• Convergence Security Journal
• /
• v.1 no.1
• /
• pp.31-35
• /
• 2001

Currently if we are to make a thought to depend on our fast developing information technology, a future war is necessarily to be made a situation of a cyber information warfare. A attacker in the cyber information warfare is able to make attack a military or a civil information and communication system, especially if a attack of a hacker, a virus or a electromagnetic pulse bomb at a military C4ISR system is able to make a confusion or a interruption in military operations, they are available to attack as a real time with non restrictions of physical distance, time, weather and space. While a expenditure of carrying out the cyber information warfares is the lowest expenditure, a effect of carrying out the cyber information warfares is the greatest effect in side of a interruption of information, a confusion, a terror, a pillage and crime of the people. This paper is to introduce "weapons of cyber information warfares", "offence capability of cyber information warfares about several nations" and to propose "a cyber information warfare organization" or the future knowledge warfare. the future knowledge warfare.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.3
• /
• pp.769-776
• /
• 2016

Recently, cyber attacks are continuously threatening the cyberspace of the state across the border. Such cyber attacks show a surface which is intelligent and sophisticated level that can paralyze key infrastructure in the country. It can be seen well in cases, such as hacking threat of nuclear power plant, 3.20 cyber terrorism. Especially in public institutions of the country in which there is important information of the country, advanced prevention is important because the large-scale damage is expected to such cyber attacks. Technical support is also important, but by improving the cyber security awareness and security expert knowledge through the cyber security education to the country's public institutions workers is important to raise the security level. This paper suggest education courses for the rise of the best security effect through a short-term course for the country's public institutions workers.

• Proceedings of the Korea Contents Association Conference
• /
• 2004.11a
• /
• pp.564-569
• /
• 2004

Most existing ontologies are suited for static knowledge, so they lack capability of representing procedural knowledge which is essential for an agent's action control or inference in the virtual world. Also they are not prepared to describe objects beyond their fixed ranges of domains as designed. In this paper we propose cyber-microcosm ontology (CMO) which augments procedural aspects and expressive power for multiple forms rather than fixed form as in conventional ontologies. The resulting ontology will provide an enhanced knowledge structure to capture procedural aspects of agents' actions and to facilitate their associated inferencing. The procedural aspects of the CMO are designed based on action frame formed according to diverse elements. They are elaborated in terms of various qualifiers and quantifiers to reflect statistical natures over time and instances.

• The Journal of Information Systems
• /
• v.15 no.3
• /
• pp.233-252
• /
• 2006

Recently, negative sides of internet, internet and/or game addiction and unethical behavior over internet, have been largely publicized in our society. There have been numerous studies to explore the problems and solutions, but these lack considering broader set of research variables. Therefore, this research investigated how i) internet users' self characteristics and ii) cognitive characteristics toward internet influence iii) internet addiction and iv) information ethics respectively. Especially, this study focused on college students, more mature beings than elementary, middle and high school students with whom most other researches have dealt so far. Major findings of this study are as follows: (1) Willingness to develop relationships over internet, usefulness of internet use, a degree to perceive the cyber space as real, and a degree to express self over internet have significant effects on disabled life style. Self respect willingness to develop relationships over internet, usefulness of internet use, a degree to perceive the cyber space as real, and capability of using internet have significant effects on the lack of control over internet. Willingness to develop relationships over internet, self control, and a degree to express self over internet have significant effects on the lack of control over internet. 2) Regarding the effects of independent variables(self characteristics and cognitive characteristics) on information ethics through internet addiction factors, self respect self control, a degree to perceive the cyber space as real, and capability of using internet have directly and indirectly significant effects on information ethics through internet addiction. Then we suggested four approaches to reduce the internet addiction and improve the information ethics based on the findings.

• Journal of Digital Convergence
• /
• v.17 no.10
• /
• pp.93-102
• /
• 2019

This paper aims to set the priorities for the cybersecurity strategy of Cambodian government. To this end, we built a AHP research model by adopting 4 factors from the ITU national interests model and selecting 7 strategies from best practices of 8 countries leading the cyber security. Using a questionnaire, 19 experts evaluated Cambodia's cybersecurity strategy priorities. The key policy factors were evaluated in the order of homeland defense, economic welfare, value promotion and favorable world order. Their strategic alternatives were identified in the order of legislation, capacity building, and cyber attack prevention for critical infrastructure. This study will contribute to setting the strategic priorities and feasible action plans to strengthen Cambodia's cybersecurity capabilities.

• Knowledge Management Research
• /
• v.22 no.4
• /
• pp.157-172
• /
• 2021

Information security companies were established in earnest from the mid-late 1990s to early 2000s, far shorter than other national key industries. Nevertheless, the information security industry has made rapid progress. It is expected that the proportion of the information security industry will increase rapidly with the development of advanced technology along with the 4th industrial revolution. As COVID-19, which occurred at the end of 2019, spreads around the world in 2020, non-face-to-face services and digital transformation are accelerating, and cyber threats to users are also increasing. However, there are limitations in responding to new Cyber Security threats due to the shortage of information protection manpower, insufficient security capabilities of domestic companies, and the narrow domestic information protection market. This study examines the external environmental factors of information security companies such as government information protection system operation, government influence, government support, partnership between information security companies, and internal environmental factors such as top management support, financial status, human resources, organizational capability, This study was conducted using empirical data to analyze whether it affects innovation capability and whether organizational capability and innovation capability affect financial and non-financial performance. The results of this study can be used as basic data to suggest policies and implications for information security, and to strengthen the competitiveness of the information security industry.

• Information Systems Review
• /
• v.4 no.2
• /
• pp.81-94
• /
• 2002

The study employs the conceptual framework of the strategic success paradigm developed by Ansoff (1990). The strategic success paradigm denotes that optimal performance will be attained when the level of environmental turbulence is aligned with the strategic aggressiveness and organizational capability. Based on the paradigm, authors developed the concept of IT (information technology) aggressiveness (IT aggressiveness henceforth) and capability (IT capability henceforth). In order to clarify the different concept of IT aggressiveness and capability, the author brought the concept of IT architecture. The difference of capability and architecture lies in the depth of technical considerations. Where capability refers attitudinal aspects of managers, architecture emphasizes technical capacity of the organization as a whole. The study validated the need for alignment among IT architecture, environmental turbulence and IT aggressiveness. The imbalance between IT strategy and IT architecture (such as a higher level of IT aggressiveness but a lower level of IT architecture, or vice versa) has a marginal contribution to the organizational IT performance. The alignment among organizational environmental turbulence, IT aggressiveness, and IT architecture resulted in an optimal level of IT performance especially in a turbulent environment.

• Proceedings of the Korea Information Assurance Society Conference
• /
• 2004.05a
• /
• pp.259-265
• /
• 2004

Since the 2003.1.25 Internet Crisis, the government has been looking at a number of options to strengthen national cyber-security/crisis management capability to guard against ever increasing threat of cyber-war and terror. Thus, the focus of this study was to explorer new ways of developing a comprehensive cyber-security/crisis management system, in particular by combining modern social-science analytic theories. As a result, although there has to be more in-depth researches into incorporating advanced techniques to generate more detailed and object-specific indexes and protocols, the use of 'event data system,' which has been widely utilized in many recent social science researches to assess a wide-range of socio-political risks and crises, could be adopted as a basis for a comprehensive nationwide cyber-risk management system.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.3
• /
• pp.645-656
• /
• 2019

As the number of cyber threats to control systems increases, the need for control system cyber security is also increasing. Currently, various cyber security related education and control system education are being conducted. However, it does not fully reflect the characteristics of the control system and the characteristics of the participants. In this paper, we propose a training system and technique to enhance the control system cyber security capability. To this end, we analyze the limitations of existing security education. Based on the results, we develop a control system training environment model based on the IEC62443 Standard and develop an ARCH based training method.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.10
• /
• pp.4995-5014
• /
• 2018

As the area covered by the CPS grows wider, agencies such as public institutions and critical infrastructure are collectively measuring and evaluating information security capabilities. Currently, these methods of measuring information security are a concrete method of recommendation in related standards. However, the security controls used in these methods are lacking in connectivity, causing silo effect. In order to solve this problem, there has been an attempt to study the information security management system in terms of maturity. However, to the best of our knowledge, no research has considered the specific definitions of each level that measures organizational security maturity or specific methods and criteria for constructing such levels. This study developed an information security maturity model that can measure and manage the information security capability of critical infrastructure based on information provided by an expert critical infrastructure information protection group. The proposed model is simulated using the thermal power sector in critical infrastructure of the Republic of Korea to confirm the possibility of its application to the field and derive core security processes and goals that constitute infrastructure security maturity. The findings will be useful for future research or practical application of infrastructure ISMSs.