• Journal of Information Technology Applications and Management
• /
• v.16 no.3
• /
• pp.73-86
• /
• 2009

To establish an effective security strategy, business enterprises need a security benchmarking tool. The strategy helps to lessen an impact and a damage in any threat. This study analyses many aspects of information security management and suggests a way to deal with security investments by considering important factors that affect security manager's decision. To address the different threats resulting from a major cause of accidents inside an enterprise, we investigate an approach that followed ISO17799. We unfold a criminology theory that has designated many measures against the threat as suggested by General Deterrence Theory. The study proposes a coherent model of the theory to improve the security measures especially in handling and protecting company assets and human lives as well.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.6
• /
• pp.1507-1517
• /
• 2017

Generally, information breach incidents are thought to be caused by external hackers. However, both direct and indirect information breach incidents by insiders are more frequent than by external hackers. It also accounts for more than half of the total information breach, so it should be prepared against insider breach. In this study, based on General Deterrence Theory(GDT) and Rational Choice Theory(RCT), we integrated the risk sensitivity and situational anxiety, which were studied in the field of traffic psychology to construct research model. Result of analysis shows that the impact of risk perceptions on the severity and certainty of perceived punishment was not statistically significant, but perceived benefits, situational anxiety, and severity and certainty of perceived punishment were found to influence the information breach intention.

• Journal of the Korea Society of Computer and Information
• /
• v.24 no.6
• /
• pp.81-88
• /
• 2019

Based on the theory of planned behavior and the theory of legal deterrence, this study takes consumers' willingness to pay for digital music as the research object, investigates the consumers who have digital music consumption channels and behaviors, and discusses the willingness of consumers to pay for digital music and its influencing factors. The study attempts to achieve the following research purposes: First, explore the influencing factors of willingness to pay for digital music using domestic and foreign literature research and related content analysis. Second, we want to examine the effect of Attitude, Collective Specifications, Quality Sensitivity and Music affinity on willingness to pay. Third, Legal deterrence and resource availability tries to verify whether there is a moderating effect between Attitude, Collective Specifications, Quality Sensitivity and Music affinity and willingness to pay. The research data was collected in 2019 between April 6th to May 8th. Questionnaires were randomly distributed in fixed places, mainly in Hubei Province, China. A total of 393 questionnaires were selected for data analysis. Based on the previous theoretical review and empirical analysis, the study draws the following conclusions: Firstly, attitude, collective specifications, quality sensitivity and music affinity have an impact on the willingness to pay. Second, Legal deterrence has a regulatory effect on the relationship among quality sensitivity, musical affinity and the willingness to pay. Last the resource availability has a significant impact on the willingness to pay. It also has a regulatory effect on the relationship among quality sensitivity, music affinity and the willingness to pay.

• Asia pacific journal of information systems
• /
• v.12 no.1
• /
• pp.123-138
• /
• 2002

For the last two decades, there has been much research on computer abuse from the perspective of the general deterrence theory based on objectism, which covers security policy, security awareness programs, and physical security system. The traditional view offered by the general deterrence theory indicates that security policy, security awareness, and security system play a major role in preventing computer abuse. In spite of continuous organizational efforts and investments based on these systematic factors, the incidence of computer abuse in organizations is still rapidly increasing. This paper proposes another perspective-the social control theory based on subjectism-in preventing computer abuse. According to the social control theory, organizational trust, which comprises organizational attachment, commitment, involvement and norms, can prevent computer abuse by reducing insider's computer abuse. The aim of this article is to assess the role of organizational trust come from attachment, commitment, involvement, norms in preventing computer abuse. The results indicate that both organizational trust and deterrent factors are effective in preventing computer abuse.

• 한국경영정보학회:학술대회논문집
• /
• 2007.11a
• /
• pp.487-492
• /
• 2007

This research focuses on the development and empirical validation of a model of software piracy behavior on the basis of deterrence theory, expected utility theory and the theory of reasoned action. The total of sample numbered 86 and PLS (Partial Least Square) was utilized for analysis. The test of this study revealed that punishment severity was the greatest significant factor to influence to software piracy and subjective norms was also significantly related to it. However punishment certainty and software cost do not significantly affect to software piracy.

• Strategy21
• /
• s.41
• /
• pp.232-260
• /
• 2017

The purpose of this paper is to open a debate about what kind of deterrent strategy the ROK military should pursue in the era of NK's weapons of mass destruction and missile threats. I argue that the ROK military needs a comprehensive deterrent strategy that reflects the international security situations and trends and that builds on clear understanding of the basic concepts and how deterrence operates. The paper starts with surveying the basic knowledge of deterrence from the perspectives of both theory and practice. Then, it provides explanations on why deterrence against NK can be particularly difficult given the security environment in and around the Korean peninsula. For example, South Korea and North Korea hardly share 'common knowledge' that serves as a basic element for the operation of deterrence. Deterrence against North Korea involves complex situations in that both deterrence and compellence strategies may be relevant particularly to North Korea's WMD and missile threats. It also involves both immediate and general deterrence. Based on the discussion, I suggest several ideas that may serve as guidelines for establishing a deterrent strategy against NK. First, our threats for deterrence should be the ones that can be realized, particularly in terms of the international norms. In other words, they must be considered appropriate among other nations in the international community. Second, there should be separate plans for the different kinds of threats: one is conventional, local provocations and the other is WMD/missile related provocations. Third, we should pursue much closer cooperative relations with the U.S. military to enhance the effectiveness of immediate deterrence in the Korean peninsula. Fourth, the ROK military should aim to accomplish 'smart deterrence' maximizing the benefits of technological superiority. Fifth, the ROK military readiness and structure should be able to deny emerging North Korean military threats such as the submarine-launched ballistic missiles and intercontinental ballistic missiles. Lastly, in executing threats, we should consider that the current action influences credibility and reputation of the ROK, which in turn affect the decisions for future provocations. North Korea's WMD/missile threats may soon become critical strategic-level threats to South Korea. In retrospect, the first debate on building a missile defense system in South Korea dates back to the 1980s. Mostly the debate has centered on whether or not South Korea's system should be integrated into the U.S. missile defense system. In the meantime, North Korea has become a small nuclear power that can threaten the United States with the ballistic missiles capability. If North Korea completes the SLBM program and loads the missiles on a submarine with improved underwater operation capability, then, South Korea may have to face the reality of power politics demonstrated by Thucydides through the Athenians: "The strong do what they have the power to do, the weak accept what they have to accept."

• Convergence Security Journal
• /
• v.22 no.4
• /
• pp.3-9
• /
• 2022

Recently, as the environment of the 4th industrial revolution has arrived, the opening, sharing and convergence of data are actively being achieved in any organization. However, the opening and sharing of data inevitably leads to security vulnerability and there is ambivalence that is a threat that can affect the existence of an organization operated in the 4th industrial revolution environment. Especially security issues in the organization of the military can be a threat to the state, not the military itself, so it is always necessary to maintain a high level of security discipline. In this paper, 14 variables were selected through structural equation model applying theory of planned behavior, deterrence and protection motivation to find out the security level development measures by extracting factors that can affect security level. As a result, the theory of planned behavior that the security knowledge embodied through the usual security regulation education and evaluation affects the behavior was adopted, and the theory of deterrence and protection motivation showed the significance of the rejection level. In addition, it was confirmed that the variables that have the greatest impact on the military security level through the measured values of the three-year security audit were commanders and mental security. In conclusion, in order to improve the security level, it is suggested that security education, definite reward and punishment, and security system upgrading should be firmly established and mental security posture should be secured.

• Journal of the military operations research society of Korea
• /
• v.31 no.1
• /
• pp.1-13
• /
• 2005

Due to the rapid developments in information and computer technology, the warfare paradigm is being transformed into information-centric and knowledge-based warfare. This atmosphere may have significant impact on the ROK armed forces' Force Improvement Plans (FIP) which is documented in 'Defense White Paper 2004'. We focus here on the relationship of information-centric force and deterrence of invasion. Particularly, we are interested in understanding the level of information superiority that might be required to deter the invasion. In order to solve this problem, we employed two-sided, zero-sum strategic game to simulate the outcome with six hypothetical cases devised by varying the level of information superiority.

• Journal of Digital Convergence
• /
• v.19 no.2
• /
• pp.169-174
• /
• 2021

While the importance of information security policies is heightened, numerous empirical studies have been conducted to investigate the factors that influence employee's willingness to comply organizational security policies. Some of those studies, however, were not consistent and even contradictory each other. Synthesizing research outcomes has been resulted as qualitative literature reviews or quantitative analysis on individual effect sizes, which leads to meta-analyze on whole research model. This study investigated 28 empirical research based on the deterrence theory with sanction certainty, severity and celerity. The analysis with random effect model resulted in well-fitted research model as well as all of significant paths in the model. Future research can include informal deterrent factors and contextual factors as moderator variables.

• Journal of Information Technology Services
• /
• v.14 no.4
• /
• pp.81-104
• /
• 2015

Intentional information systems (IS) misuse is a serious problem in many organizations. This study aims at developing the theoretical framework of deterring IS misuse on the basis of Nagin's General Deterrence Theory (GDT) which is very famous in the area of socio-criminology. Applying GDT to the IS misuse situation could be reasoned that the perceived certainty and the perceived severity of sanctions associated with committing IS misuse have positive impact on deterring the deviant behaviors. Also, these two constructs (certainty of sanctions and severity of sanctions) could be inferred to be influenced by the four types of IS security countermeasures (security policies, security awareness program, monitoring practices and preventive security software) derived through critically reviewing IS security-relevant literature. The proposed research model and ten hypotheses were empirically analysed using structural equation modelling with the data collected by conducting a questionnaire survey of staff members in business organizations in Korea. As a result, it was found that five ones of ten hypotheses were supported. It is thought that this study makes theoretical contribution to expanding research area of IS security and also has strong implications for IS security management practices within organizations.