• Journal of Korea Society of Digital Industry and Information Management
• /
• v.15 no.1
• /
• pp.43-51
• /
• 2019

This research proposed the necessary capability of cyber security professional personnel for cyber security education and training. Cyber security professional personnel were required specialized capability because the curriculum of cyber security education and training is structured around practice and training. Based on the knowledge, skills, and attitudes of professors, we derive candidate capabilities and index through the results of precedent research. As a result, we derived capability such the candidate capability group as teaching qualification, expert knowledge, practical ability, lecture ability, and research ability, and detailed capability index was derived accordingly. Finally, based on the questionnaire results of the professors related to the information security, it was determined that the capability required for the cyber security education and training professional personnel were expert knowledge, practical ability, and lecture ability. Among the capabilities, executive ability means that they have to fulfil abundant executive experience due to the high proportion of practical training due to the characteristics of cyber security education and training.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.10 no.4
• /
• pp.97-107
• /
• 2014

The development of ICT has led positive aspects such as popularization of Internet. It, on the other hand, is causing a negative aspect, Cyber Terror. Although the causes for recent and continuous increase of cyber security incidents are various such as lack of technical and institutional security measure, the main cause which threatens the cyber security is the users' lack of awareness and attitude. The purpose of this study is the positive analysis of how the personal and job characteristics influence the cyber security training participation rate and the response ability to cyber terror response training with a sample case of K-corporation employees. In this paper, the relationship among career, gender, department, whether he/she is a cyber security specialist, whether he/she is a regular employee), "ratio of cyber security training courses during recent three years", "ratio that he/she has opened the malicious email in cyber terror response training during recent three years", "response index of virus active-x installation (higher index means poorer response)" is closely examined. Moreover, based on the examination result, the practical and political implications regarding K-corporation's cyber security courses and cyber terror response training are studied.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.5
• /
• pp.805-821
• /
• 2020

Cyber defense exercise should require training on the latest cyber attacks and have a similar process to defense cyber attacks. In addition, it is also important to train on cyber resilience that can perform normal tasks or support equivalent tasks regardless of cyber attacks. In this paper, we proposed and developed a cyber range that can strengthen the elements of cyber resilience by performing cyber defense exercise in real time based on the cyber crisis alert issued when a cyber attack occurs in Korea. When BLUE, YELLOW, ORANGE, and RED warnings are issued according to the cyber crisis, our system performs proactive response, real time response, and post response according to the alarm. It can improve trainee's capability to respond to cyber threats by performing cyber defense exercise in a cyber crisis environment similar to the actual situation of Korea.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.12 no.4
• /
• pp.59-69
• /
• 2016

We proposed a specialized model of performance measurement to measure the training performance of the trainees in cyber practical training. Cyber security professionals are cultivating their expertise, skills, and competencies through cyber practical training in specialized education and training institutions. The our proposed process of trainee evaluation is consisted of an evaluation component discovery, evaluation item selection, evaluation index catalog, ratings and criteria decision, and calculation formula. The trainee evaluation is consisted of a formative evaluation during the training and an overall evaluation after finished training. Formative evaluation includes progress evaluation and participation evaluation, and overall evaluation includes practice evaluation and learning evaluation. The evaluation is weighted according to the importance of evaluation type. Because it is evaluated actual skills and abilities, competencies are assigned a high weight, while knowledge and attitudes are assigned a low weight. If cyber security trainees are evaluated by the proposed evaluation model, cyber security professionals can be cultivated by each skill and knowledge level and can be deployed by importance of security task.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.25 no.6
• /
• pp.857-860
• /
• 2021

The 21st century society has entered the fourth industrial society of machine to machine from the information society of human to machine. Accordingly, countries around the world are always operating efficient crisis management systems that can quickly respond to disasters or crises. As cyber attacks such as cyber warfare are actually progressing, countries around the world are conducting defense training in response to cyber attacks, and reflecting the results of simulation attacks in improving or building security systems. In this paper, we would like to consider the future cyber training development guide by comparing and analyzing the trends of cyber training in domestic and foreign countries.

• Journal of the Korean Society of Marine Environment & Safety
• /
• v.26 no.7
• /
• pp.830-837
• /
• 2020

With the rapid development of information and communication technology, information exchange between ships and shore has become faster and more convenient, However, accessing ship information has also become easier and concerns about cyber security attacks are growing. When a ship suffers a cyber-attack, it may cause considerable damage and incurs enormous costs and time to repair. In response to this threat, the maritime industry now demands that a cyber security officer be assigned to each ship to take charge of cyber security management onboard. In order to reduce the damage cause by an attack and to respond effectively, a specialized training course for the ship's cyber security officer is required. The purpose of this study was to present a training course for the position of the ship's cyber security officer, and to highlight the necessity of amending current legislation, To this end, domestic and foreign trends, ship cyber security incident cases, and cyber security training courses were investigated, and based on the results a standard training course for a ship's cyber security of icer was developed. Additionally, recommendations on the related amendments to legislation ware established. The results of the study can be used as basic data to establish future training courses for cyber security officers.

• Proceedings of the Korean Institute of Navigation and Port Research Conference
• /
• 2022.11a
• /
• pp.137-139
• /
• 2022

As cyber threats in the maritime industry increase due to the digital transformation, the needs for cyber security training for ship's crew and port engineers has increased. The training of seafarers is related to the IMO's STCW convention, so cyber security training also managed and certified, and it is necessary to develop a cybersecurity training system that reflects the characteristics of the OT systemof ships and ports. In this paper, with the goal of developing a training model based on the IMO cyber risk management guideline, developing a cyber security training model based on the characteristics of maritime industry threats, and improving the effectiveness of cyber security training using AR/VR and metaverse, A method for developing a system for nurturing cyber security experts is presented.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.4
• /
• pp.867-875
• /
• 2019

Security awareness and training are becoming more important as cyber security incidents tend to increase in industrial control systems, including nuclear power plants. For effective cyber security awareness and training for the personnel who manage and operate the target facility, a TEST-BED is required that can analyze the impact of cyber attacks from the sensor level to the operation status of the nuclear power plant. In this paper, we have developed an HIL system for nuclear power plant cyber security training. It includes nuclear power plant status simulations and specific system status simulation together with physical devices. This research result will be used for the specialized cyber security training program for Korean nuclear facilities.

• Electronics and Telecommunications Trends
• /
• v.37 no.4
• /
• pp.36-45
• /
• 2022

As the interest in achieving an intelligent society grows with the fourth industrial revolution's development, information and communications technologies technologies like artificial intelligence (AI), Internet of Things, virtual reality, information security, and blockchain technology are being actively employed in different fields for achieving an intelligent society. With these modifications, the information security paradigm in industrial and public institutions, like personal sensitive data, is quickly changing, and it is exposed to different cyber threats and breaches. Furthermore, as the number of cyber threats and breaches grows, so does the need for rapid detection and response. This demand can be satisfied by establishing cyber training programs and fostering experts that can improve cyber security abilities. In this study, we explored the domestic and international technology trends in cyber security education and training facilities for developing experts in information security. Additionally, the AI technology application in the cyber training ground, which can be established to respond to and deter cyber threats that are becoming more intelligent, was examined.

• Convergence Security Journal
• /
• v.17 no.2
• /
• pp.145-151
• /
• 2017

The Cyberspace of the Republic of Korea Army is continuously threatened by enemies. Means for responding to such cyber threats are ultimately Military information security professional personnel. Currently, however, there are only a handful of advanced information security professional persons in Republic of Korea Army, and a lack of systematic training is inadequate. Therefore, in this thesis, we surveyed the information security professional human resource policies of USA, UK, Israel, and Japan. In addition, the policy to train professional human resources specialized in defense cyber security, we proposed training of specialist talent of 4 steps and medium and long term plan, step-by-step training system sizing, introduction of certification system.