• Title/Summary/Keyword: Supply Chain Security

Search Result 119, Processing Time 0.03 seconds

An Analysis of Cyber Attacks and Response Cases Related to COVID-19 (코로나19 관련 사이버 공격 및 대응현황 분석)

  • Lee, Yongpil;Lee, Dong-Geun
    • Journal of Information Technology Services
    • /
    • v.20 no.5
    • /
    • pp.119-136
    • /
    • 2021
  • Since the global spread of COVID-19, social distancing and untact service implementation have spread rapidly. With the transition to a non-face-to-face environment such as telework and remote classes, cyber security threats have increased, and a lot of cyber compromises have also occurred. In this study, cyber-attacks and response cases related to COVID-19 are summarized in four aspects: cyber fraud, cyber-attacks on companies related to COVID-19 and healthcare sector, cyber-attacks on untact services such as telework, and preparation of untact services security for post-covid 19. After the outbreak of the COVID-19 pandemic, related events such as vaccination information and payment of national disaster aid continued to be used as bait for smishing and phishing. In the aspect of cyber-attacks on companies related to COVID-19 and healthcare sector, we can see that the damage was rapidly increasing as state-supported hackers attack those companies to obtain research results related to the COVID-19, and hackers chose medical institutions as targets with an efficient ransomware attack approach by changing 'spray and pray' strategy to 'big-game hunting'. Companies using untact services such as telework are experiencing cyber breaches due to insufficient security settings, non-installation of security patches, and vulnerabilities in systems constituting untact services such as VPN. In response to these cyber incidents, as a case of cyber fraud countermeasures, security notices to preventing cyber fraud damage to the public was announced, and security guidelines and ransomware countermeasures were provided to organizations related to COVID-19 and medical institutions. In addition, for companies that use and provide untact services, security vulnerability finding and system development environment security inspection service were provided by Government funding programs. We also looked at the differences in the role of the government and the target of security notices between domestic and overseas response cases. Lastly, considering the development of untact services by industry in preparation for post-COVID-19, supply chain security, cloud security, development security, and IoT security were suggested as common security reinforcement measures.

Trends and Implications of Cybersecurity Policies in Major Countries (주요국 사이버보안 정책 동향 및 시사점)

  • J.S. Lee;S.M. Choi;C.M. Ahn;Y. Yoo
    • Electronics and Telecommunications Trends
    • /
    • v.38 no.4
    • /
    • pp.58-69
    • /
    • 2023
  • Cyberspace is emerging as a critical domain requiring national-level governance and international cooperation owing to its potential financial and societal impacts. This research aims to investigate the cybersecurity policies from major countries for understanding with comprehensive perspectives. Global trends emphasize a comprehensive command-centered approach, with top leadership directing cybersecurity policies. Key policy areas include security across technology ecosystems, protection of critical infrastructure, and software supply chain security. Investment is being focused on zero-trust architectures, software bills, and new technologies like artificial intelligence. For countries like Korea, immediate response and adaptation to these trends are crucial to develop and enforce national cybersecurity policies.

A Study on Government Support for Logistics Security (물류보안 인증을 위한 정부지원 방안 연구)

  • Lee, DonHee
    • Journal of Korea Society of Industrial Information Systems
    • /
    • v.21 no.6
    • /
    • pp.109-123
    • /
    • 2016
  • This study investigates the importance of government's support for logistics security assurance through certification programs. First, the study analyzed priorities among the requirements of logistics firms through Analytic Hierarchy Process(AHP) and Quality Function Deployment(QFD) approaches. For this process we invited 21 logistics experts to assess the relationships between logistic firms' requirements and government policies regarding logistics security using the house of quality, a set of matrices of QFD. The results of this phase of the study revealed the priorities of logistics firms' goals regarding the diffusion of the government security certification program as follows: integrated logistics security systems(40.3%), strengthening government support systems(32.4%), and operational effectiveness of logistics security certification(27.2%). Second, a relative weights applied QFD method based on AHP was applied to determined the expected outcome of the logistics security certification program. The results indicated as follows: productivity improvement(28.4%), improved level of service(26.7%), logistics cost reduction(21.6%), advanced information systems(19.7%), and improved environmental protection(3.6%). The results of this study provide new insights concerning logistics firms' requirements for supply chain security and the importance of government's support policies through logistics security certification programs.

Smart Ship Container With M2M Technology (M2M 기술을 이용한 스마트 선박 컨테이너)

  • Sharma, Ronesh;Lee, Seong Ro
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.38C no.3
    • /
    • pp.278-287
    • /
    • 2013
  • Modern information technologies continue to provide industries with new and improved methods. With the rapid development of Machine to Machine (M2M) communication, a smart container supply chain management is formed based on high performance sensors, computer vision, Global Positioning System (GPS) satellites, and Globle System for Mobile (GSM) communication. Existing supply chain management has limitation to real time container tracking. This paper focuses on the studies and implementation of real time container chain management with the development of the container identification system and automatic alert system for interrupts and for normal periodical alerts. The concept and methods of smart container modeling are introduced together with the structure explained prior to the implementation of smart container tracking alert system. Firstly, the paper introduces the container code identification and recognition algorithm implemented in visual studio 2010 with Opencv (computer vision library) and Tesseract (OCR engine) for real time operation. Secondly it discusses the current automatic alert system provided for real time container tracking and the limitations of those systems. Finally the paper summarizes the challenges and the possibilities for the future work for real time container tracking solutions with the ubiquitous mobile and satellite network together with the high performance sensors and computer vision. All of those components combine to provide an excellent delivery of supply chain management with outstanding operation and security.

Security Model Tracing User Activities using Private BlockChain in Cloud Environment (클라우드 환경에서 프라이빗 블록체인을 이용한 이상 행위 추적 보안 모델)

  • Kim, Young Soo;Kim, Young Chan;Lee, Byoung Yup
    • The Journal of the Korea Contents Association
    • /
    • v.18 no.11
    • /
    • pp.475-483
    • /
    • 2018
  • Most of logistics system has difficulties in transportation logistics tracking due to problems in real world such as discordance between logistics information and logistics flow. For the solution to these problems, through case study about corporation, suppliers that transport order items in shopping mall, we retain traceability of order items through accordance between logistics and information flow and derive transportation logistics tracking model. Through literature review, we selected permissioned public block chain model as reference model which is suitable for transportation logistics tracking model. We compared, analyzed and evaluated using centralized model and block chain as application model for transportation logistics tracking model. In this paper we proposed transportation logistics tracking model which integrated with logistics system in real world. It can be utilized for tracking and detection model and also as a tool for marketing.

A Study on Logistics Security Recognition of Domestic Logistics Enterprises (국내물류기업의 물류보안 인식에 관한 연구)

  • Lee, Jea-Won;Ryu, Hyung-Geun;Yeon, Joung-Hum
    • Journal of Navigation and Port Research
    • /
    • v.34 no.1
    • /
    • pp.45-50
    • /
    • 2010
  • After September 11 attacks, as recently the range about security of physical distribution is rapidly spreading temporally & spatially, and it considers that the demand of understanding about logistics company is more than that of the past, now is the time that to establish policy for a comprehensive and systematic support policy that targets the entire supply chain considering the competitive of logistics beyond the responsibility for security of the field of import and export simply. In this respect, this study has identified recognition of domestic logistics company about global logistics security system that has recently been implemented in the country, and this level of recognition has really examined what is the impact of its logistics competitiveness and an intention to invest in related areas in the future. Based on this, this study has also proposed the supporting promotion and education for the expansion of logistics security of government & related agencies and effective way promoting to establish policies regarding this.

A Case Study of Profit Optimization System Integration with Enhanced Security (관리보안이 강화된 수익성 최적화 시스템구축 사례연구)

  • Kim, Hyoung-Tae;Yoon, Ki-Chang;Yu, Seung-Hun
    • Journal of Distribution Science
    • /
    • v.13 no.11
    • /
    • pp.123-130
    • /
    • 2015
  • Purpose - Due to highly elevated levels of competition, many companies today have to face the problem of decreasing profits even when their actual sales volume is increasing. This is a common phenomenon that is seen occurring among companies that focus heavily on quantitative growth rather than qualitative growth. These two aspects of growth should be well balanced for a company to create a sustainable business model. For supply chain management (SCM) planners, the optimized, quantified flow of resources used to be of major interest for decades. However, this trend is rapidly changing so that managers can put the appropriate balance between sales volume and sales quality, which can be evaluated from the profit margin. Profit optimization is a methodology for companies to use to achieve solutions focused more on profitability than sales volume. In this study, we attempt to provide executional insight for companies considering implementation of the profit optimization system to enhance their business profitability. Research design, data, and methodology - In this study, we present a comprehensive explanation of the subject of profit optimization, including the fundamental concepts, the most common profit optimization logic algorithm -linear programming -the business functional scope of the profit optimization system, major key success factors for implementing the profit optimization system at a business organization, and weekly level detailed business processes to actively manage effective system performance in achieving the goals of the system. Additionally, for the purpose of providing more realistic and practical information, we carefully investigate a profit optimization system implementation case study project fulfilled for company S. The project duration was about eight months, with four full-time system development consultants deployed for the period. To guarantee the project's success, the organization adopted a proven system implementation methodology, supply chain management (SCM) six-sigma. SCM six-sigma was originally developed by a group of talented consultants within Samsung SDS through focused efforts and investment in synthesizing SCM and six-sigma to improve and innovate their SCM operations across the entire Samsung Organization. Results - Profit optimization can enable a company to create sales and production plans focused on more profitable products and customers, resulting in sustainable growth. In this study, we explain the concept of profit optimization and prerequisites for successful implementation of the system. Furthermore, the efficient way of system security administration, one of the hottest topics today, is also addressed. Conclusion - This case study can benefit numerous companies that are eagerly searching for ways to break-through current profitability levels. We cannot guarantee that the decision to deploy the profit optimization system will bring success, but we can guarantee that with the help of our study, companies trying to implement profit optimization systems can minimize various possible risks across various system implementation phases. The actual system implementation case of the profit optimization project at company S introduced here can provide valuable lessons for both business organizations and research communities.

Maritime Security Training: Evaluation of the Impact on Seafarers' Security Awareness and Security Performance (선박보안교육: 선원의 보안인식과 보안성과에 미치는 영향 평가)

  • D'agostini, Enrico;Jo, Sohyun
    • Journal of the Korean Society of Marine Environment & Safety
    • /
    • v.25 no.2
    • /
    • pp.201-211
    • /
    • 2019
  • Safety and security measures in the shipping industry play a pivotal role in ensuring efficient and reliable cargo and passengers operations at each stage of the supply chain. The ISPS Code was adopted into SOLAS convention to protect seafarers and vessels from security threats. Furthermore, according to the Manila amendments to STCW Convention in 2010, personnel employed on board are required to participate in security training. Effective seafarers' education and training programs are of major importance to guarantee satisfactory performance levels onboard to minimize security-related risks. The study's contribution focuses on empirically evaluating the relationship between personal level of awareness and security performance when seafarers undertake security training courses. Findings of this study suggest that (1) seafarers who undertake maritime security training have a higher awareness of ship security, (2) security training and security awareness have a positive influence on security performance, and (3) security awareness mediates the impact of security training and security performance. In conclusion, education and training programs are key tools in enhancing seafarers' security awareness and security performance which, from an industry viewpoint, can translate into major economic, operational and reputational benefits.

The Effect of Security Information Sharing and Disruptive Technology on Patient Dissatisfaction in Saudi Health Care Services During Covid-19 Pandemic

  • Beyari, Hasan;Hejazi, Mohammed;Alrusaini, Othman
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.16 no.10
    • /
    • pp.3313-3332
    • /
    • 2022
  • This study is an investigation into the factors affecting patient dissatisfaction among Saudi hospitals. The selected factors considered for analysis are security of information sharing, operational practices, disruptive technologies, and the ease of use of EHR patient information management systems. From the literature review section, it was clear that hardly any other studies have embraced these concepts in one as was intended by this study. The theories that the study heavily draws from are the service dominant logic and the feature integration theory. The study surveyed 350 respondents from three large major hospitals in three different metropolitan cities in the Kingdom of Saudi Arabia. This sample came from members of the three hospitals that were willing to participate in the study. The number 350 represents those that successfully completed the online questionnaire or the limited physical questionnaires in time. The study employed the structural equation modelling technique to analyze the associations. Findings suggested that security of information sharing had a significant direct effect on patient satisfaction. Operational practice positively mediated the effect of security of information sharing on patient dissatisfaction. However, ease of use failed to significant impact this association. The study concluded that to improve patient satisfaction, Saudi hospitals must work on their systems to reinforce them against the active threats on the privacy of patients' data by leveraging disruptive technology. They should also improve their operational practices by embracing quality management techniques relevant to the healthcare sector.

A Model-based Performance Study of the EPCglobal Network (모델 기반 EPCglobal 네트워크의 성능 분석)

  • Kang, Yong-Shin;Son, Kyung-Won;Lee, Yong-Han;Rhee, Jong-Tae
    • IE interfaces
    • /
    • v.24 no.2
    • /
    • pp.139-150
    • /
    • 2011
  • The EPCglobal Network is a computer network used to share product data among trading partners. It provides the supply chain with improved visibility and traceability by using Electronic Product Code (EPC), which is stored on an RFID tag. Although this network model is widely accepted as a global standard and the growth of EPCglobal-subscriber base is considerable, the EPC technology adoption process is still in its infancy. This is because some of the critical issues on this model still remain to be verified such as scalability, data management, security, privacy and the economic value of data sharing. In this paper, we focus on scalability issue among the challenges to overcome and we regard performance of the EPCglobal Network only as a track and trace query-processing cost in the network. We developed performance models consisting of three elements of the EPCglobal Network : Discovery Services (DS), EPC Information Services (EPCIS), Object Naming Services (ONS). Then we abstracted out the track and trace query execution model to evaluate performance of the overall EPCglobal Network. Finally using the proposed models, we carried out simulation analysis based on an RFID-based inbound logistics process of automobile parts. This work is an important step towards the EPC technology diffusion and provides guidelines for businesses looking to buy or build the EPCglobal Network-based systems.