyberterror and to create joint response team, cooperating with private organizations.

• Journal of Digital Convergence
• /
• v.20 no.2
• /
• pp.9-20
• /
• 2022

Supply chain attacks target critical infrastructure, causing large amounts of damage and evolving into a threat to public safety and national security. Accordingly, when establishing cybersecurity strategies and policies, supply chain risk management is specified to enhance security, and the US Biden administration recently issued the Executive Order on Improving the Nation's Cybersecurity, SBOM was mentioned as part of the guidelines for strengthening software supply chain security. If the government mandates SBOM and uses it as a security verification tool for supply chains, it can be affected by the domestic procurement system in the future and can be referenced when establishing a security system for domestic supply chains according to the progress of policy implementation. Accordingly, in this paper, countries that are promoting the SBOM policy as a way to strengthen the security of the software supply chain were selected and analyzed with a focus on related cases. In addition, through comparison and analysis of foreign SBOM policy trends, methods for using domestic SBOM in terms of technology, policy, and law were considered. As the value of using SBOM as a supply chain integrity/transparency verification tool is expected in the future, it is necessary to continuously identify trends in the establishment of international standardization and policy development for SBOM and study the standard format.

• Review of KIISC
• /
• v.22 no.8
• /
• pp.36-40
• /
• 2012

북한은 사이버공간을 해방구로 보고 지난 2003년도에 인터넷 대란 공격을 실시한 이래 사이버 공격을 지속적이고 강력하게 감행하고 있다.1) 지난해에는 농협전산망을 공격하였으며 최근에는 서해상에서 GPS교란 공격을 실시하여 인천 국제공항에 이착륙하는 항공기에 심각한 위협을 초래하기도 하였다. 이처럼 북한을 포함한 전 세계적인 사이버 공격이 이제는 국가안보상의 심대한 위협이 되고 있어 각국은 사이버전 대비에 심혈을 기울이고 있다. 이제 우리나라는 사이버공격을 가장 많이 받는 국가 중의 하나가 되고 있다. 국가적인 사이버위협이 지속되는 상황하에서 국방차원에서의 사이버대응 실태를 살펴보고 발전책을 제시하고자 한다.

• Review of KIISC
• /
• v.29 no.2
• /
• pp.48-52
• /
• 2019

이 글에서 IAEA 핵안보(정보보안) 부서의 원자력시설에 대한 사이버보안 활동과 함께 2016년부터 13개국 17개 기관이 협력하여 수행중인 "원자력시설 사이버사건 분석 및 대응 능력 강화에 관한 국제공동연구"에 대해 소개하고자 한다.

• Journal of Digital Convergence
• /
• v.19 no.8
• /
• pp.89-100
• /
• 2021

The National Cyber Capability Assessment(NCCA) could be used as meaningful information for improving national cyber security policy because it provides information on the elements necessary for strengthening national cyber capabilities and the level of each country. However, there were few studies on improving cyber capabilities using the NCCA result in Korea. Therefore, we analyzed the result of National Cyber Power Index(NCPI) conducted by Belfer Center of Harvard Univ. by applying modified-IPA method to derive cybersecurity policy agendas for Korea. As a result, the need to set agendas on surveillance and offensive cyber capability and improve the effectiveness of policy implementation for intelligence and defense was drawn. Moreover, we suggested need for in-depth study of each policy agenda deduced from preceding research data as a future tasks. And it is expected to increase practical use of NCCA for domestic policy analysis by developing and using our own NCCA model which considered analysis framework proposed in this study.

• Convergence Security Journal
• /
• v.17 no.2
• /
• pp.145-151
• /
• 2017

The Cyberspace of the Republic of Korea Army is continuously threatened by enemies. Means for responding to such cyber threats are ultimately Military information security professional personnel. Currently, however, there are only a handful of advanced information security professional persons in Republic of Korea Army, and a lack of systematic training is inadequate. Therefore, in this thesis, we surveyed the information security professional human resource policies of USA, UK, Israel, and Japan. In addition, the policy to train professional human resources specialized in defense cyber security, we proposed training of specialist talent of 4 steps and medium and long term plan, step-by-step training system sizing, introduction of certification system.

• Journal of KIISE:Information Networking
• /
• v.37 no.5
• /
• pp.351-362
• /
• 2010

In Korea, national information infrastructure has been grown well because of the rapid growth and supply of Internet, but threats of cyber terror and cyber war are also increasing. Cyber attacks on knowledge information society threaten industry, economy and security. Major countries realize that cyber attacks can cause national heavy loss. So, they are trying to adopt policy on their cyber safe. And natural environmental crisises are increasing around the world. Countries such as India and Philippine in which tsunami, typhoon and earthquake are often occurring have national systematic disaster management system that can prevent and recover. We need systematic management for prevention and recovery from cyber terror, and need to establish national cyber disaster management system. Therefore, in this paper, we analyze major countries's cyber security policy and suggest a method of establishing the national cyber disaster management system.

• Convergence Security Journal
• /
• v.22 no.2
• /
• pp.27-42
• /
• 2022

In the era of the Fourth Industrial Revolution, digital transformation to increase the effectiveness of industry is becoming more important to achieving the goal of industrial innovation. The digital new deal and smart defense are required for digital transformation and utilize artificial intelligence, big data analysis technology, and the Internet of Things. These changes can innovate the industrial fields of national defense, society, and health with new intelligent services by continuously expanding cyberspace. As a result, work productivity, efficiency, convenience, and industrial safety will be strengthened. However, the threat of cyber-attack will also continue to increase due to expansion of the new domain of digital transformation. This paper presents the risk scenarios of cyber-attack threats in the Fourth Industrial Revolution. Further, we propose a preemptive intrusion response model to bolster the complex security environment of the future, which is one of the fundamental alternatives to solving problems relating to cyber-attack. The proposed model can be used as prior research on cyber security strategy and technology development for preemptive response to cyber threats in the future society.

• The Science & Technology
• /
• v.35 no.6 s.397
• /
• pp.47-76
• /
• 2002

[과학기술과 전쟁사] "과학기술력 있는 국가가 역사의 주인공"/ [로봇- 무인병기] 첨단로봇이 전략전술도 바꾼다/[항공우주전] 민간 피해 안주는 우주전 실현/[원자력-핵무기]핵무기 보유는 국가안보의 잣대/[정보화전] 빛의 속도로 전개되는 사이버테러/[해양전] '바다의 안보' 장악하는 이지스함/[생화학 무기] 생화학은 가난한 나라의 핵무기/[과학기술과 미래전쟁] 미래전쟁은 기계들의 전투