• Journal of Information Technology Applications and Management
• /
• 제16권3호
• /
• pp.73-86
• /
• 2009

To establish an effective security strategy, business enterprises need a security benchmarking tool. The strategy helps to lessen an impact and a damage in any threat. This study analyses many aspects of information security management and suggests a way to deal with security investments by considering important factors that affect security manager's decision. To address the different threats resulting from a major cause of accidents inside an enterprise, we investigate an approach that followed ISO17799. We unfold a criminology theory that has designated many measures against the threat as suggested by General Deterrence Theory. The study proposes a coherent model of the theory to improve the security measures especially in handling and protecting company assets and human lives as well.

• 정보보호학회논문지
• /
• 제27권6호
• /
• pp.1507-1517
• /
• 2017

일반적으로 정보유출사건은 외부 해커에 의해 발생된다고 생각되지만 내부자에 의한 직간접적인 정보유출사건이 더 많고 전체 유출비중의 과반 수 이상을 차지하기 때문에 내부자 유출에 대한 대비가 필요하다. 본 연구에서는 일반 억제 이론과 합리적 선택 이론을 기반으로 교통심리학 분야에서 연구되었던 행동결정요인인 위험감수성과 상황불안을 통합해 연구모델을 구성하고 설문조사를 통해 실증분석 하였다. 분석 결과, 위험감수성이 지각된 처벌의 심각성 및 확실성에 미치는 영향은 통계적으로 유의미하지 않았으나, 지각된 이익, 상황불안, 지각된 처벌의 심각성 및 확실성은 정보유출의도에 영향을 주는 것으로 확인되었다.

• 한국컴퓨터정보학회논문지
• /
• 제24권6호
• /
• pp.81-88
• /
• 2019

Based on the theory of planned behavior and the theory of legal deterrence, this study takes consumers' willingness to pay for digital music as the research object, investigates the consumers who have digital music consumption channels and behaviors, and discusses the willingness of consumers to pay for digital music and its influencing factors. The study attempts to achieve the following research purposes: First, explore the influencing factors of willingness to pay for digital music using domestic and foreign literature research and related content analysis. Second, we want to examine the effect of Attitude, Collective Specifications, Quality Sensitivity and Music affinity on willingness to pay. Third, Legal deterrence and resource availability tries to verify whether there is a moderating effect between Attitude, Collective Specifications, Quality Sensitivity and Music affinity and willingness to pay. The research data was collected in 2019 between April 6th to May 8th. Questionnaires were randomly distributed in fixed places, mainly in Hubei Province, China. A total of 393 questionnaires were selected for data analysis. Based on the previous theoretical review and empirical analysis, the study draws the following conclusions: Firstly, attitude, collective specifications, quality sensitivity and music affinity have an impact on the willingness to pay. Second, Legal deterrence has a regulatory effect on the relationship among quality sensitivity, musical affinity and the willingness to pay. Last the resource availability has a significant impact on the willingness to pay. It also has a regulatory effect on the relationship among quality sensitivity, music affinity and the willingness to pay.

• Asia pacific journal of information systems
• /
• 제12권1호
• /
• pp.123-138
• /
• 2002

For the last two decades, there has been much research on computer abuse from the perspective of the general deterrence theory based on objectism, which covers security policy, security awareness programs, and physical security system. The traditional view offered by the general deterrence theory indicates that security policy, security awareness, and security system play a major role in preventing computer abuse. In spite of continuous organizational efforts and investments based on these systematic factors, the incidence of computer abuse in organizations is still rapidly increasing. This paper proposes another perspective-the social control theory based on subjectism-in preventing computer abuse. According to the social control theory, organizational trust, which comprises organizational attachment, commitment, involvement and norms, can prevent computer abuse by reducing insider's computer abuse. The aim of this article is to assess the role of organizational trust come from attachment, commitment, involvement, norms in preventing computer abuse. The results indicate that both organizational trust and deterrent factors are effective in preventing computer abuse.

• 한국경영정보학회:학술대회논문집
• /
• 한국경영정보학회 2007년도 추계학술대회
• /
• pp.487-492
• /
• 2007

This research focuses on the development and empirical validation of a model of software piracy behavior on the basis of deterrence theory, expected utility theory and the theory of reasoned action. The total of sample numbered 86 and PLS (Partial Least Square) was utilized for analysis. The test of this study revealed that punishment severity was the greatest significant factor to influence to software piracy and subjective norms was also significantly related to it. However punishment certainty and software cost do not significantly affect to software piracy.

• Strategy21
• /
• 통권41호
• /
• pp.232-260
• /
• 2017

The purpose of this paper is to open a debate about what kind of deterrent strategy the ROK military should pursue in the era of NK's weapons of mass destruction and missile threats. I argue that the ROK military needs a comprehensive deterrent strategy that reflects the international security situations and trends and that builds on clear understanding of the basic concepts and how deterrence operates. The paper starts with surveying the basic knowledge of deterrence from the perspectives of both theory and practice. Then, it provides explanations on why deterrence against NK can be particularly difficult given the security environment in and around the Korean peninsula. For example, South Korea and North Korea hardly share 'common knowledge' that serves as a basic element for the operation of deterrence. Deterrence against North Korea involves complex situations in that both deterrence and compellence strategies may be relevant particularly to North Korea's WMD and missile threats. It also involves both immediate and general deterrence. Based on the discussion, I suggest several ideas that may serve as guidelines for establishing a deterrent strategy against NK. First, our threats for deterrence should be the ones that can be realized, particularly in terms of the international norms. In other words, they must be considered appropriate among other nations in the international community. Second, there should be separate plans for the different kinds of threats: one is conventional, local provocations and the other is WMD/missile related provocations. Third, we should pursue much closer cooperative relations with the U.S. military to enhance the effectiveness of immediate deterrence in the Korean peninsula. Fourth, the ROK military should aim to accomplish 'smart deterrence' maximizing the benefits of technological superiority. Fifth, the ROK military readiness and structure should be able to deny emerging North Korean military threats such as the submarine-launched ballistic missiles and intercontinental ballistic missiles. Lastly, in executing threats, we should consider that the current action influences credibility and reputation of the ROK, which in turn affect the decisions for future provocations. North Korea's WMD/missile threats may soon become critical strategic-level threats to South Korea. In retrospect, the first debate on building a missile defense system in South Korea dates back to the 1980s. Mostly the debate has centered on whether or not South Korea's system should be integrated into the U.S. missile defense system. In the meantime, North Korea has become a small nuclear power that can threaten the United States with the ballistic missiles capability. If North Korea completes the SLBM program and loads the missiles on a submarine with improved underwater operation capability, then, South Korea may have to face the reality of power politics demonstrated by Thucydides through the Athenians: "The strong do what they have the power to do, the weak accept what they have to accept."

• 융합보안논문지
• /
• 제22권4호
• /
• pp.3-9
• /
• 2022

최근 4차 산업혁명 환경이 도래하면서 어느 조직이든 데이터의 개방과 공유, 융합이 활발하게 이루어지고 있다. 그런데 데이터의 개방과 공유는 필연적으로 보안 취약성을 초래할 수밖에 없으며 오히려 4차 산업혁명 환경에서 운영되는 조직의 존폐까지 영향을 미칠 수 있는 위협요인으로 대두되는 양면성이 있다. 특히 군이라는 조직에서 보안 문제는 군자체가 아닌 국가의 위협이 될 수 있으므로 항상 높은 수준의 보안 기강 유지가 필수적으로 요구된다. 이에 본 논문에서는 군(軍) 보안수준에 영향을 미칠 수 있는 요인을 추출하여 보안수준 발전대책을 모색하기 위해 계획 행동이론, 억제이론, 보호 동기 이론 등을 적용한 구조방정식 모형을 통해 14개 변수를 선별하였고 각 이론과 변수의 영향력을 검정하였다. 그 결과 평소 보안규정 교육과 평가를 통해 체화된 보안지식은 행동에 영향을 미친다는 계획 행동이론을 채택할 수 있었고, 억제이론과 보호 동기 이론은 기각 수준의 유의미성을 나타냈다. 또한, 3년간의 보안감사 결과 측정된 값을 통해 군(軍) 보안수준에 가장 큰 영향을 미치는 변수는 지휘 관심과 정신보안이라는 사실도 확인되었다. 결론적으로 군(軍) 보안수준을 높이기 위해서는 보안교육과 신상필벌, 보안시스템 고도화 등과 함께 지휘 관심과 정신보안 태세를 확고히 해야 한다는 내용이 발전대책으로 제시되었다.

• 한국국방경영분석학회지
• /
• 제31권1호
• /
• pp.1-13
• /
• 2005

Due to the rapid developments in information and computer technology, the warfare paradigm is being transformed into information-centric and knowledge-based warfare. This atmosphere may have significant impact on the ROK armed forces' Force Improvement Plans (FIP) which is documented in 'Defense White Paper 2004'. We focus here on the relationship of information-centric force and deterrence of invasion. Particularly, we are interested in understanding the level of information superiority that might be required to deter the invasion. In order to solve this problem, we employed two-sided, zero-sum strategic game to simulate the outcome with six hypothetical cases devised by varying the level of information superiority.

• 디지털융복합연구
• /
• 제19권2호
• /
• pp.169-174
• /
• 2021

효과적인 정보보안관리의 핵심요소인 정보보안 정책의 중요성이 고조되는 가운데, 조직 구성원의 보안정책 준수 여부에 영향을 미치는 요인에 대하여 다양한 이론에 기반한 실증연구가 다수 수행되었다. 억제이론은 사용자의 보안행동을 설명하는 연구에서 널리 사용되었다. 그러나, 여러 연구들이 일관적이지 않거나 서로 상충되는 결과를 보여 주었다. 이에 따라, 기존의 연구결과를 종합하는 연구들이 수행되었으나, 정성적인 문헌검토 차원이거나 개별 효과크기에 대한 단순한 정량적 분석에 그쳐 억제이론의 전반적인 모형을 대상으로 기존 연구결과를 종합적으로 분석하는 메타분석의 필요성이 대두되었다. 본 연구는 28편의 기존연구를 대상으로 다변량 메타분석의 일종인 TSSEM 기법을 R 기반의 metaSEM 패키지를 활용하여 분석하였다. 무선효과모형을 활용한 분석결과, 전반적인 억제이론 모형의 적합성은 만족스러운 수준이었으며, 억제이론을 구성하는 공식적인 세 가지 요인인 처벌의 확실성, 엄격성 및 신속성 모두 유의하게 나타났다. 향후 연구에서는 비공식적 억제요인에 대한 추가적인 분석과 함께 상황적 변수를 조절변수로 고려할 필요가 있다.

• 한국IT서비스학회지
• /
• 제14권4호
• /
• pp.81-104
• /
• 2015

Intentional information systems (IS) misuse is a serious problem in many organizations. This study aims at developing the theoretical framework of deterring IS misuse on the basis of Nagin's General Deterrence Theory (GDT) which is very famous in the area of socio-criminology. Applying GDT to the IS misuse situation could be reasoned that the perceived certainty and the perceived severity of sanctions associated with committing IS misuse have positive impact on deterring the deviant behaviors. Also, these two constructs (certainty of sanctions and severity of sanctions) could be inferred to be influenced by the four types of IS security countermeasures (security policies, security awareness program, monitoring practices and preventive security software) derived through critically reviewing IS security-relevant literature. The proposed research model and ten hypotheses were empirically analysed using structural equation modelling with the data collected by conducting a questionnaire survey of staff members in business organizations in Korea. As a result, it was found that five ones of ten hypotheses were supported. It is thought that this study makes theoretical contribution to expanding research area of IS security and also has strong implications for IS security management practices within organizations.