• Journal of Information Technology Applications and Management
• /
• v.25 no.4
• /
• pp.67-77
• /
• 2018

With the types and targets of cyber attacks expanding and with personal information leaks increasing, the quantitative demand for information security specialists has increased. The base for training the workforce has expanded accordingly, but joblessness and job-seeking still coexist. To resolve the gap between labor demand and supply, education and training systems that can supply demand quickly are needed. It takes a considerable amount of time for information security education and new manpower supply through universities and graduate schools to be reflected in the market. However, if information security retraining is carried out in terms of career development of information security and related workforce, the problem of lack of experts could be solved in a relatively short period. This paper investigates and analyzes the information security work of the information security workforce, the degree of skill level, the need for retraining, and the workplace migration experience; it also discusses the direction of career development retraining.

• Asia pacific journal of information systems
• /
• v.30 no.2
• /
• pp.308-327
• /
• 2020

The importance of information security is increasing, and various efforts are being made to improve users' information security behaviors. Among these various efforts, information security education is mainly aimed at providing users with information security knowledge and improving information security awareness. This study classified the types of information security education into offline and online to examine the effects of each education method on attitudes toward information security (perceived severity, vulnerability, self-efficacy and response-efficacy) and information security behaviors. A survey was conducted for users with information security education experiences. The results obtained by comparing the differences in the path coefficients of personal information security behaviors according to information security education experiences showed that security behaviors were more significant in the online experience group than the offline group. In addition, gender differences were analyzed, and it was found that females had a greater impact on information security attitudes than males. This study also found that among Internet users with online information security education experience, females tend to have more information security behavior than males, but there were contrasting results among users with offline information security education experiences. The results of this study finally address the necessity of reflecting users' personalities in the systematic design of information security education in the future. Furthermore, the results of this study support the need for an appropriate education system that sufficiently understands education types to maximize the effects of information security education.

• Korean Security Journal
• /
• no.2
• /
• pp.33-60
• /
• 1999

I Study on the security measures of the World Cup Korea and Japan jointly in 2002. The paper, purporting to consider security counterplans, comprise five chapters. Chapter I which sets out purpose, scope and method, is followed by chapter II, dealing largely with the legislations and importance on the security measures of the 17th FIFA World Cup in 2002. Chapter III concerns the security environment -internal environment, external environment- and the highlights accidents and events of history on the FIFA World Cup. Chapter IV consider security measures of the World Cup Korea in 2002. It is followed by concluding observation made in chapter V. To be operated security systems effectively, these need to be regulated according to a security measures organizations, security facilities and equipments, security plan and protective force, security operations and so forth.

• Korean Security Journal
• /
• no.30
• /
• pp.33-60
• /
• 2012

False alarm of Electronic security causes various serious side effects such as decrease of electronic security guard's morale caused by unnecessary mobilization, increase of fatigue caused by workload increase, increase of electronic security company owner's management burden and decrease of electronic security service utilization rate caused by customer's distrust. Therefore, the study considered the Korean regulation related with false alarm of electronic security and proposed actual status of false alarm and measure for it. The study proposed systematic resolution assignments and political assignments in relation with the measure for false alarm. Systematic resolution assignments are as follows. First, electronic security company should construct electronic security system accurately from the initial step of security consulting and security planning related with target facility. Second, it is necessary to encourage installation and operation of video monitoring system. Third, sensor wiring should be separated. Fourth, the measures for false alarm depending on main system causes should be prepared. It is necessary to encourage the installation of 'arming disarming alarm sound' generator. In addition, the measures for false arm depending on the characteristics of sensor should be prepared and standardized. Fifth, system maintenance should be reinforced. Political assignments related with the measures for false alarm are as follows. First, it is necessary to reinforce education & training. Individual nurturing & education process should be run by electronic security company or the education focusing on the measure for false alarm should be performed in job training defined in "Security Industry Act". Second, it is necessary to establish and reinforce legal regulation and establish device. If police authority standardizes the documents related with false alarm, provides their forms and requires them for periodical reports or documents, it is expected that good measures for false alarm will be prepared on the basis of actual data in the future. Third, cooperation organization to discuss the measures for false alarm like 'Conference for False Alarm of Electronic Security' should be organized and operated. Fourth, interest and role of electronic security company and electronic security supervisor should be enlarged.

• Journal of Information Technology Services
• /
• v.23 no.1
• /
• pp.1-10
• /
• 2024

The IT environment is changing due to the acceleration of digital transformation in enterprises and organizations. This expansion of the digital space makes centralized cybersecurity controls more difficult. For this reason, cyberattacks are increasing in frequency and severity and are becoming more sophisticated, such as ransomware and digital supply chain attacks. Even in large organizations with numerous security personnel and systems, security incidents continue to occur due to unmanaged and unknown threats and vulnerabilities to IT assets. It's time to move beyond the current focus on detecting and responding to security threats to managing the full range of cyber risks. This requires the implementation of asset Inventory for comprehensive management by collecting and integrating all IT assets of the enterprise and organization in a wide range. IT Asset Management(ITAM) systems exist to identify and manage various assets from a financial and administrative perspective. However, the asset information managed in this way is not complete, and there are problems with duplication of data. Also, it is insufficient to update of data-set, including Network Infrastructure, Active Directory, Virtualization Management, and Cloud Platforms. In this study, we, the researcher group propose a new framework for automated 'Comprehensive IT Asset Management(CITAM)' required for security operations by designing a process to automatically collect asset data-set. Such as the Hostname, IP, MAC address, Serial, OS, installed software information, last seen time, those are already distributed and stored in operating IT security systems. CITAM framwork could classify them into unique device units through analysis processes in term of aggregation, normalization, deduplication, validation, and integration.

• Korean Security Journal
• /
• no.31
• /
• pp.25-45
• /
• 2012

Based on the results of preceding researches that the uncertainty perceived by the private security guards about their roles exerts direct effects on the business performance of the security industry, it needs to preferentially examine the degree of authority that the private security guards have. The suitability of the psychological empowerment criteria for measuring this for private security guards, however, has not yet been established up to the present, so it can be said that the validity of the information has not yet been established. Accordingly, as the psychological empowerment criteria of private security guards, this research examined the suitability of items, reliability of items, the level of difficulty of items, and the item goodness of fit from the viewpoint of the appropriateness of category of responses, and it is summarized as follows. First, in the self-determinism factor of the psychological empowerment criteria, Item 11 was found to be an unsuitable item, so it is proper that Item 11 should be deleted when examining the psychological empowerment of private security guards from now on. Second, the item reliability of the psychological empowerment criteria was high, so the consistency of the results is shown even if the data are collected from the other private security guards. Third, they feel that it is hard to respond to Item 12 while they perceive that Item 1 is the easiest, and the level of items of the psychological empowerment criteria is evenly distributed. Fourth, it was established that the 5-point categories of the psychological empowerment criteria were suitable to the private security guards.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.1
• /
• pp.103-109
• /
• 2016

The information security industry is technology-intensive, high value-added industries. South Korea's response has excellent ICT skills and experience and skills in a variety of cyber attacks, has become a benchmark in the world. However, the small size of the domestic information security company, supporting infrastructure is lacking. Domestic information security industry is the primary condition to activate the export. For the export of high value-added enterprise information security products and services, it is necessary the establishment of the domestic IT information security infrastructure of the industrial promotion is based overseas. Come to analyze the domestic information security industry, capital of this small, market reclamation of overseas expansion, information, manpower shortage was a problem. This fact, combined losses caused by cost-free period AS. Therefore, the study on information security in the infrastructure industry overseas bases is necessary. How to select and analyze the causes of infrastructure in selected overseas offices. By utilizing the infrastructure of overseas bases, can raise the added value of the products and services of the Information Security company, we can enable the export of small and medium Information Security company from overseas offices.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2017.05a
• /
• pp.291-293
• /
• 2017

Security services that support electric energy service gateway require relatively high reliability. In particular, the application services that accompany communications and data are run organically. Each of the security services should support a secure service platform that supports a secure, scalable life cycle for existing services which should be extends security layer of Universal Middleware such as OSGi platform. In this convergence platform, it is the study of security transfer modular services that allow independent life cycle management of systems through Universal middleware. First, It is modular in terms of energy consumption service and data, enabling real-time operation, communications, remote management and applications. Second, the life cycle of the secure module to support the life cycle of secure, delete, start and updating of the security module by applying the security policy module layer concept. It is modular in terms of power generation and accountability, enabling us to distinguish between reliability and accountability in a large volume of data models in the smart grid, the service was intended to be standardized and applied to the security service platform.

• Korean Security Journal
• /
• no.27
• /
• pp.31-49
• /
• 2011

The subjects consisted of 60 healthy men who absence of cardiopulmonary diseases, orthopedic diseases, and metabolic diseases. The difference of physical fitness, body composition, cardiovascular risk factors, and psychological characteristics for security guards' working type were examined using one-way ANOVA through SPSS 12.0 version and was treated for the post hoc test when the difference appeared significantly. According to the result, first, there were higher level for the physical fitness according to the security guards' position and it increases body composition and cardiovascular risk factors from higher position. Second, physical fitness level is higher, body composition and cardiovascular risk factors is lower in the security guards for the field service than the security guards on inside duty according to the security guards' working type. Third, it decreases body composition and cardiovascular risk level when the physical fitness level is getting increase for the security guards. In conclusion, it needs to have a physical activity with aerobic system for the security guards of leading members and inside service to decrease the overweight or obesity and cardiovascular risk level.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.25 no.10
• /
• pp.1391-1396
• /
• 2021

The boundary-based security system has the advantage of high operational efficiency and easy management of security solutions, and is suitable for denying external security threats. However, since it is operated on the premise of a trusted user, it is not suitable to deny security threats that occur from within. A zero trust access control model was proposed to solve this problem of the boundary-based security system. In the zero trust access control model, the security requirements for real-time security event monitoring must be satisfied. In this study, we propose a monitoring method for the most basic file access among real-time monitoring functions. The proposed monitoring method operates at the kernel level and has the advantage of fundamentally preventing monitoring evasion due to the user's file bypass access. However, this study focuses on the monitoring method, so additional research to extend it to the access control function should be continued.