• Asia pacific journal of information systems
• /
• v.30 no.2
• /
• pp.308-327
• /
• 2020

The importance of information security is increasing, and various efforts are being made to improve users' information security behaviors. Among these various efforts, information security education is mainly aimed at providing users with information security knowledge and improving information security awareness. This study classified the types of information security education into offline and online to examine the effects of each education method on attitudes toward information security (perceived severity, vulnerability, self-efficacy and response-efficacy) and information security behaviors. A survey was conducted for users with information security education experiences. The results obtained by comparing the differences in the path coefficients of personal information security behaviors according to information security education experiences showed that security behaviors were more significant in the online experience group than the offline group. In addition, gender differences were analyzed, and it was found that females had a greater impact on information security attitudes than males. This study also found that among Internet users with online information security education experience, females tend to have more information security behavior than males, but there were contrasting results among users with offline information security education experiences. The results of this study finally address the necessity of reflecting users' personalities in the systematic design of information security education in the future. Furthermore, the results of this study support the need for an appropriate education system that sufficiently understands education types to maximize the effects of information security education.

• Asia pacific journal of information systems
• /
• v.14 no.4
• /
• pp.71-85
• /
• 2004

Due to exponentially growing threats of cyber attacks, many organizations have begun to recognize the importance of information security. There is an explosion in demand for experienced ISMs(Information Security Managers) and ISSDs(Information Security System Developers). To educate ISMs and ISSDs, identifying the specific knowledge and skill for information security professional is critical. This paper identifies 15 items of knowledge and skill for ISMs and ISSDs using a simplified Delphi technique and categories them. The results of this paper could be used in determining what kinds of knowledge and skill should be included in the curriculum of information security programs.

• Journal of Information Technology Services
• /
• v.19 no.2
• /
• pp.37-47
• /
• 2020

A significant proportion of information subjects experience information security breaches, and the number of reports and counseling cases of personal information infringements is increasing. Increased awareness of the importance of information security has raised interest in the personnel in charge of such tasks. However, hiring excellent new workers and preventing turnovers in information security remain unresolved. In this paper, by modeling the job career path of information security workforce as a Markov chain, we analyze the workforce turnover process and long-term turnover trends by information security jobs, and further analyze the number and duration of turnovers required to engage in specific jobs. The results of this study are expected to be a reference to balancing the supply and demand of information security workers for the government and to ensuring efficient management of the workforce for businesses.

• Convergence Security Journal
• /
• v.15 no.7
• /
• pp.3-8
• /
• 2015

According to the advent of the seriousness of industrial technology outflow, concerns are mounting about the importance of security, recently. In this paper, I studied a research trend about industrial technology security and real condition of the outflow, analyzed it in various ways, and showed a seriousness of the issue and urgency of the security. Finally, I suggested methods of improving needed in the industrial technology security in legal, business and technical ways.

• Journal of the Korea Society of Computer and Information
• /
• v.23 no.12
• /
• pp.81-87
• /
• 2018

Cloud computing is a computing environment in which users borrow as many IT resources as they need to, and use them over the network at any point in time. This is the concept of leasing and using as many IT resources as needed to lower IT resource usage costs and increase efficiency. Recently, cloud computing is emerging to provide stable service and volume of data along with major technological developments such as the Internet of Things, artificial intelligence and big data. However, for a more secure cloud environment, the importance of perimeter security such as shared resources and resulting secure data storage and access control is growing. This paper analyzes security threats in cloud computing environments and proposes a security architecture for effective response.

• Journal of the Korean Society of Systems Engineering
• /
• v.18 no.2
• /
• pp.149-159
• /
• 2022

This study investigated the relationship between economic growth and energy security risk levels in Korea using linear and non-linear ARDL methods. While there are many studies on the relationship between energy consumption and economic growth, few studies focus on the relationship between energy security and economic growth considering 4A dimensions of energy security such as energy availability, accessibility, acceptability, and affordability. Energy risk index from Global Energy Institue and GDP data from world bank are used for ARDL and NARDL analysis. Our result of ARDL shows that there is no long-term relationship between energy security risk levels and economic growth. On the other hand, NARDL result shows that there is an asymmetric relationship between economic growth and energy security risk levels in the long run. The results show the importance of expending further research on ensuring energy security to policymakers.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.9
• /
• pp.4588-4608
• /
• 2017

The measurement of information security levels is a very important but difficult task. So far, various measurement methods have studied the development of new indices. Note, however, that researches have focused on the problem of attaining a certain level but largely neglecting research focused on the issue of how different types of possible flaws in security controls affect each other and which flaws are more critical because of these effects. Furthermore, applying the same weight across the board to these flaws has made it difficult to identify the relative importance. In this paper, the interrelationships among security flaws that occurred in the security controls of K-ISMS were analyzed, and the relative impact of each security control was measured. Additionally, a case-control study was applied using empirical data to eliminate subjective bias as a shortcoming of expert surveys and comparative studies. The security controls were divided into 2 groups depending on whether or not a security flaw occurs. The experimental results show the impact relationship and the severity among security flaws. We expect these results to be applied as good reference indices when making decisions on the removal of security flaws in an enterprise.

• Management & Information Systems Review
• /
• v.35 no.1
• /
• pp.207-233
• /
• 2016

Currently mobile messenger industry, based on mobile application, is growing. And it has aroused innovative change, offering services in various forms beyond the form simply sharing messengers. Also because messenger securities are becoming personalized and intelligent, the importance of more diverse mobile applications' securities is increasing. This study carries out the empirical study of the causal relationship that the factors of using application services influence on security recognition and security Intention of mobile securities, and consequentially impact upon protection of personal information of users. In order that, we present the research model which prime variables of SDT, which emphasized on natural immanent motivation of human, applied to. To verify the research model of this study empirically, we conducted a survey targeting the public and university students which have ever used mobile messenger applications. With this, we desire to contribute to emphasizing the significance of individual messenger security and playing a positive role to develop security guide for consumers. The path analysis results are as follows. First, perceived autonomy has a positive effect on both security awareness and security intention. Second, perceived competence has a positive effect on security intention. Third, perceived relatedness has a positive effect on both security awareness and security intention. Last, security awareness and security intention. have a positive effect on privacy protection behavior. Through emphasizing the importance of the security of the messenger of individuals and contribute to a positive role for development of the necessary security guidelines to consumers.

• Journal of Navigation and Port Research
• /
• v.43 no.1
• /
• pp.49-56
• /
• 2019

The purpose of this study was to extract the evaluation factors and assess the relative importance between the factors. For this purpose, the evaluation factors were extracted through literature review and the process of brainstorming with experts, who are related to port security. The evaluation factors were then classified into four higher factors and twelve sub- factors through the use of the AHP method. A survey on the classified factors was conducted by experts composed of public officials, port authority employees and education institutions officials. We also carried out statistical tests to determine the perception gap of weights between the groups. As a result of a relative importance analysis of strength, the security operating system factor was highest, followed by improvement of hardware facilities and increase of security personnel. There was a difference in perception among the groups in policy support, facility support and personnel resources budget support. The results of the analysis show that the strength operating system through the establishment of an integrated monitoring system is a priority. It is necessary to understand the difference of perception between groups and build a systematic cooperation system. The evaluation factors extracted from this study can be used for the measurement of port security efficiency in further work.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.4
• /
• pp.123-133
• /
• 2008

Information securiry is considered important due to the side effect generated from the expansion of information system and rapid increase of the use of internet. Nevertheless, we are getting unconscious of the importance of information security. The purpose of this research is to empirically analyze that the effects of security policies, security awareness and individual characteristics on password security effectiveness. Based on the analysis of research model using structural equation modeling technique, security policies were influencing individual characteristics and improving user's security awareness. Also individual characteristics and security awareness had positive impact on security effectiveness.