• Korean Security Journal
• /
• no.8
• /
• pp.197-218
• /
• 2004

This study has been conducted to provide data that contribute to increasing efficiency of 'Private Security', which is cooperated by customer, security companies and the police which carried out 'Public Law Enforcement' and controls security companies. To reach this purpose, we investigated the status of the 'Security Alarm Systems' operated by security service companied in Korea, analyzed arising problems, considered the polices for improving the operational quality. 'Electronic Security Systems' will increase working efficiency in performing 'Private Security'. There can be no two opinions on this matter. Therefore, it can be supposed that the improvement of operational quality of 'Electronic Security System' is an important factor to accomplish security services. 'Security Alarm System' is one of the 'Electronic Security System'. The critical problems in operating 'Security Alarm system' are unnecessary response by false alarm and nuisance alarm. To reduce the problems, it is suggested that security specialist officially licensed should improve security planning, installation and maintenance, and the 'Alarm Verification System' should be introduced with appropriate facilities.

• Korean Security Journal
• /
• no.5
• /
• pp.179-210
• /
• 2002

Recently, the industry of private security needs to cope with system for specialization improvement to security business. Especially, private security will very important in various international events such as 2002 World Cup soccer game and so on. The analyses of this study have led to the following conclusions: First, the industry of private security must advance to trait by oneself. Second, it is needed that both public and private security must know about role-sharing between them on the basis of efficiency, and try to cooperate with each other for the events security. Third, it will educate and train their officials in professional techniques to events security. In addition, it should be expand to reserve manpower and for the motivation to security officials establish as minimum pay scale.

• Journal of the Korean Society of Industry Convergence
• /
• v.23 no.2_2
• /
• pp.333-341
• /
• 2020

In this paper, we introduce a smart city-cyber-security-grid-matrix methodology, as a result of research on overall cyber security of smart cities. The identified cyber security risks that threaten smart cities and smart-city-cyber-security-threat list are presented. The smart-city-cyber-security-requirements necessary to secure the smart city cyber security with the developed smart city-cyber-security-grid-matrix are given in this paper. We show how the developed smart city-cyber-security-grid-matrix methodology can be applied to real world. For it, we interlocked the developed smart city-cyber-security-grid-matrix methodology with the cyber-security-framework of the National Institute of Standards and Technology, and developed a framework-based smart city-cyber-security-grid-matrix. Using it, it is easy and comfortable to check the level of cyber security of the target smart ciy at a glace, and the construction and operation of the smart city security system is systematized.

• Proceedings of the Korean Operations and Management Science Society Conference
• /
• 2006.11a
• /
• pp.467-481
• /
• 2006

In the era of the Internet and ubiquitous computing, IS users are still facing a variety of threats. Therefore, a need of more tightened information security service increases unprecedentedly. In this sense, this study is aimed at proposing a new research model in which IT assets (i.e., network, system, and information influence) and Information Security Service (i.e., confidentiality, integrity, nonrepudiation, authentication) affect information security qualty positively, leading to users' satisfaction eventually To prove the validity of the proposed research model, PLS analysis is applied with valid 177 questionnaires. Results reveal that both IT assets and Information Security Service influence informations security quality positively, and user satisfaction as well. From the results, it can be concluded that Korean government's recent orchestrated efforts to boost the IT assets and Information Security Service helped great improve the information security quality and user satisfaction.

• Journal of Information Technology Services
• /
• v.15 no.3
• /
• pp.51-69
• /
• 2016

Recently, many Korean firms have suffered financial losses and damaged firm's trust due to information security incidents. Hence, a lot of firms have realized the importance of the information security. In particular, the demand for information security certification has increased. This study examined the effect of information security certification using the event study methodology. Our research shows that the announcement of the information security certification significantly influences the market value of the corresponding firm. The certified firms rise, on average, o.4993% (-2 day), 0.5462% (+1 day) of their market value. Further, we found that the financial sector in our data showed a 1.4% higher abnormal returns than the nonfinancial sector. On the other hand, whether a firm first acquired the information security certification is not significant. Our paper presents that it is possible to analyze the effect of the information security certification using the event study. We are expected to be used in making a decision for the investment of information security. Also, our results indicate that the firm which have acquired the information security certification should actively announce that fact.

• Journal of Korea Multimedia Society
• /
• v.19 no.1
• /
• pp.51-59
• /
• 2016

Physical security protecting people from physical threats, such as a person or vehicle, has received a great attention. However, it has many risks of hacking and other security threats because it is highly dependent on automated management systems. In addition, a representative system of physical security, a CCTV control system has a high risk of hacking, such as video interceptions or video modulation. So physical security needs urgent security measures in accordance with these threats. In this paper, we examine the case of security threats that have occurred in the past, prevent those from threatening the physical security, and analyze the security problem with the threats. Then we study the countermeasures to prevent these security threats based on the problems found in each case. Finally we study for the method to apply these countermeasures.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.17 no.4
• /
• pp.209-218
• /
• 2017

In order to efficiently and preemptively respond to financial security threats that are becoming more sophisticated and intelligent, and to enable financial users to receive financial services safely, financial information security professionals are needed. However, as of 2015, the number of financial IT security personnel was 4.9%, which is slightly lower than the previous year, but still low. In this study, it is expected that the number of experts in financial security will increase gradually. In order to verify the minimum performance of financial security professionals and enhance the security consciousness, the subjects of the existing security qualification system, Curriculum and inspection techniques to analyze the necessity of introducing information security specialization specialized in financial sector.

• Convergence Security Journal
• /
• v.21 no.3
• /
• pp.39-47
• /
• 2021

Standardization of the security operation dashboard is essential for efficient operation of security operation center. The security operation dashboard should be configured so that it is widely used by security operation workers who have to live together 24 hours a day, 365 days a year. In addition, it must be able to comprehensively express the business activities of the security operation center. In addition, it should be possible to easily explain the business activities of the security operation center. Therefore, in this paper, we would like to explain the design of a security control dashboard based on blockade, detection, and response that is actually applied to case organizations in the power sector. Through this, it is intended to reduce the effort and time required for configuring a custom dashboard for VIPs, and contribute to the efficient operation of the security operation center.

• Journal of Information Technology Services
• /
• v.19 no.6
• /
• pp.83-95
• /
• 2020

"I think security is only trying to make it uncomfortable." "10% of my work is entering IDs and passwords, such as boot passwords, mobile phone authentication numbers, etc." As reflected in the complaint above, stress caused by information security among organizations' members is increasing. In order to strengthen information security, practical solutions to reduce stress are needed because the motivation of the members is needed in order for organizations to function properly. Therefore, this study attempts to suggest key factors that can enhance security while reducing information security stress among members of organizations. To this end, based on the theory of protection motivation, trust and security stress from information security policies are set as mediating factors to explain changes in security reinforcement behavior. Furthermore, risk, efficacy, and reaction costs of cyberattacks are considered as prerequisites. Our study suggests a solution to the security reinforcement problem by analyzing the factors that influence the behavior of members of organizations. In turn, this can raise protection motivation among members.

• Journal of Information Technology Applications and Management
• /
• v.18 no.2
• /
• pp.91-108
• /
• 2011

Enormous losses of shareholders and consumers caused by the risks threatening today's business (e.g., accounting fraud and inside trading) have ignited the necessity of international regulations on corporate ethics and internal control, such as Basel II and SOX. Responding to these regulations, companies are establishing governance system, applying it consistently to the core competency of the company, and increasing the scope of the governance system. Recently occurred security related incidents require companies to take more strict accountability over information security. One of the results includes strengthening of legislation and regulations. For these reasons, introduction of information security governance is needed. Information security governance governs the general information security activities of the company (establishment of information security management system, implementation of information security solutions) in the corporate level. Recognizing that the information security is not restricted to IT domain, but is the issue of overall business, this study develops information security governance framework based on the existing frameworks and systems of IT governance. The information security governance framework proposed in the study include concept, objective, and principle schemes which will help clearly understand the concepts of the information security governance, and execution scheme which will help implement proper organization, process and tools needed for the execution of information security governance.