• International Journal of Computer Science & Network Security
• /
• v.21 no.9
• /
• pp.332-338
• /
• 2021

Civil aviation cybersecurity challenges are global in nature and must be addressed using global best practices and the combined efforts of all stakeholders. This requires the development of comprehensive international strategies and detailed plans for their implementation, with appropriate resources. It is important to build such strategies on a common methodology that can be applied to civil aviation and other interrelated critical infrastructure sectors. The goal of the study was to determine the methodological basis for developing an international civil aviation cybersecurity strategy, taking into account existing experience in strategic planning at the level of international specialized organizations. The research was conducted using general scientific and theoretical research methods: observation, description, formalization, analysis, synthesis, generalization, explanation As a result of the study, it was established the specifics of the approach to formulating strategic goals in civil aviation cybersecurity programs in the documents of intergovernmental and international non-governmental organizations in the aviation sphere, generally based on a comprehensive vision of cybersecurity management. A comparative analysis of strategic priorities, objectives, and planned activities for their implementation revealed common characteristics based on a single methodological sense of cybersecurity as a symbiosis of five components: human capacity, processes, technologies, communications, and its regulatory support. It was found that additional branching and detailing of priority areas in the strategic documents of international civil aviation organizations (by the example of Cybersecurity Strategy and Cybersecurity Action Plan) does not always contribute to compliance with a unified methodological framework. It is argued that to develop an international civil aviation cybersecurity strategy, it is advisable to use the methodological basis of the Cyber Security Index.

• Convergence Security Journal
• /
• v.16 no.4
• /
• pp.53-61
• /
• 2016

A number of countries have been developing and implementing national cybersecurity strategy to prevent damages caused by cyber threats and to minimize damages when they happened. However, there are a lot of differences and disparities in respective strategies with their own background and needs. A vulnerability in some places can be a global problem, so various guidelines have been developed by relevant organizations including international organizations to support the establishment of national cybersecurity strategies and improvement of them. In this paper, with analysis on the guidelines for the establishment of national cybersecurity strategies, reference model consisting of common elements of strategies was suggested. And several recommendations for the improvement measures for Korean national cybersecurity strategies were explained with a comparison of the reference model.

• Convergence Security Journal
• /
• v.23 no.2
• /
• pp.11-25
• /
• 2023

Since President Biden's inauguration, significant cyberattacks have occurred several times in the United States, and cybersecurity was emphasized as a national priority. The U.S. is advancing efforts to strengthen the cybersecurity both domestically and internationally, including with allies. In particular, the Biden administration announced the National Cybersecurity Strategy in March 2023. The National Cybersecurity Strategy is the top guideline of cybersecurity and is the foundation of other cybersecurity policies. And it includes public-privates as well as international policy directions, so it is expected to affect the international order. Meanwhile, In Korea, a new administration was launched in 2022, and the revision of the National Cybersecurity Strategy is necessary. In addition, cooperation between Korea and the U.S. has recently been strengthened, and cybersecurity is being treated as a key agenda in the cooperative relationship. In this paper, we examine the cyber security strategies of the Trump and Biden administration, and analyze how the strategies have changed, their characteristics and implications in qualitative and quantitative terms. And we derive the implications of these changes for Korea's cybersecurity policy.

• Journal of Information Technology Applications and Management
• /
• v.23 no.4
• /
• pp.127-138
• /
• 2016

The Korean government has implemented various policies such as establishing new major/department and operating a variety of education programs related with cybersecurity. However, it has not yet been constructed virtuous cycle that can provide appropriate education and training to professionals with the high level and quality. In this study, by surveying and analyzing satisfaction about education and training program aimed at employees in public sector who are in charge of cybersecurity, we suggest the direction of education and training for cybersecurity experts required at the national level.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.5
• /
• pp.1293-1314
• /
• 2015

As ICT is becoming a major social infrastructure, the need to strengthen cyber capabilities are emerging. In the major advanced countries including the United States, has a continuing interest in strengthening cyber capabilities and has studied in enhancements of cyber capabilities. The cyber capability assessment is necessary in order to determine the current level of the country, establish policy directions and legislations. The selection of criteria has very important meaning to suggest future policy direction as well as an objective assessment of cybersecurity capabilities. But there are variable criteria for national cyber capabilities assessment such as strategy, legislation, technology, society and culture, and human resources. In this paper we perform the analysis of criteria for the other country's cybersecurity assessments including the U.S. and Europe. And we proposed the criteria for the national cybersecurity assessment reflecting the our country's characteristics.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.4
• /
• pp.907-918
• /
• 2019

The purpose of this study is to understand the cybersecurity policies and critical infrastructure protection of the United States through analyzing Donald Trump's administration executive orders, the national cyber strategy, and the legislation. The analysis has three findings. First, the Department of Homeland Security (DHS) became a main agent in the cybersecurity while the role of the White House was reduced. Second, Trump's administration expanded its role and mission in the policy area by extending the meaning of critical infrastructure. Third, in the case of cyber threats, the government can be involved in the operation of critical infrastructures in the private sector. The opinions of the professional bureaucrats and DHS were more reflected in the direction of the cybersecurity policy than those of the White House. In contrast to Barack Obama's administration, the Trump administration's cybersecurity strategies were not much studied. This study provides insights for improving cybersecurity policies and critical infrastructure protection.

• Journal of Digital Convergence
• /
• v.17 no.10
• /
• pp.93-102
• /
• 2019

This paper aims to set the priorities for the cybersecurity strategy of Cambodian government. To this end, we built a AHP research model by adopting 4 factors from the ITU national interests model and selecting 7 strategies from best practices of 8 countries leading the cyber security. Using a questionnaire, 19 experts evaluated Cambodia's cybersecurity strategy priorities. The key policy factors were evaluated in the order of homeland defense, economic welfare, value promotion and favorable world order. Their strategic alternatives were identified in the order of legislation, capacity building, and cyber attack prevention for critical infrastructure. This study will contribute to setting the strategic priorities and feasible action plans to strengthen Cambodia's cybersecurity capabilities.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.5
• /
• pp.1259-1277
• /
• 2018

This study analyzes cyber security strategies, laws, organizations, and the roles of the ministries in the US, Germany, UK, Japan, China, and Korea and draws implications for establishing a practical and efficient next generation national cyber security governance. Under this goal, this study analyzes cyber security strategies, laws, organizations, and the roles of the ministries in the US, Germany, UK, Japan, China, and Korea and draws implications for establishing a practical and efficient next generation national cyber security governance. Based on the results of this analysis, this study suggests suggestions and directions for improvement of domestic cyber security governance.

• Journal of Information Technology Applications and Management
• /
• v.26 no.3
• /
• pp.1-18
• /
• 2019

As technology rapidly develops, the demand for manpower by new industries is increasing. In order to respond to the changing demands of the workforce, universities are actively introducing interdisciplinary majors, which is a program formed by two or more departments cooperating to develop new majors. Although the importance of the interdisciplinary major is increasing, universities have difficulties managing them due to non-flexible educational systems. The purpose of this study is to present an effective management direction for interdisciplinary majors based on the results of a survey on student satisfaction with interdisciplinary majors. Also, we analyzed the required level and possessed level of the IS practitioners' competencies, and developed specific educational directions for training IS talents. The results showed that there was a significant difference in satisfaction with the curriculum development and curriculum evaluation of existing subjects provided by existing departments and new subjects established of interdisciplinary majors, specifically the satisfaction of new subjects is higher than existing subjects. In the IS field, there was a high demand for education in the following areas, in order: information security, information technology strategy planning, information technology operation, information technology development, information technology management, information technology sales, and core competencies. Based on the results of the analysis, the satisfaction of students and the cultivation of the talents that the interdisciplinary major aims to develop can be improved.

• Journal of Information Technology Applications and Management
• /
• v.25 no.4
• /
• pp.67-77
• /
• 2018

With the types and targets of cyber attacks expanding and with personal information leaks increasing, the quantitative demand for information security specialists has increased. The base for training the workforce has expanded accordingly, but joblessness and job-seeking still coexist. To resolve the gap between labor demand and supply, education and training systems that can supply demand quickly are needed. It takes a considerable amount of time for information security education and new manpower supply through universities and graduate schools to be reflected in the market. However, if information security retraining is carried out in terms of career development of information security and related workforce, the problem of lack of experts could be solved in a relatively short period. This paper investigates and analyzes the information security work of the information security workforce, the degree of skill level, the need for retraining, and the workplace migration experience; it also discusses the direction of career development retraining.