• Convergence Security Journal
• /
• v.13 no.4
• /
• pp.3-10
• /
• 2013

Cyber attacks are threats to national security. Today, cybersecurity threats have various types, the theft or spread of privacy and national secret, the realization of direct attacks to infrastructure and the hacktivism with political or social objectives. Furthermore, There are special situations in South Korea because of North Korea's threats. Thus, It is necessary to handle cybersecurity as a kind of national security problem. It is a time to identify problems of governance system in cybersecurity and to improve related Acts and subordinate statutes. There are several tasks for legal improvement for governance system in cybersecurity. They are improving legal bases for the roles of the relevant authorities in cybersecurity, consolidating national joint response to cyber accidents, establishing and vitalizing information sharing system, constructing foundation of cybersecurity through industry promotion and manpower development, and acquiring defensive tools by enhancement research an development. In order to address these challenges, it is necessary to pay much attention to enactment and to revision laws and to practice legislative procedure.

• Convergence Security Journal
• /
• v.13 no.6
• /
• pp.91-98
• /
• 2013

Cyber attacks threaten the national security in this day and age. The government of the Republic of Korea recently released the National Cyber Security Comprehensive Countermeasures as a new cybersecurity policy. But current legal system cannot provide legal basis for the implementation of such measures. The current legal system related to cybersecurity is applied in each sector, thus the governance system in cybersecurity is separate. So there are many problems in the governance system in cybersecurity. To solve these problems fundamentally, it is righter to make a new cybersecurity law than to revise existing laws. Meanwhile, lawmakers proposed some bills in Congress to strengthen the cybersecurity in Korea in 2013. It will increase possibility of legislation of cybersecurity act to make a law through the analysis of these bills and to derive the essential elements from those. and to reflect these in the new cybersecurity act.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.2
• /
• pp.843-859
• /
• 2018

Cybersecurity has emerged as a serious problem in Korea and there have been relevant movements to improve domestic cybersecurity policy and system. However, discussions have yet to result in actual progress and the legislation for improvement of cybersecurity policy and system have been stagnant until now. As evidenced by the introduction of primary government legislation bill for national cybersecurity in 2017, the preparations for improvements to the policy and system are still in progress. However, we cannot be positive about the possibility of implementing these improvements during the process. Recognition of the importance of cybersecutiry has gradually risen and is more prevalent than in years past, however, in-depth discussions are not being made. In principle, misunderstandings about cybersecurity itself and insufficient understandings of the relevant legislation seem to cause such problems. Therefore, it is necessary to review key issues related to the improvement of cybersecurity policy and system and reconsider tasks for the future. Such issues include the relationship between cybersecurity and fundamental rights, establishing responsibility and capability of each of entities for cybersecurity, and the role of the military in cybersecurity. This type of in-depth discussion will be helpful for finding ways to improve upon cybersecurity policy and system. Moreover, this study aims to key issues with questionnaire survey and political and normative inquiry.

• Convergence Security Journal
• /
• v.17 no.1
• /
• pp.45-52
• /
• 2017

The Cybersecurity Information Sharing Act(CISA) of 2015, enacted in December 2015, is one of the greatest achievements of cybersecurity legislation in the United States. The promotion of cybersecurity information sharing is one of the tasks to improve cybersecurity governance in Korea. So it is an important issue to be addressed in cybersecurity legislation in Korea in the near future. CISA has many implications for cybersecurity legislation in Korea. Nevertheless, it is difficult to find preceding research that explain the content of CISA and study its normative meaning in Korea. Therefore, in this paper, the contents of the CISA is identified and its normative meaning and implication is found in five categories: definition of terms, establishment of information sharing procedures and conditions, promotion of voluntary information sharing by the private sector, checks on the executive branch and report to the Congress, and other matters. CISA facilitates information sharing based on willingness, while eliminating the side effects that may arise in the information sharing process. It is necessary to appropriately apply the good points of CISA to the cybersecurity legal system in Korea.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.4
• /
• pp.801-816
• /
• 2021

This study analyzes the political and legislative progress that although basic acts to establish an integrated system of cybersecurity are steadily being proposed, they have not been passed as legislative deadlocks under the two major parties. It shall be analyzed through Korea's legislative system, including differences in contents and interests of the disposal act, the timing and cycle of election ect. The study analyzes why the basic cybersecurity law was previously scrapped and faced political gridlock situation by analyzing the differences in the contents and interests of the two major parties, and the timing and cycle of the proposed legislation.

• Review of Korean Society for Internet Information
• /
• v.14 no.4
• /
• pp.63-76
• /
• 2013

This short report introduces the general background why Brazil conference is being prepared and what topics would be undertaken and what goals are being taken into account. It overviews what differences from traditional telecommunication governance, internet governance has had in its historical development and how such differences had been formed from its technological differences and the regulatory policy shift from common carrier regulation to privatization. Moreover, the fact that open, voluntary, bottom-up, diverse stakeholder's participation had evolved throughout the historical development of the internet, had established the present multistakeholder governance model from technological standardization to addressing scheme policies. ICANN, which has governed internet addressing schemes since the earlier 2000s, had developed address policies including IANA function from Jon Postel and technical community's legacy management system into contract based formation between ICANN and gTLD, ccTLD registries. And it made dispute resolution policies responding to trademark disputes and resolved gTLD monopoly issue by introducing new TLD generation and the separation of registry and registar. However, there had been challenges on the legitimacy of ICANN due to its dependency on the Federal Government of the U.S. particularly in its oversight role over ICANN and IANA contract. WSIS raised up internet governance issues including addressing governance, and set up IGF as a discussion platform for multistakeholders to discuss and share all views on other internet related public policies. IGF's loose and non-binding discussion once frustrated governments and other stakeholders, but more focused discussion and visible outcomes have consolidated its unique role for internet governance discourses. Particularly, IGF addressed many emerging internet related issues like cybersecurity, privacy, net neuratlity, development related issues. WTPF of 2013, after WCIT debate on whether traditional telecommunication regulation could be applied to internet infrastructure, suggested other governance issues such as the transition to ipv6, IXP coordination etc. How to make sure the legitimacy of internet addressing governance and how and where other internet related public policies could be undertaken are fundamental tasks for internet governance. Brazil conference, which has been motivated by the breakdown of trust in internet governance from NSA mass surveillance revealed by Snowden, faces these questions and try to make consensus on principles, institutions and roadmap for internet governance in multistakeholder participation way.