• Information Systems Review
• /
• v.25 no.4
• /
• pp.27-45
• /
• 2023

The importance of information security has grown alongside the development of information and communication technology. However, companies struggle to select suitable countermeasures within their limited budgets. Sönmez and Kılıç (2021) proposed a model using AHP and mixed integer programming to determine the optimal investment combination for mitigating information security breaches. However, their model had limitations: 1) a lack of objective measurement for countermeasure efficacy against security threats, 2) unrealistic scenarios where risk reduction surpassed pre-investment levels, and 3) cost duplication when using a single countermeasure for multiple threats. This paper enhances the model by objectively quantifying countermeasure efficacy using the beta probability distribution. It also resolves unrealistic scenarios and the issue of duplicating investments for a single countermeasure. An empirical analysis was conducted on domestic SMEs to determine investment budgets and risk levels. The improved model outperformed Sönmez and Kılıç's (2021) optimization model. By employing the proposed effectiveness measurement approach, difficulty to evaluate countermeasures can be quantified. Utilizing the improved optimization model allows for deriving an optimal investment portfolio for each countermeasure within a fixed budget, considering information security costs, quantities, and effectiveness. This aids in securing the information security budget and effectively addressing information security threats.

• Korean Security Journal
• /
• no.38
• /
• pp.7-32
• /
• 2014

This study is aimed to analyze problems of police budgetary execution and to suggest better ways for establishing effective budget implementation as well as legitimacy of securing budget in the field of police work. For this purpose, this paper analyzed the annual reports on police budgetary execution, from 2009 to 2012, conducted by National Assembly Budget Office. In result, most parts of the police budgetary execution were not satisfied with the audit standard, and especially in terms of management of budgetary execution, it showed 40% in inappropriateness. In addition, excessive and underestimate appropriation in the police budgetary execution, which happened frequently in other offices, was recorded on the second place. 10% of the amount of budget was executed for ordinance violence. Given results analyzed from each division, Transportation Division occupied 40% of the amount of related problems and all of types in the field did not meet the audit standard, thus it is required to manage budgetary execution effectively. In terms of Public Safety Division, the problem was related to budgetary allocation prior to execution, such as overlap in other works, excessive and underestimate appropriation, and inappropriate business plans. Director General for Planning and Coordination did not meet the standard of law system maintenance, Given the light of the result of analyzing programs, traffic safety and securing communication was the most problematic and support for police administration, crime prevention and protecting the disadvantaged, educating professional police officers, and establishment of policing infrastructure were required to be reformed in sequence. In order to resolve these problems, it is demanded to check budgetary execution and the process in business plans on a regular basis. Additionally, in case of using budget in inappropriate parts, tough penality including reduction of budget in related to the local police should be implemented to increase the importance of budgetary execution. Moreover, because of the fact that a part of problem of budgetary execution was originally caused by the budgetary allocation, it is advised to allocate police budget using the budget proposal of National Finance Act and Ministry of Strategy and Finance.

• Journal of Nuclear Fuel Cycle and Waste Technology(JNFCWT)
• /
• v.20 no.2
• /
• pp.255-258
• /
• 2022

Three government bodies, that is, the Ministry of Science and ICT (MSIT), Ministry of Trade, Industry, and Energy (MOTIE), and Nuclear Safety and Security (NSSC), jointly established the Institute for Korea Spent Nuclear Fuel (iKSNF) in December 2020 to secure the management technologies for spent nuclear fuel (SNF). The objective of iKSNF is to successfully conduct the long-term research and development program of the 「Development of Core Technologies to Ensure Safety of Spent Nuclear Fuel Storage and Disposal System」. Our program, known as the first multi-ministry program in the nuclear field of Korea, mainly focuses on developing core technologies required for the long-term management of SNF, including those for safe storage and deep geological disposal of SNF. The program comprises three subprograms and seven key projects covering the storage, disposal, and regulatory sectors of SNF management. Our program will last from 2021 through 2029, with a budget of approximately four billion USD sponsored by MSIT, MOTIE, and NSSC.

• Korean Security Journal
• /
• no.24
• /
• pp.147-170
• /
• 2010

This study is to present a improvement directions for the protection of industrial key technology. For the purpose of the study, the survey was carried out on the administrative security activity of 68 enterprises including Large companies, small-midium companies and public corporations. survey result on the 10 items of security policy, 10 items of personal management and 7 items of the assets management are as follows; First, stable foundation for the efficient implement of security policy is needed. Carrying a security policy into practice and continuous upgrade should be fulfilled with drawing-up of the policy. Also for the vitalization of security activity, arrangement of security organization and security manager are needed with mutual assistance in the company. Periodic security inspection should be practiced for the improvement of security level and security understanding. Second, the increase of investment for security job is needed for security invigoration. Securing cooperation channel with professional security facility such as National Intelligence Service, Korea internet & security agency, Information security consulting company, security research institute is needed, also security outsourcing could be considered as the method of above investment. Especially small-midium company is very vulnerable compared with Large company and public corporation in security management, so increase of government's budget for security support system is necessary. Third, human resource management is important, because the main cause of leak of confidential information is person. Regular education rate for new employee and staff members is relatively high, but the vitalization of security oath for staff members and the third party who access to key technology is necessary. Also access right to key information should be changed whenever access right changes. Reinforcement of management of resigned person such as security oath, the elimination of access right to key information and the deletion of account. is needed. Forth, the control and management of important asset including patent and design should be tightened. Classification of importance of asset and periodic inspection are necessary with the effects evaluation of leak of asset.

• Proceedings of the Korea Society for Industrial Systems Conference
• /
• 2002.06a
• /
• pp.459-470
• /
• 2002

The purpose of this study is to present the factors needed to introduce knowledge management systems to university libraries in Korea, to suggest various methods needed to offer much more improved services of a library than now by investigating the current situations about introducing such factors in national and pubic university libraries in Korea. Almost all of the 33 university libraries selected the subject of investigation have offered the on-line reference service, e-mail pushing service, and full text constructions out of the 11 knowledge management system elements presented in this study, but the other services else have been offered by less than half the number of the libraries. The findings suggest to greatly improve the current services of libraries such as information education and selective dissemination of information, and immediately to introduce new systems including e-book and wireless service systems in order to the university competitiveness. The study implies that each library has already introduced the knowledge management systems, in proportion to a budget of the library, ifs librarian number, and a degree restructuring organization, and that an introduction of knowledge management systems such as policy and culture of organization, its librarian number, and its related security of budget takes the most important role in improving services of a library.

• Journal of the Society of Disaster Information
• /
• v.3 no.1
• /
• pp.55-68
• /
• 2007

Recently, people in cities of developed countries are exposed to unfortified damages of crime and disaster due to urbanization, industrialization and information-oriented era caused by congestion of population in terms of hardware and various social pathology phenomena and frequent and large scale of disaster caused by crime and disorder, which occur in the course of going through nuclear family, a gap between rich and poor and aging society in terms of software. In this regard, demand for security upon individual life and property has been increased but the police that are responsible for the public security does not effectively reduce damage in life and property because their activities are mainly oriented in coping with security accidents more than prevention. Shortage of manpower and budget, retarded equipment, and heavy overwork are the reasons. In order to confront with this kind of situation, we should utilize CCTV system with the purpose of declining possible chances of crime, not for eliminating cause of crime as crime prevention activities to predict danger in advance as a way of prevention and we may expect a role of damage prevention by installing CCTV in places where security accident may possibly happen. In conclusion, there are invasion of privacy, misuse of the system, insufficiency of overall monitoring office management, lack of citizens' understanding and economical allotment of the system installation costs in installation of CCTV system. However. it is necessary to install the CCTV system for effective prevention of crime and prevention activities of security accidents and accurate PR of purposes of installing CCTV to local residents, establishing relevant laws about system misuse, allotment of equipment costs and fees by R&D of the system machinery, cost reduction method of storage, management and replacement, saving costs from co-operative attitude of government, and local autonomous entities and local residents should be involved.

• KSCE Journal of Civil and Environmental Engineering Research
• /
• v.39 no.5
• /
• pp.647-656
• /
• 2019

This paper aims to analyze the priority of elements in building management system surveying owners living in Small-scale Apartment, and to suggest basic data for establishing effective management alternatives. To achieve the goal, this paper extracted the elements from a guideline supported by the Ministry of Land, Infrastructure and Transport in Korea, and tried to analyze their priority. The result as follows. First, the analysis of the first level suggested that people give priority to facility management, moving management, security management and administrative for management. Second, on the analysis of the second level, settlement of budget was the most important for the administrative, cleaning for facility management, parking management for security management and advertisement of the administrative for moving management. By suggesting the result, this paper concludes that it would be very important to establish a regional management corporation to manage the Small-scale Apartment.

• Asia-pacific Journal of Multimedia Services Convergent with Art, Humanities, and Sociology
• /
• v.7 no.2
• /
• pp.199-208
• /
• 2017

IoT, Cloud, Bigdata, Mobile, AI, and 3D print, which are called as the main axis of the 4th Industrial Revolution, can be predicted to be changed when the technology is applied to the military. Especially, when I think about the purpose of battle, I think that IoT, Cloud, Bigdata, Mobile, and AI will play many role. Therefore, in this paper, Smart Military is defined as the future military that incorporates these five technologies, and the architecture is established and the appropriate information security model is studied. For this purpose, we studied the existing literature related to IoT, Cloud, Bigdata, Mobile, and AI and found common elements and presented the architecture accordingly. The proposed architecture is divided into strategic information security and tactical information security in the Smart Military environment. In the case of vulnerability, the information security is divided into strategic information security and tactical information security. If a protection system is established, it is expected that the optimum information protection can be constructed within an effective budget range.

• Information Systems Review
• /
• v.22 no.2
• /
• pp.201-217
• /
• 2020

Information security is an essential element not only to ensure the operation of the company and trust with customers but also to mitigate uncertain damage by preventing information data breach. Therefore, It is important to select appropriate information security countermeasures and determine the appropriate level of investment. This study presents a decision support model for the appropriate investment amount for each countermeasure as well as an optimal portfolio of information countermeasures within a limited budget. We analyze statistics on the types of information security breach by industry and derive an optimal portfolio of information security countermeasures by using genetic algorithms. The results of this study suggest guidelines for investing in information security countermeasures in various industries and help to support objective information security investment decisions.

• Strategy21
• /
• s.42
• /
• pp.83-113
• /
• 2017

After defeat in World War II, Japan's Peace Constitution committed the country to forego the acquisition of offensive military capabilities. However, in the midst of the post-cold war period, Japan began to change its security posture in line with the so-called 'normal state theory', which called for a more robust defense posture and expanded security activities. The second Abe administration promoted these security policies by issuing a National Security Strategy as well as a new National Defense Program Outline(NDPO) in 2013 and by establishing new security institutions such as the National Security Council. The Abe administration also adopted the new concept of a 'Unified Mobile Defense Force' in the 2013 which replaced the 'Dynamic Defense Force' as a new criteria for the Self-Defense Force's acquisition of military capabilities. In this new concept of military capabilities, the Ground Self-Defense Force is planning to replace existing divisions with mobile divisions and to form 'Amphibious Rapid Deployment Bridge' for the first time in 2018, which has long been taboo in Japan. Japan has experience a Marine Corps in the past. Likewise, an offensive changes in the military strategy can change the spectrum of strategy and 'Amphibious Rapid Deployment Bridge' plays a big role in this. Furthermore, Japan is increasing the Coast Guard's budget and capabilities in preparation for contingencies around the Senkaku islands (called the Diaoyu in Chinese). The South Korea navy should utilize Japan's changing security posture to deter immediate threat such as North Korea's military provocations and potential enemy threat such as China, Japan, Russia.