• Title/Summary/Keyword: Information Security Training

Search Result 495, Processing Time 0.022 seconds

Internal Lecturer Management Plan for Effective Information Security Technology Job Training (효과적인 정보보호 기술 직무교육을 위한 사내강사 운영관리 방안)

  • Yang, Jinseok;Chung, Taimyoung;Eom, Jungho
    • Journal of Korea Society of Digital Industry and Information Management
    • /
    • v.14 no.4
    • /
    • pp.109-116
    • /
    • 2018
  • This research proposed management plan of internal lecturer who is in charge of job training of researchers working in administrative, researching and developing institutes or public institutions related to information security. The education and training department of the government or public institutions selects and manages lecturers in member of the staff. We applied to the management plan of internal lecturers who are in charge of information security job training by analyzing the way in which internal lecturers are operated by public organizations or corporations. We propose the management plan of internal lecturer according to the position, because the institute of information security is applying the researcher 's position(rank) system. By the proposed circulation management plan by the position, the internal lecturer position is determined according to the position of the employees to be trained and the internal lecturer is selected and operated only at the same position. The proposed management plan includes internal lecturer selection, responsibilities and duties, education, evaluation, and training support.

An Understanding of Impact of Security Countermeasures on Persistent Policy Compliance (보안 대책이 지속적 보안 정책 준수에 미치는 영향)

  • Park, Chul-Ju;Yim, Myung-Seong
    • Journal of Digital Convergence
    • /
    • v.10 no.4
    • /
    • pp.23-35
    • /
    • 2012
  • The goal of this study is to identify factors that influence on the persistent information security compliance intention of employees. Antecedents suggested in research model are security awareness training and perceived effectiveness of information security policy. Research results show that security awareness training has a positive effect on persistent information security compliance intention as well as effectiveness of information security policy. While policy breadth, which is one of the effectiveness of information security policy, influences on persistent information security compliance attitude and intention, policy brevity does not effect on persistent information security compliance intention. Conclusions and implications are discussed.

Association Analysis on The Completion Rate of Security education and Cyber Terror Response According to Personal and Job characteristics (인적 및 직무특성과 보안교육 이수율 및 사이버테러 대응과의 연관성 분석)

  • Shin, Hyun Jo;Lee, Kyung Bok;Park, Tae Hyoung
    • Journal of Korea Society of Digital Industry and Information Management
    • /
    • v.10 no.4
    • /
    • pp.97-107
    • /
    • 2014
  • The development of ICT has led positive aspects such as popularization of Internet. It, on the other hand, is causing a negative aspect, Cyber Terror. Although the causes for recent and continuous increase of cyber security incidents are various such as lack of technical and institutional security measure, the main cause which threatens the cyber security is the users' lack of awareness and attitude. The purpose of this study is the positive analysis of how the personal and job characteristics influence the cyber security training participation rate and the response ability to cyber terror response training with a sample case of K-corporation employees. In this paper, the relationship among career, gender, department, whether he/she is a cyber security specialist, whether he/she is a regular employee), "ratio of cyber security training courses during recent three years", "ratio that he/she has opened the malicious email in cyber terror response training during recent three years", "response index of virus active-x installation (higher index means poorer response)" is closely examined. Moreover, based on the examination result, the practical and political implications regarding K-corporation's cyber security courses and cyber terror response training are studied.

Impacts of Punishment and Ethics Training on Information Security Compliance: Focus on the Moderating Role of Organizational Type (처벌과 윤리교육이 정보보안준수에 미치는 영향: 조직유형의 조절효과를 중심으로)

  • Ahn, Joong-Ho;Park, Jun-Hyung;Sung, Ki-Moon;Lee, Jae-Hong
    • Information Systems Review
    • /
    • v.12 no.1
    • /
    • pp.23-42
    • /
    • 2010
  • Although organizations are given various benefits with information technologies, they sometimes have suffered fatal damages due to information security incidents now such as computer virus, hacking, counterfeiting, plagiarizing, etc. The fundamentalcauses of information security incidents are closely related to individuals who do not comply with information security policy or rules. The spontaneous self-control of individuals and monitoring for individuals could be the most essential solution for the ongoing observance of information security policy. Thus, the purpose of this study is to analyze effects of punishment and ethics training on compliance of information security policy of individuals in organizations, to determine individual divide among security propensity depending on organization types, and to find the more fundamental solution which leads change of organizational members’ behaviors and self-control. Regardless of the type of organizations, the results of the study suggest that there exist positive effects of punishment and ethics training in all types of organization on compliance of information security rules or regulations. A member of unitary form organization has higher cognition of punishment than a member's cognition of the multi-divisional form organization, while relatively lower awareness of ethics training. Also, a member of public organization has higher awareness of ethics training than a member’s awareness of private organization, while lower cognition of punishment. Finally, the result shows that punishment and ethics training may be major factors which affect information security. It also suggests that organizational security managers have to understand and consider organization member’s propensity relying on organization form and organization characteristics for establishment and enforcement of information security policy.

Use of Patent Anlysis for the Future Skills-needs in Information Security

  • Hwang, Gyu-hee;Ju, In-Joong;Ban, Ga-woon;Lee, Kack-Hee
    • Asian Journal of Innovation and Policy
    • /
    • v.4 no.3
    • /
    • pp.307-327
    • /
    • 2015
  • This study attempts to develop a methodology that analyzes patent applications to identify future skills, in particular in the sector of information security, recently into the spotlight. Matching skill elements from the International Patent Classification (IPC) with skill units from job analysis, the study tries to track trends in the skills needs based on IPC time-pattern. It then verifies the validity of the outlook for future skills needs by addressing the situation through the use of patents. The research assesses the usability of patent information for this type of analysis. While this study is limited to the information security sector by using Korean patent information, it can be expanded in the future to other areas and patents in the United States and Europe.

A Study on the Factors Affecting the User Satisfaction and Continuous Use Intention of the Improved Army Tactical Command Information System (ATCIS 성능개량체계 만족 및 지속사용 의도에 미치는 영향요인)

  • Lee, Tae Bok;Baek, Seung Nyoung
    • The Journal of Information Systems
    • /
    • v.31 no.1
    • /
    • pp.1-24
    • /
    • 2022
  • Purpose The purpose of this study is to investigate the factors that affect the user satisfaction and continuous use intention of the improved ATCIS in the Korean Army. Design/methodology/approach Based on the various theories in relation to IT continuance, user satisfaction was identified as the main factor with regard to the continuous use intention of the improved ATCIS. In addition, computer self-efficacy, education-training, and system quality were hypothesized as antecedent variables to user satisfaction, and information security stress was set as a moderating variable for these relationships. Findings Survey results show that computer self-efficacy, education and training, and system quality had a positive effect on user satisfaction, and information security stress was found to moderate these relationships. The effects of computer self-efficacy and education-training on user satisfaction were higher in the group with low information security stress. However, the relationship between system quality and user satisfaction was higher in the group with high information security stress. User satisfaction is found to have a positive effect on the continuous use intention even with habit considered as a control variable.

Comparison of Security Education Program of Woman Information Security Majors of Seoul Region (서울지역 여성 정보보호전공의 보안교육 프로그램 비교)

  • Hong, Jin-Keun
    • Journal of the Korea Convergence Society
    • /
    • v.11 no.10
    • /
    • pp.107-113
    • /
    • 2020
  • With the development of IT technology, along with the expansion of women's participation in society, the education training of information security women's workforce is becoming a very important issue. Therefore, it is important to analyze the relevant curriculum to identify the direction of fostering women's information security workforce. Therefore, in this paper, the education and training programs of the department for training women's information security workforce based in Seoul area of the Korean metropolitan area were analyzed. The main research objective of this paper is to review whether the education and training system, which consists of the department of women's information security human resources development, is in line with the direction of NIST's human resources development. The research focus was on what the women's information security department organizes courses with each security major and what task training is interested in. In addition, in this paper, we were confirmed that the curriculum of the relevant major is based on the NIST Human Resources Development Framework, and that the majors of the relevant universities have an education and training system that conforms to the relevant task. In conclusion, the related majors are judged to be focused on the development of certification evaluation personnel of convergence industry security or information security development personnel, and general cyber security personnel.

An Investigation into the Role of Technostress in Information Security Context (기술스트레스가 정보보안에 미치는 영향에 관한 연구)

  • Park, Chul-Ju;Yim, Myung-Seong
    • Journal of Digital Convergence
    • /
    • v.10 no.5
    • /
    • pp.37-51
    • /
    • 2012
  • The purpose of this study is to approach information security from a more comprehensive perspective. Particularly, information countermeasures includes a technological tool for end users, thereby increasing the end users' technological stresses. Based on the technostress framework, we investigate a effect of security awareness training on technostress, and also examine a effect of technostress on the persistent security compliance. Results showed that security awareness training influenced on techno-overload and techno-uncertainty. We also found that techno-overload and techno-uncertainty have a significant effect on the persistent security compliance. Conclusion and implications are discussed.

The Effect of Composition and Security Activities for Information Security Architecture on Information Asset Protection and Organizational Performance (정보보호 아키텍처 구성과 보안활동이 정보자산보호 및 조직성과에 미치는 영향)

  • Jeong, Gu-Heon;Yi, Dong-Wook;Jeong, Seung-Ryul
    • The KIPS Transactions:PartD
    • /
    • v.17D no.3
    • /
    • pp.223-232
    • /
    • 2010
  • This study was carried out for the purpose of inquiring into the effect of composition and security activities for information security architecture on information asset protection and organizational performance in terms of general information security. This study made a survey on 300 workers in the government, public institutions and private companies, which it showed that management factors of risk identification and risk analysis, in general, have an usefulness to composition and security activities for information security architecture to prevent inside information leakage. And the understanding and training factors of IT architecture and its component were rejected, requiring the limited composition and security activities for information security architecture. In other words, from the reality, which most institutions and organizations are introducing and operating the information security architecture, and restrictively carrying out the training in this, the training for a new understanding of architecture and its component as an independent variable made so much importance, or it did not greatly contribute to the control or management activities for information security as the generalized process, but strict security activities through the generalization of risk identification and risk analysis management had a so much big effect on the significant organizational performance.

Development of Human Resources at universities for training of specialist in security industries - based on Departments related Security services - (경호·경비분야 전문인력양성을 위한 대학 인적자원개발 - 경호관련학과를 중심으로 -)

  • Kwon, Tae-Il
    • Journal of the Society of Disaster Information
    • /
    • v.2 no.1
    • /
    • pp.19-38
    • /
    • 2006
  • With rapid social change, security industries were diversified and universities related total security service were founded for training of specialist with a theory and practical affairs. Today, universities must provide an education which fits to job characteristics in rapidly changing society. Also students through this education must find their job properly. The purposes of this study, therefore, are to search a career selection of students majoring in total security service related departments and to study a role of universities for development of specialist related security industries. Revitalization plan of human resources for departments related security services are as follows ; roles of universities: a specialization of curriculum and a diversification of training method. 'academic-industrial cooperation', role of government: 'a legal and institutional policy on academic-industrial cooperation';. Universities, cooperations, government must cooperate mutually for development of specialist related security service field.

  • PDF