• The Journal of Information Systems
• /
• v.24 no.2
• /
• pp.73-96
• /
• 2015

Purpose Information security industry is rapidly growing, but has been confronted with many challenges in a business environment. One of them is the imbalance between supply and demand of information security manpower, which has caused an insecure market situation. Therefore, this study has derived factors of promoting and hindering information security manpower from governance, academics, corporations, and workforce perspectives, and has analyzed a sequence of cause and effect of each factor. Design/methodology/approach This study is an exploratory research based on the interviews. The causal loop diagram (CLD) was developed to deduce key issues and propose alternatives. Findings The result of this study is expected to help the development of information security manpower in Korea, by minimizing the potential negative effects as well as maximizing the positive effects. This study found out the dynamic causes and effects of the security manpower system in each stakeholder's perspective. The cause-and-effect relationships between the stakeholders will be able to contribute to solve the imbalance of supply and demand in security manpower system.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.2
• /
• pp.501-511
• /
• 2018

The purpose of this study is to develop the performance evaluation indicator of information security training program for developing the next generation of top security leaders. Through literature review and focus group interview, we derived the performance areas and indicators based on the logic model. We conducted AHP(Analytic Hierarchy Process) questionnaire to calculate the weight of the derived indicators, and developed the performance indicator based on the survey results. Performance indicators were composed of 18 indicators in four main categories.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.2
• /
• pp.295-316
• /
• 2012

In the recent field, cybersecuriyt has become one of the critical areas in the information technology field, and demands for cyberseucirty professionals have been increasing tremendously. However, there is In the recent past, cybersecurity has become one of the critical areas in the Information Technology (IT) field, and demands for cybersecurity professionals have been increasing tremendously. However, there is a shortfall in the qualified cybersecurity workforce which is a factor that contributes to the vulnerability of society to various cyber threats. Our study articulates a model to explain career selection behavior in the cybersecurity field. The study explored factors that affect scholars' behavioral intention to pursue a cybersecurity career. Positive outcome expectations from a cybersecurity career as well as high self-efficacy about skills and knowledge about cybersecurity have a strong impact on the scholars' cybersecurity career decisions. Further, perceived usefulness of the cybersecurity curriculum has a positive effect on the scholars' career decisions. The results of this research have implications for retaining a qualified workforce in the computer and information security fields.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.4
• /
• pp.77-89
• /
• 2009

As the awareness on the information security has been well developed, there have been various studies on effective training and management of the information security workforce. But, one of the most important things for the effective training is to develop education programs based on knowledge and skills requirements for information security professionals. This study aims to analyze the required and possessed levels of knowledge and skills for information security professionals' career. For this study, we selected 71 critical knowledge and skills for information security professionals by literature review and Delphi method, and we conducted a survey of information security knowledge and skills requirements for information security professionals to perform their jobs. As a result, we analyzed the current status of the information security professionals' knowledge and skills level and suggested some guidelines for educating information security professionals by their job career.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.1
• /
• pp.195-205
• /
• 2014

These days cyber attacks are increasing all over the world, and the national critical infrastructure and information network protection has become important. For this reason, the concentrated investment in information security and development of professional human resource are essential, but there is a shortage of information security workforce in Korea. Currently, departments of information security in domestic universities make efforts to develop human resource of information security and have a increasing interest in the curriculum design. So this paper investigates the curriculums of information security in domestic universities and graduate schools. And then, it compares with the needs of industry knowledge and skills by using SPSS. Through this analysis, we will get implications about curriculum design of Information security.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.2
• /
• pp.385-396
• /
• 2014

With development of Information Security industry and recognizing value of information as an asset, demand for information protection is foreseen to be expanding gradually. The Information Security industry in this paper defines as an industry where relative products as well as consulting services are developed, produced, and distributed. This study reclassifies sub-sectors of the Information Security industry based on the definition of product and services defined above, and it uses the RAS technique to broaden a scope of an input-output table to include the Information Security industry with purpose of analyzing economic spill-over effects industry will encounter during 2013~2017. Results show that investment in the Information Security industry during 2013-2017 induces total economic outputs to KRW 3,206.9 billion and is expected to employ additional 27,406 workforce.

• Journal of Convergence for Information Technology
• /
• v.10 no.5
• /
• pp.16-22
• /
• 2020

In this paper, the technology and capabilities required for the job of developing security software recommended by the Cybersecurity Human Resources Development Framework of the National Initiative for Cybersecurity Education (NICE) were studied. In this paper, we describe what security skills are needed for the task of developing security software and what security capabilities should be held. The focus of this paper is to analyze the consistency between security technologies (core and specialized technologies) required for security software development tasks and the curriculum of information protection-related departments located in Seoul, Korea. The reason for this analysis is to see how the curriculum at five universities in Seoul is suitable for performing security software development tasks. In conclusion, if the five relevant departments studied are to intensively train developers of development tasks for security software, they are commonly required to train security testing and software debugging, how secure software is developed, risk management, privacy and information assurance.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.17 no.4
• /
• pp.193-201
• /
• 2017

Financial firms strengthen to protect personal information from the leakage, introducing various security solutions such as print output security, internet network Isolation system, isolationg strorage of customer information, encrypting personal information, personal information detecting system, data loss prevention, personal information monitoring system, and so on. Financial companies are also entering the era of cutthroat competition due to accept of the new channels and the paradigm shift of financial instruments. Accordingly, The needs for security for customer information held by financial firms are keep growing. The large security accidents from the three card companies on January 2014 were happened, the case in which one of the outsourcing personnel seized customer personal information from the system of the thress card companies and sold them illegally to a loan publisher and lender. Three years after the large security accidents had been passed, nevertheless the security threat of the IT outsourcing workforce still exists. The governments including the regulatory agency realted to the financail firms are conducting a review efforts to prevent the leakage of personal information as well as strengthening the extent of the sanction. Through the analysis on the application of security policy for outsourcing personnel in case of large-scale Financial IT projects and the case study of appropriate security policies for security compliance, the theis is proposing a solution for both successfully completing large-scale financial IT Project and so far as possible minizing the risk from the security accidents by the outsouring personnel.

• International Journal of Computer Science & Network Security
• /
• v.21 no.12spc
• /
• pp.696-702
• /
• 2021

Informatization of early childhood education in the EU occurs in the context of the use of ICT as a means of sharing experiences, practices in the education and training of preschool children, communication, both at the national level and locally - within educational institutions, as a means of document management, search, data processing and information for the management of early childhood educational institutions, and planning activities for these institutions. This article aims to identify the features of the informatization of early childhood education in EU countries. Results. The countries of the EU have different levels of workload on the staff of early childhood education institutions, which is caused by different numbers of preschoolers and workforce. The greatest load on the staff in France due to a large number of preschoolers, which, despite the reduction, remained the highest among all the countries. By comparison, Poland's significant workload is mitigated by the size of its workforce. With almost equal numbers of staff in Poland and Germany, the countries differ significantly in the number of preschoolers. The countries also have different funding mechanisms for early childhood education, which determines the potential for digitalization. In France, total spending on early childhood education has grown the least (by 11 % between 2012 and 2018), in Poland by 51 %, in the Czech Republic by 44 %, and in Germany by 49%. In France, 100 % is funded by the government, in Poland 78 % is funded by the government, in the Czech Republic and Germany 87 % and 85 % respectively is funded by the government. The results of the survey of teachers' training in the use of ICTs and the level of specialists' readiness to use them in their studies indicate a mismatch between education and the practice of using technology. At the same time, given the high level of professional training of teachers in the use of technology in education, a low level of practice of ICT use in teaching preschool children was revealed. Teachers require professional development of ICT skills.

• Management Science and Financial Engineering
• /
• v.17 no.1
• /
• pp.45-63
• /
• 2011

The aim of this paper is to consider the process of supplying trained workers with knowledge and skills for upcoming business opportunities and the process of training apprentices to be prepared to meet future demands in an IT service firm. As the demand for new workers fluctuates, a firm should employ a buffer workforce such as apprentices or interns. However, as a result of rapid business development, the capacity of the buffer may be exceeded, thus requiring the company to recruit skilled workers from outside the firm. Therefore, it is important for a firm to map out a strategy for manpower planning so as to fulfill the demands of new business and minimize the operation costs related to training apprentices and recruiting experienced workers. First, this paper analyzes the supply and demand of workers for the IT service in a knowledge-intensive field. It then presents optimal human resource planning strategies via the familiar method of stochastic process. Also, we illustrate that our model is applied to the human resource planning of an information security service firm in South Korea.