• Journal of Digital Convergence
• /
• v.10 no.1
• /
• pp.105-111
• /
• 2012

This study is to propose national information security policies based on the policy framework, which has four components: government, industry/company, individual, and environments. According to the framework, the four policy agenda are derived: national information security governance scheme, information security industry competitiveness and corporate security level enhancement, eco-system for security professionals, and finally related laws & regulations modification and security culture movement. Specific issues and policies in each agenda are proposed.

• Journal of the Korea Convergence Society
• /
• v.9 no.6
• /
• pp.225-234
• /
• 2018

The purpose of this study empirically examined relationship among affectivity(positive affectivity vs. negative affectivity) and organizational commitment on job satisfaction and work performance of information security professionals. To this end, we conducted a questionnaire survey on 174 information security professionals and analyzed the collected data using structural equation modeling (SEM). It was found that positive affectivity had a positive influences on organizational committment. But negative affectivity was not significantly related to organizational committment. In addition, organizational committment had a positive relationship with job satisfaction and work performance. The results of the empirical study are meaningful to understand the effects of the positive affective aspect of information security professionals on job satisfaction and work performance.

• The Journal of Society for e-Business Studies
• /
• v.20 no.3
• /
• pp.113-125
• /
• 2015

Information Security Incidents that have recently happen rapidly spread and the scale of that incidents' damage is large. In addition, as it proceeds to the era of converged industry in the future environment and the virtual cyber world expands to the physical world, new types of security threats have occurred. Now, it is time to supply security professionals who have a multi-dimensional security capabilities that can manage the strategies of technological security and physical security from the management point of view, rather than the ones who primarily focus on the traditional technologic-centered strategies to solve new types of security threats. In conclusion, in this paper we try to produce the curriculum of information security featured in the occupational classification system and analyze the subjects that are additionally required for those who move to other occupations to cultivate security professionals who suited to the converged-industrial environment. It is expected that multi-dimensional security professionals who suited to the converged-industrial environment will be cultivated by harmoniously integrating information security subjects from technological and business/managerial perspectives, and education training courses will be developed that effectively provide core knowledges per occupational classification when people moves to other occupations in the areas of information security.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.4
• /
• pp.77-87
• /
• 2011

As information services have been widely used in various environments, the knowledge information security sector plays a significant role in development and management of products and services, information privacy management, risk management and safety, etc. Thus, the process of acquiring knowledge information security professionals is getting more attention for promoting the stable and long-term development of the knowledge information security sector. This study identifies and analyzes the promising fields for the KISA Employment-Contract Master Program and suggests promotion strategies for knowledge information security professionals. By surveying participants and would-be participants, and interviewing experts, it is analyzed that 'mobile security' and 'convergence security' are the two most important fields to be included in the program.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.9 no.3
• /
• pp.99-106
• /
• 2013

There has been a lot of growth more than 10% in the information security industry. In accordance with the industrial growth, it increased needs for the information security manpower development as a national problem. But there is an imbalance between demand and supply of the information security manpower in terms of the quantity and quality. It is mainly caused by the curriculum of the information security is made considering for suppliers not for demanders. As a resolution to solve this problem, we suggest the curriculum of information security for vocational education and training. As the information security area is wide in view of required knowledge and technology, we design the curriculum by selecting major occupation type from the information security manpower distribution and products and then by investigating the job description using NCS(National Competency Standard). And we compared the curriculum to that of two or three year diploma courses in Korea.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.2
• /
• pp.551-558
• /
• 2016

The recent convergence in ICT industry has created new businesses as well as other opportunities. However, it entails new convergence threat accompanied by security risks. Even though there are security professionals who are dealing with the situation, there is not enough human resource in risk management. Moreover, the amount of research that studies quality of education and training security personnel is not sufficient. This paper explores the curriculum of information security education in the private sector and reasons out fifteen standard curriculums in four professional fields categorized by job classification. In addition, it provides a weighted score table based on the evaluation indicator for the effective security education certificates in the private sector.

• Asia pacific journal of information systems
• /
• v.14 no.4
• /
• pp.71-85
• /
• 2004

Due to exponentially growing threats of cyber attacks, many organizations have begun to recognize the importance of information security. There is an explosion in demand for experienced ISMs(Information Security Managers) and ISSDs(Information Security System Developers). To educate ISMs and ISSDs, identifying the specific knowledge and skill for information security professional is critical. This paper identifies 15 items of knowledge and skill for ISMs and ISSDs using a simplified Delphi technique and categories them. The results of this paper could be used in determining what kinds of knowledge and skill should be included in the curriculum of information security programs.

• Journal of the Korea Convergence Society
• /
• v.9 no.1
• /
• pp.67-74
• /
• 2018

The purpose of this study was to analyze the structural relationship among emotional labor and work performance of information security professionals. To this end, we conducted a questionnaire survey on 176 security workers and analyzed the collected data using structural equation modeling (SEM). It was found that the frequency of emotional display was positively related to deep acting and surface acting. Also, the intensity and variety of emotional display was positively related to deep acting and surface acting. In addition, deep acting had a positive relationship with work performance and surface acting had an significantly positive relationship with work performance. The results of this study are meaningful to understand the influence of the emotional aspect of security workers on work performance. Therefore, the overall findings suggest that the training programs and education for the improvement of emotional labor capacity of deep acting are continuously required.

• Asia pacific journal of information systems
• /
• v.32 no.4
• /
• pp.803-829
• /
• 2022

With the advances in technology and the trend towards increased computer-based experiential learning in education settings, business games are being increasingly used by business educators. This article utilizes Toulmin's Sensemaking Framework to investigate the sensemaking process of business professionals to reveal how they consciously reason about the value of business games for learning complex business concepts and principles. Using the analysis of responses from 43 business professionals, our study identifies key areas where business professionals find value in business games and the limitations of using business games. First, business games are found to be an effective tool when teaching practical business skill sets to business professionals. Second, business games enhance the overall learning process in professional business training. Third, despite the advantages, some pitfalls in applying business games to practice are found. We also found sub-themes, claims, and argument patterns of how business professionals evaluate the value of business games through a grounded theory qualitative analysis method. Analysis results show several ground-warrant patterns exist in the arguments on values of business games including general principle - causal reasoning, personal experience - generalization, and personal projection - generalization. With these findings, we believe this paper contributes to the theory and practice of business game design, development, and the game playing and learning process.

• 한국경영정보학회:학술대회논문집
• /
• 2008.06a
• /
• pp.755-766
• /
• 2008

정보보호의 중요성이 확산되면서 국내 정보보호 산업의 발전과 함께 정보보호 전문인력 양성을 위한 노력이 다각도로 이루어져왔다. 특히 정보보호 인력의 질적인 양성을 위해서는 보다 체계적인 정보보호 교육 시스템이 필요하다는 전제 아래, 정보보호 분야 지식 및 기술 분석에 대한 연구가 활발히 진행되어 왔다. 본 연구는 정보보호 전문인력이 갖추어야 할 지식 및 기술에 대해 정보보호 주 직무군에 따른 차이를 분석하고 있다. 먼저 문헌고찰과 전문가 조사를 통해 55개의 정보보호 분야 전문지식 및 기술을 도출하였다. 55개 조사대상 기술 및 지식에 대해 현업에 종사하고 있는 정보보호 전문인력을 대상으로 정보보호 업무를 수행하기 위해 필요한 정도와 숙련 정도를 조사하였다. 최종적으로는 정보보호 분야의 4개 주 직무군에 따른 정보보호 전문지식 및 기술에 대한 필요정도 차이를 분석하였다. 이를 통해 직무수행에 필요한 지식 및 기술을 도출하고, 수행 직무에서의 수요에 기반하여 정보보호 분야의 훈련 및 교육 체계를 수립하는 데에 기여할 수 있을 것이다.