• Convergence Security Journal
• /
• v.15 no.3_2
• /
• pp.83-93
• /
• 2015

In this research, we used KOSPI, KOSDAQ and a stock price of Information Security related Company - S1, Ahnlab, Suprema, Raonscure and Igloosecurity. From August 2010 to July 2014, that is during 208 weeks(4 years), we had grasped index and stock price trend. Also we had attempted various Empirical analysis - Basic statistics of Security related Stock, Analysis of variance, Correlation analysis and Weekly Rate of Rise trends. The first purpose of this research is to see correlation between Security related Company and KOSPI, KOSDAQ. The second purpose of this research is to analyze whether stock items have investment value or not while watching features of flow of stock price per item. We expect possibility and merit of investment when we suppose Security industry's high potential to grow. It seems that Security related Company deserves to be invested. We expect investment for Security related Company that has high possibility of growing will create high yields compared to Market yields.

• Journal of National Security and Military Science
• /
• s.9
• /
• pp.191-206
• /
• 2011

This study is presented a scheme that information security research institutions located within the central area can be participated actively m national defense information security industry. The many of information security company are located in the central region(Daejeon) and there are many research institutes. However, the participation rate of the Defense Information Security Industry is not high compared to other provinces. Although a variety of reasons, there are no the Defense Privacy Office that could have a role in protocol and the information about the industry. In addition, the Department of Defense related to national defense information security industry have not information about research institutions in the central region and are not well to identify the characteristics of institutional technology and research. So in this paper we presented some of the alternatives. 1) Building Pool involved in information security research according to the characteristics of each agency 2) Constitute the research community between Research institutions and the company 3) Build the technology cooperation between research institutions and the defense research institutes 4) Utilization of industry/university/research institutes related to Information Security Industry 5) Make strategic alliances among research institutes based on technical expertise.

• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.39 no.4
• /
• pp.97-105
• /
• 2016

As information system is getting higher and amount of information assets is increasing, skills of threatening subjects are more advanced, so that it threatens precious information assets of ours. The purpose of this study is to present a strategic direction for the types of companies seeking access to information security. The framework classifies companies into eight types so company can receive help in making decisions for the development of information security strategy depending on the type of company it belongs to. Paired comparison method survey conducted by a group of information security experts to determine the priority and the relative importance of information security management elements. The factors used in the security response strategy are the combination of the information security international certification standard ISO 27001, domestic information protection management system certification K-ISMS, and personal information security management system certification PIMS. Paired comparison method was then used to determine strategy alternative priorities for each type. Paired comparisons were conducted to select the most applicable factors among the 12 strategic factors. Paired comparison method questionnaire was conducted through e-mail and direct questionnaire survey of 18 experts who were engaged in security related tasks such as security control, architect, security consulting. This study is based on the idea that it is important not to use a consistent approach for effective implementation of information security but to change security strategy alternatives according to the type of company. The results of this study are expected to help the decision makers to produce results that will serve as the basis for companies seeking access to information security first or companies seeking to establish new information security strategies.

• Journal of Information Technology Applications and Management
• /
• v.18 no.2
• /
• pp.91-108
• /
• 2011

Enormous losses of shareholders and consumers caused by the risks threatening today's business (e.g., accounting fraud and inside trading) have ignited the necessity of international regulations on corporate ethics and internal control, such as Basel II and SOX. Responding to these regulations, companies are establishing governance system, applying it consistently to the core competency of the company, and increasing the scope of the governance system. Recently occurred security related incidents require companies to take more strict accountability over information security. One of the results includes strengthening of legislation and regulations. For these reasons, introduction of information security governance is needed. Information security governance governs the general information security activities of the company (establishment of information security management system, implementation of information security solutions) in the corporate level. Recognizing that the information security is not restricted to IT domain, but is the issue of overall business, this study develops information security governance framework based on the existing frameworks and systems of IT governance. The information security governance framework proposed in the study include concept, objective, and principle schemes which will help clearly understand the concepts of the information security governance, and execution scheme which will help implement proper organization, process and tools needed for the execution of information security governance.

• Journal of Industrial Convergence
• /
• v.13 no.2
• /
• pp.45-54
• /
• 2015

This Study aims to analyze the factors for the success of commercialization of the facial extraction and recognition image security information system of the domestic companies in Korea. As the results of the analysis, the internal factors for the success of commercialization of the facial extraction and recognition image security information system of the company were found to include (1) Holding of technology for close range facial recognition, (2) Holding of several facial recognition related patents, (3) Preference for the facial recognition security system over the fingerprint recognition and (4) strong volition of the CEO of the corresponding company. On the other hand, the external environmental factors for the success were found to include (1) Extensiveness of the market, (2) Rapid growth of the global facial recognition market, (3) Increased demand for the image security system, (4) Competition in securing of the engine for facial extraction and recognition and (5) Selection by the government as one of the 100 major strategic products.

• International Journal of Computer Science & Network Security
• /
• v.23 no.9
• /
• pp.29-36
• /
• 2023

Blockchain is an emerging technology that is used to address ownership, centrality, and security issues in different fields. The blockchain technology has converted centralized applications into decentralized and distributed ones. In existing sharing economy applications, there are issues related to low efficiency and high complexity of services. However, blockchain technology can be adopted to overcome these issues by effectively opening up secure information channels of the sharing economy industry and other related parties, encouraging industry integration and improving the ability of sharing economy organizations to readily gain required information. This paper discusses blockchain technology to enhance the development of insurance services by proposing a five-layer decentralized model. The Najm for Insurance Services Company in Saudi Arabia was employed in a case study for applying the proposed model to effectively solve the issue of online underwriting, and to securely and efficiently enhance the verification and validation of transactions. The paper concludes with a review of the lessons learned and provides suggestions for blockchain application development process.

• Journal of Information Technology Services
• /
• v.21 no.1
• /
• pp.81-102
• /
• 2022

Although more than 99% of all Korean companies are small and medium-sized enterprises (SMEs), which accounts for a large part of the national economy, they are having difficulties in securing information protection capabilities due to problems such as budget and manpower. On the other hand, as 97% of cyber incidents are concentrated in SMEs, it is urgent to strengthen the information protection management and response capabilities of SMEs. Although the government is promoting company-wide information security consulting for SMEs, the need for supplementing it's procedures and consulting items is being raised. Based on the results of information security consulting supported by the government in 2020, this study attempted to derive improvement plans by interviewing SME workers, information security consultants, and system operators. Through the research results, it is expected to create a basis for SMEs to autonomously check the information security management system and contribute to the reference of related policies.

• The Journal of Society for e-Business Studies
• /
• v.18 no.1
• /
• pp.1-12
• /
• 2013

With the increases of requirement for user identification in Internet services, we should let the service companies know my personal information. If the shared personal information with them are used in not-allowed area or delivered to un-authorized persons, we may have practical harms in several fields such as financial related operations. Korean Government has introduced new management method for personal information, but it is not hard to find the personal information management issues from Korean news papers. The proper measurement should be delivered to related companies to help them to decide investment for security. This paper review the indirect measurement method of demages by check the stock prices of related company for personal information management issue. We check the relationship between change of stock price and the information management issue. The result shows there are no changes in stock market. Korean government added strong regulations for personal information management though. To prevent further personal information issues, we should recognize the indirect damages properly and let the company pay higher reparations for any personal information abuse.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.2
• /
• pp.489-499
• /
• 2016

Nowadays the importance of information security has been increased because there are many benefits and threats like information leakage caused by rapid growth of information technology. It is important to apply technical solution, however enhancing security capability is more important to respond evolving security threats. Information security education is one of typical way to enhance security capability and there are various efforts at the dimension of nation, company and academic community. However it is required to analyze previous research until now and derive future research direction for long-term development plan. In this study, we analyzed a publication status about 177 papers related to information security, training and awareness from 4 foreign journals and 2 Korean journals. Additionally, we analyzed in detail about 70 papers related to information security education. As a result, the most part of study is about curriculum, and in the future, it is required to expand educational area as well as study about effectiveness measurement of information security education by experimental research.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.23 no.4
• /
• pp.357-364
• /
• 2019

As industrial information disclosure by insider's rate is around 80%, most of relevant researches explain briefly its causes are discontent of salary or human resources system. This paper scrapes texts on Jobplanet, an anonymous company review website and analyzes discontent keyword by 7 related area and their contexts to find out more details on brief causes referred above. After drawing LGG (Local Grammar Graph) by each areas with related dictionary list, this paper shows an example of concordance as a proof and several ways for human resources leakage prevention. Finally, text analysis results are compared with previous researches based on survey with limited questions and answers. This study is meaningful to expand the scope of employee discontent analysis with company review text and provide more specific, granular and honest discontent vocabularies.