• 시큐리티연구
• /
• 제8호
• /
• pp.197-218
• /
• 2004

This study has been conducted to provide data that contribute to increasing efficiency of 'Private Security', which is cooperated by customer, security companies and the police which carried out 'Public Law Enforcement' and controls security companies. To reach this purpose, we investigated the status of the 'Security Alarm Systems' operated by security service companied in Korea, analyzed arising problems, considered the polices for improving the operational quality. 'Electronic Security Systems' will increase working efficiency in performing 'Private Security'. There can be no two opinions on this matter. Therefore, it can be supposed that the improvement of operational quality of 'Electronic Security System' is an important factor to accomplish security services. 'Security Alarm System' is one of the 'Electronic Security System'. The critical problems in operating 'Security Alarm system' are unnecessary response by false alarm and nuisance alarm. To reduce the problems, it is suggested that security specialist officially licensed should improve security planning, installation and maintenance, and the 'Alarm Verification System' should be introduced with appropriate facilities.

• 시큐리티연구
• /
• 제5호
• /
• pp.179-210
• /
• 2002

Recently, the industry of private security needs to cope with system for specialization improvement to security business. Especially, private security will very important in various international events such as 2002 World Cup soccer game and so on. The analyses of this study have led to the following conclusions: First, the industry of private security must advance to trait by oneself. Second, it is needed that both public and private security must know about role-sharing between them on the basis of efficiency, and try to cooperate with each other for the events security. Third, it will educate and train their officials in professional techniques to events security. In addition, it should be expand to reserve manpower and for the motivation to security officials establish as minimum pay scale.

• 한국산업융합학회 논문집
• /
• 제23권2_2호
• /
• pp.333-341
• /
• 2020

In this paper, we introduce a smart city-cyber-security-grid-matrix methodology, as a result of research on overall cyber security of smart cities. The identified cyber security risks that threaten smart cities and smart-city-cyber-security-threat list are presented. The smart-city-cyber-security-requirements necessary to secure the smart city cyber security with the developed smart city-cyber-security-grid-matrix are given in this paper. We show how the developed smart city-cyber-security-grid-matrix methodology can be applied to real world. For it, we interlocked the developed smart city-cyber-security-grid-matrix methodology with the cyber-security-framework of the National Institute of Standards and Technology, and developed a framework-based smart city-cyber-security-grid-matrix. Using it, it is easy and comfortable to check the level of cyber security of the target smart ciy at a glace, and the construction and operation of the smart city security system is systematized.

• 한국경영과학회:학술대회논문집
• /
• 한국경영과학회 2006년도 추계학술대회
• /
• pp.467-481
• /
• 2006

In the era of the Internet and ubiquitous computing, IS users are still facing a variety of threats. Therefore, a need of more tightened information security service increases unprecedentedly. In this sense, this study is aimed at proposing a new research model in which IT assets (i.e., network, system, and information influence) and Information Security Service (i.e., confidentiality, integrity, nonrepudiation, authentication) affect information security qualty positively, leading to users' satisfaction eventually To prove the validity of the proposed research model, PLS analysis is applied with valid 177 questionnaires. Results reveal that both IT assets and Information Security Service influence informations security quality positively, and user satisfaction as well. From the results, it can be concluded that Korean government's recent orchestrated efforts to boost the IT assets and Information Security Service helped great improve the information security quality and user satisfaction.

• 한국IT서비스학회지
• /
• 제15권3호
• /
• pp.51-69
• /
• 2016

Recently, many Korean firms have suffered financial losses and damaged firm's trust due to information security incidents. Hence, a lot of firms have realized the importance of the information security. In particular, the demand for information security certification has increased. This study examined the effect of information security certification using the event study methodology. Our research shows that the announcement of the information security certification significantly influences the market value of the corresponding firm. The certified firms rise, on average, o.4993% (-2 day), 0.5462% (+1 day) of their market value. Further, we found that the financial sector in our data showed a 1.4% higher abnormal returns than the nonfinancial sector. On the other hand, whether a firm first acquired the information security certification is not significant. Our paper presents that it is possible to analyze the effect of the information security certification using the event study. We are expected to be used in making a decision for the investment of information security. Also, our results indicate that the firm which have acquired the information security certification should actively announce that fact.

• 한국멀티미디어학회논문지
• /
• 제19권1호
• /
• pp.51-59
• /
• 2016

Physical security protecting people from physical threats, such as a person or vehicle, has received a great attention. However, it has many risks of hacking and other security threats because it is highly dependent on automated management systems. In addition, a representative system of physical security, a CCTV control system has a high risk of hacking, such as video interceptions or video modulation. So physical security needs urgent security measures in accordance with these threats. In this paper, we examine the case of security threats that have occurred in the past, prevent those from threatening the physical security, and analyze the security problem with the threats. Then we study the countermeasures to prevent these security threats based on the problems found in each case. Finally we study for the method to apply these countermeasures.

• 한국인터넷방송통신학회논문지
• /
• 제17권4호
• /
• pp.209-218
• /
• 2017

날로 고도화 지능화 되는 금융보안 위협에 효율적이고 선제적으로 대응하고, 금융 이용자가 안전하게 금융서비스를 제공받을 수 있도록 금융권의 전문적인 정보 보안인력이 필요한 실정이다. 하지만 2015년 기준 금융IT 보안인력은 금융IT인력 중 4.9%로 전년대비 다소 증가하였으나, 여전히 낮은 수준이다. 이에 본 연구에서는 점차 금융 보안전문 인력들의 증가가 예상되는 가운데 금융 보안 전문 인력들의 최소한의 업무수행능력 검증과 보안의식 제고를 위하고 기존 보안자격제도의 과목과 금융보안원 및 금융감독원에서 제시한 교육커리큘럼 및 검사기법들을 비교분석하여 금융 분야에 특화된 정보보안 전문자격 도입 필요성에 대하여 연구하고자 한다.

• 융합보안논문지
• /
• 제21권3호
• /
• pp.39-47
• /
• 2021

효율적인 보안관제센터 운영을 위해서는 보안관제 대시보드의 표준화가 반드시 필요하다. 보안관제 대시보드는 24시간 365일 내내 함께 생활해야 하는 보안관제근무자들에게 많이 활용되도록 구성해야 한다. 또한 보안관제센터의 업무활동을 종합적으로 표출할 수 있어야 한다. 추가적으로 보안관제센터의 업무활동들을 쉽게 설명할 수 있어야 할 것이다. 이에 본 논문에서 사례기관에 실제 적용한 봉쇄·탐지·대응 기반의 보안관제 대시보드 디자인을 설명하고자 한다. 이를 통해 불필요한 귀빈 맞춤형 대시보드 구성작업에 대한 노력과 시간을 줄이고 보안관제센터의 효율적인 운영에 이바지하고자 한다.

• 한국IT서비스학회지
• /
• 제19권6호
• /
• pp.83-95
• /
• 2020

"I think security is only trying to make it uncomfortable." "10% of my work is entering IDs and passwords, such as boot passwords, mobile phone authentication numbers, etc." As reflected in the complaint above, stress caused by information security among organizations' members is increasing. In order to strengthen information security, practical solutions to reduce stress are needed because the motivation of the members is needed in order for organizations to function properly. Therefore, this study attempts to suggest key factors that can enhance security while reducing information security stress among members of organizations. To this end, based on the theory of protection motivation, trust and security stress from information security policies are set as mediating factors to explain changes in security reinforcement behavior. Furthermore, risk, efficacy, and reaction costs of cyberattacks are considered as prerequisites. Our study suggests a solution to the security reinforcement problem by analyzing the factors that influence the behavior of members of organizations. In turn, this can raise protection motivation among members.

• Journal of Information Technology Applications and Management
• /
• 제18권2호
• /
• pp.91-108
• /
• 2011

Enormous losses of shareholders and consumers caused by the risks threatening today's business (e.g., accounting fraud and inside trading) have ignited the necessity of international regulations on corporate ethics and internal control, such as Basel II and SOX. Responding to these regulations, companies are establishing governance system, applying it consistently to the core competency of the company, and increasing the scope of the governance system. Recently occurred security related incidents require companies to take more strict accountability over information security. One of the results includes strengthening of legislation and regulations. For these reasons, introduction of information security governance is needed. Information security governance governs the general information security activities of the company (establishment of information security management system, implementation of information security solutions) in the corporate level. Recognizing that the information security is not restricted to IT domain, but is the issue of overall business, this study develops information security governance framework based on the existing frameworks and systems of IT governance. The information security governance framework proposed in the study include concept, objective, and principle schemes which will help clearly understand the concepts of the information security governance, and execution scheme which will help implement proper organization, process and tools needed for the execution of information security governance.