• Electronics and Telecommunications Trends
• /
• v.39 no.3
• /
• pp.48-57
• /
• 2024

Cyberthreats and crimes have become common in society and demand the adoption of robust security measures. Financial cybercrimes, personal information breaches, and spam messages are now prevalent, while companies and nations face an increasing number of cyberthreats and attacks such as distributed denial of service, ransomware, and malware. As the overall socioeconomic landscape undergoes digitalization powered by big data, cloud computing, and artificial intelligence technologies, the importance of cybersecurity is expected to steadily increase. Developed nations are actively implementing various policies to strengthen cybersecurity and providing government support for research and development activities to bolster their domestic cybersecurity industries. In particular, the South Korean government has designated cybersecurity as one of the 12 nationwide strategic technology sectors. We examine the current landscape of cybersecurity companies and the information and communication technology supply chain, providing insights into the domestic cybersecurity market and suggesting implications for South Korea.

• Convergence Security Journal
• /
• v.11 no.4
• /
• pp.19-29
• /
• 2011

After a change of government and the inauguration of President Barack Obama in 2009, there are various effort to set up a cybersecurity policy which is better than its predecessor. The legislative trend of cybersecurity is the one aspect of that. So we compare the legislative trend of cybersecurity in the Obama era to one in the Bush era and analyze that and find items which is helpful to Korea. It seems that the point of cybersecurity legislation of U.S.A. changes from tougheners of penalties to improvements to implementation system. We can find the implications for Korea From that. Cybersecurity is covered as a problem all over the nation and a security problem. It is necessary for Korea to get ready for new Pax Americana in cybersecurity in advance and to guarantee fundamental human rights.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2015.10a
• /
• pp.266-267
• /
• 2015

The information security (information security knowledge) industry is technology-intensive, high value-added industries. South Korea's response has excellent ICT skills and experience and skills in a variety of cyber attacks, has become a benchmark in the world. However, the small size of the domestic information security company, supporting infrastructure is lacking. Domestic information security industry is the primary condition to activate the export. In order to export it is necessary to develop for the Korean Cybersecurity Goods Menu for products, services and technologies of the domestic information security industry. Buyer Menu as well as foreign and domestic Seller, companies and governments know the details of the assets and product information security industry and is a prerequisite to sell. In this paper, I study the Korean Cybersecurity Goods Menu development.

• Journal of Information Technology Services
• /
• v.20 no.4
• /
• pp.53-68
• /
• 2021

Many organizations try to hire and retain a well-trained workforce to get their security level of IT assets and networks. However, most academic studies have focused on only how many workforces are needed to keep the secure function. We have to transit to other aspects of cybersecurity HRM studies because well-training workforces are not the problem of numbers but the quality. This study proves how the person-job fit and the work values impact job satisfaction of the cybersecurity workforce in early careers who graduated school recently and have a high turnover intention. The results of this study provide a lot of practical implications regarding job satisfaction of the cybersecurity workforce in an early career as follows. First, the major-job fit of the cybersecurity workforce doesn't influence job satisfaction, unlike other studies. Second, what graduates learned in college is little helpful in hands-on work, so retraining the cybersecurity workforce in an early career is very important. Third, the cybersecurity HRM plans have to center on realizing the self-realization of workforces to improve job satisfaction.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.17 no.1
• /
• pp.35-44
• /
• 2021

With the development of information technology, the cybersecurity threat continues as digital-related technologies are applied to the instrumentation and control system of nuclear power plants. The malfunction of the instrumentation and control system can cause economic damage due to shutdown, and furthermore, it can lead to national disasters such as radioactive emissions, so countering cybersecurity threats is an important issue. In general, the study of cybersecurity in instrumentation and control systems is concentrated on safety systems, and diverse protection systems perform protection and reactor shutdown functions, leading to reactor shutdown or, in the worst case, non-stop situations. To accurately analyze cyber threats in the diverse protection system, its linked facilities should be analyzed together. Risk analysis should be conducted by analyzing the potential impact of inter-facility cyberattacks on related facilities and the impact of cybersecurity on each configuration module of the diverse protection system. In this paper, we analyze the linkage of the diverse protection system and discuss the cybersecurity linkage threat by analyzing the availability of equipment, the cyber threat impact of the linked equipment, and the configuration module's cybersecurity vulnerability.

• Convergence Security Journal
• /
• v.17 no.1
• /
• pp.45-52
• /
• 2017

The Cybersecurity Information Sharing Act(CISA) of 2015, enacted in December 2015, is one of the greatest achievements of cybersecurity legislation in the United States. The promotion of cybersecurity information sharing is one of the tasks to improve cybersecurity governance in Korea. So it is an important issue to be addressed in cybersecurity legislation in Korea in the near future. CISA has many implications for cybersecurity legislation in Korea. Nevertheless, it is difficult to find preceding research that explain the content of CISA and study its normative meaning in Korea. Therefore, in this paper, the contents of the CISA is identified and its normative meaning and implication is found in five categories: definition of terms, establishment of information sharing procedures and conditions, promotion of voluntary information sharing by the private sector, checks on the executive branch and report to the Congress, and other matters. CISA facilitates information sharing based on willingness, while eliminating the side effects that may arise in the information sharing process. It is necessary to appropriately apply the good points of CISA to the cybersecurity legal system in Korea.

• Journal of the Society of Disaster Information
• /
• v.17 no.2
• /
• pp.375-390
• /
• 2021

Purpose: Most of cybersecurity breaches occur in SMEs. As the existing cybersecurity framework and certification system are mainly focused on financial and large companies, it is difficult for SMEs to utilize it due to lack of cybersecurity budget and manpower. So it is necessary to come up with measures to allow SMEs to voluntarily manage cyber risks. Method: After reviewing Cybersecurity market, cybersecurity items of financial institutions, cybersecurity framework comparison and cybersecurity incidents reported in the media, the criticality of cybersecurity items was analyzed through AHP analysis. And cybersecurity items of non-life insurers were also investigated and made a comparison between them. Result: Cyber risk management methods for SMEs were proposed for 20 major causes of cyber accidents. Conclusion: We hope that the cybersecurity risk assessment measures of SMEs in Korea will help them assess their risks when they sign up for cyber insurance, and that cyber risk assessment also needs to be linked to ERM standardization.

• Journal of the Korean Society of Systems Engineering
• /
• v.16 no.1
• /
• pp.36-42
• /
• 2020

Due to the population of the Republic of Korea is getting less, the shortage of available troops has become a big issue. In response to this, the need for Unmanned weapon systems is rising. To operate an Unmanned weapon system near borderlines or low altitude, it is necessary to protect not only the system itself but also operational information communicated between the Unmanned system and control station, so that they should be safe using Cybersecurity measures. Besides, it is critical to protect a few core technologies applied to Unmanned weapon systems throughout the Anti-Tamper measures. As the precedent studies only focus partially, Cybersecurity or Anti-Tamper, it is acknowledged that comprehensive studies are needed to be conducted. This study is to incorporate both concepts into Korea's defense acquisition process. Specifically, we will outline the concepts and needs of Cybersecurity and Anti-Tamper, and briefly present ways to apply them simultaneously.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.19 no.3
• /
• pp.25-38
• /
• 2023

Instrumentation and control systems measure and control various variables of nuclear facilities to operate nuclear power plants safely. A diverse protection system, a representative instrumentation and control system, generates a reactor trip and turbine trip signal by high pressure in a pressurizer and containment to satisfy the design requirements 10CFR50.62. Also, it generates an auxiliary feedwater actuation signal by low water levels in steam generators. Cybersecurity has become more critical as digital technology is gradually applied to solve problems such as performance degradation due to aging of analog equipment, increased maintenance costs, and product discontinuation. This paper analyzed possible cybersecurity threat scenarios in the diverse protection system using attack trees. Based on the analyzed cybersecurity threat scenario, we calculated the probability of attack occurrence and confirmed the cybersecurity risk in connection with the asset value.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.2
• /
• pp.241-250
• /
• 2017

Contrary to past critical infrastructure network, current critical infrastructure network is adopting IoT devices and efficient management system using the external networks. Using this system, productivity and management efficiency could be enhanced compared to past critical infrastructure network. But cybersecurity issue could be occurred at external network connection, so cybersecurity guideline is necessary. However, critical infrastructure organizations tend to use the cybersecurity guideline issued by government because it is hard to develop cybersecurity guideline on their own. But the government's cybersecurity guideline isn't suitable for the critical infrastructure network because it doesn't include critical infrastructure's specific characteristics. Therefor, we suggested the development method of cybersecurity guideline for the critical infrastructure network based on analysing cybersecurity guideline standards and critical infrastructure networks.