• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.3
• /
• pp.143-152
• /
• 2009

Successful industries that have maintained their competitiveness are characterized by well-established skills framework system. Skills framework establishes the agreed-upon, industry-identified knowledge, skills and abilities required to succeed in the workplace. Skills framework forms a solid foundation for the development of outcomes-based instruction and assessment, thus it benefits industry, students, educators and government. Each group has a major stake in the education of our students and in the efficient development of a productive workforce. Particularly in fast-changing fields like information security, relevant data that accurately reflect current and future knowledge and skills enable timely direction of resources, development and revision of industry-relevant curriculum, and efficient development of career information and job profiles. Skills framework occupies an indispensable position in any dialog concerning education or training in technical fields. In this study, we develop the skills framework for information security professionals.

• Journal of the Korea Convergence Society
• /
• v.11 no.10
• /
• pp.107-113
• /
• 2020

With the development of IT technology, along with the expansion of women's participation in society, the education training of information security women's workforce is becoming a very important issue. Therefore, it is important to analyze the relevant curriculum to identify the direction of fostering women's information security workforce. Therefore, in this paper, the education and training programs of the department for training women's information security workforce based in Seoul area of the Korean metropolitan area were analyzed. The main research objective of this paper is to review whether the education and training system, which consists of the department of women's information security human resources development, is in line with the direction of NIST's human resources development. The research focus was on what the women's information security department organizes courses with each security major and what task training is interested in. In addition, in this paper, we were confirmed that the curriculum of the relevant major is based on the NIST Human Resources Development Framework, and that the majors of the relevant universities have an education and training system that conforms to the relevant task. In conclusion, the related majors are judged to be focused on the development of certification evaluation personnel of convergence industry security or information security development personnel, and general cyber security personnel.

• Information Systems Review
• /
• v.25 no.3
• /
• pp.179-197
• /
• 2023

As a sufficient workforce supports the industry's growth, workforce training has also been carried out as part of the industry promotion policy. However, the market still has a shortage of skilled mid-level workers. The information security disclosure requires organizations to secure personnel responsible for information security work. Still, the division between information technology work and job areas is unclear, and the pay is not high for responsibility. This paper compares job keywords in advertisements for the information security workforce for 2014, 2019, and 2022. There is no difference in the keywords describing the job duties of information security personnel in the three years, such as implementation, operation, technical support, network, and security solution. To identify the actual needs of companies, we also analyzed and compared the contents of job advertisements posted on online recruitment sites with information security sector knowledge and skills defined by the National Competence Standards used for comprehensive vocational training. It was found that technical skills such as technology development, network, and operating system are preferred in the actual workplace. In contrast, managerial skills such as the legal system and certification systems are prioritized in vocational training.

• Journal of the Semiconductor & Display Technology
• /
• v.20 no.3
• /
• pp.65-70
• /
• 2021

According to the trend of increasingly sophisticated cyber threats, the need for technology research that can be applied to cyber security personnel management and training systems is constantly being raised not only overseas but also in Korea. Previously, the US and UK have already recognized the need and have been steadily conducting related research from the past. In the United States, by encouraging applications based on related research (NICE Cybersecurity Workforce Framework) and disclosing successful use cases to the outside, it is laying the groundwork for profiling cyber security experts. However in Korea, research on cyber security expert training and profiling is insufficient compared to other countries. Therefore, in this study, in order to create a system suitable for the domestic situation, research and analysis of cases in the United States and the United Kingdom were conducted over the past few years, and based on this, a prototype was produced for the study of profiling technology for domestic cyber security experts.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.4
• /
• pp.77-87
• /
• 2011

As information services have been widely used in various environments, the knowledge information security sector plays a significant role in development and management of products and services, information privacy management, risk management and safety, etc. Thus, the process of acquiring knowledge information security professionals is getting more attention for promoting the stable and long-term development of the knowledge information security sector. This study identifies and analyzes the promising fields for the KISA Employment-Contract Master Program and suggests promotion strategies for knowledge information security professionals. By surveying participants and would-be participants, and interviewing experts, it is analyzed that 'mobile security' and 'convergence security' are the two most important fields to be included in the program.

• Proceedings of the Korea Society of Information Technology Applications Conference
• /
• 2002.06a
• /
• pp.33-34
• /
• 2002

• KIPS Transactions on Computer and Communication Systems
• /
• v.6 no.7
• /
• pp.321-328
• /
• 2017

As the cyber threats become more sophisticated and intelligent, the cases of cyber-infringement accidents are rapidly increasing. As a result, awareness of the importance of cyber security professionals has led to many cyber security-related educational programs. These programs provided with education curriculum aimed because cyber security workforce and job-based cyber security education research are not properly done. In this study, we developed a new cyber security education curriculum that defines and reflects cyber security personnel and knowledge system. In this study is not composed solely of the education contents related to the defenses emphasized in the existing education curriculum, but developed education curriculum to train a professional and balanced cyber security manpower by adding education contents in the attack field.

• Journal of Digital Convergence
• /
• v.12 no.1
• /
• pp.599-605
• /
• 2014

In this paper, we analyzed academic curriculum of information security major in domestic university and in center of education contents, reviewed about eduction distinction direction in each university. Also in center of domestic information security industry, it compared and analyzed status of recruitment demand in each information security range and training student in the university, and analyzed whether to meet the degree of information security workforce. In addition, we were examined future needs and direction of the convergency field of information security personnel in terms of information security major curriculum.

• Journal of Information Technology Services
• /
• v.20 no.4
• /
• pp.53-68
• /
• 2021

Many organizations try to hire and retain a well-trained workforce to get their security level of IT assets and networks. However, most academic studies have focused on only how many workforces are needed to keep the secure function. We have to transit to other aspects of cybersecurity HRM studies because well-training workforces are not the problem of numbers but the quality. This study proves how the person-job fit and the work values impact job satisfaction of the cybersecurity workforce in early careers who graduated school recently and have a high turnover intention. The results of this study provide a lot of practical implications regarding job satisfaction of the cybersecurity workforce in an early career as follows. First, the major-job fit of the cybersecurity workforce doesn't influence job satisfaction, unlike other studies. Second, what graduates learned in college is little helpful in hands-on work, so retraining the cybersecurity workforce in an early career is very important. Third, the cybersecurity HRM plans have to center on realizing the self-realization of workforces to improve job satisfaction.

• Journal of Information Technology Services
• /
• v.19 no.1
• /
• pp.173-185
• /
• 2020

It is very important to evaluate training because it can systematically grasp the current status of training. Evaluation includes getting ongoing feedback from the learner, trainer and learner's supervisor, to improve the quality of the training and identify if the learner achieved the goals of the training. It also provides a justification for the implementation of training. Nonetheless, there is a lack of studies that attempt to evaluate information security training programs. In this study, we utilize the Philips model to evaluate the public training programs for the people who are in charge of the information security duties in the public sector and propose the training improvement plans. Research result has shown that it is necessary to evaluate the level of the trainees in advance and conduct training programs according to the information security skill level. In addition, it needs to conduct training according to duties such as information security management, information security operate and maintain. The limitation of this study is that each education program was not assessed individually because this study had developed an evaluation tool that could be used comprehensively.