• Title/Summary/Keyword: security effectiveness

Search Result 819, Processing Time 0.023 seconds

The Effects of Information Security Policies, Security Controls and User's Characteristics on Anti-Virus Security Effectiveness (정보보안정책, 보안통제 및 사용자특성이 정보보안효과에 미치는 영향: 컴퓨터 바이러스를 중심으로)

  • Kim Jong-Ki;Jeon Jin-Hwan;Lim Ho-Seob
    • The Journal of Information Systems
    • /
    • v.15 no.1
    • /
    • pp.145-168
    • /
    • 2006
  • Current computer viruses are one of the most serious problems in information age due to their potential demage and impact on use of information systems. To make the problem worse, virus development technology has been advanced rapidly, and use of network systems has expanded widely. Therefore computer viruses are much more complex and use of anti-virus software(AV S/W) is not enough to prrevent virus incidents. It implies that computer viruses as well as other information security matters are not solely a technical problem but also a managerial one. This study emphasized on computer virus controls from managerial perspective of information security and investigated factors influencing the effectiveness of computer virus controls. Organization's comprehensive security policies provide guidelines on how organization or individual can protect themselves from computer viruses. Especially, user's education has positive impact on user's security related characteristics. Based on the analysis of research model using structural equation modeling technique, security policies were influencing security controls and improving user's computer viruses related awareness. Also security controls had positive impact on security effectiveness. However, no significant relationship was found between user's security related characteristics and security effectiveness.

  • PDF

The Effects of Security Policies, Security Awareness and Individual Characteristics on Password Security Effectiveness (보안정책, 보안의식, 개인적 특성이 패스워드 보안효과에 미치는 영향)

  • Kim, Jong-Ki;Kang, Da-Yeon
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.18 no.4
    • /
    • pp.123-133
    • /
    • 2008
  • Information securiry is considered important due to the side effect generated from the expansion of information system and rapid increase of the use of internet. Nevertheless, we are getting unconscious of the importance of information security. The purpose of this research is to empirically analyze that the effects of security policies, security awareness and individual characteristics on password security effectiveness. Based on the analysis of research model using structural equation modeling technique, security policies were influencing individual characteristics and improving user's security awareness. Also individual characteristics and security awareness had positive impact on security effectiveness.

A Study on the Factors Affecting the Information Systems Security Effectiveness of Password (패스워드의 정보시스템 보안효과에 영향을 미치는 요인에 관한 연구)

  • Kim, Jong-Ki;Kang, Da-Yeon
    • Asia pacific journal of information systems
    • /
    • v.18 no.4
    • /
    • pp.1-26
    • /
    • 2008
  • Rapid progress of information technology and widespread use of the personal computers have brought various conveniences in our life. But this also provoked a series of problems such as hacking, malicious programs, illegal exposure of personal information etc. Information security threats are becoming more and more serious due to enhanced connectivity of information systems. Nevertheless, users are not much aware of the severity of the problems. Using appropriate password is supposed to bring out security effects such as preventing misuses and banning illegal users. The purpose of this research is to empirically analyze a research model which includes a series of factors influencing the effectiveness of passwords. The research model incorporates the concept of risk based on information systems risk analysis framework as the core element affecting the selection of passwords by users. The perceived risk is a main factor that influences user's attitude on password security, security awareness, and intention of security behavior. To validate the research model this study relied on questionnaire survey targeted on evening class MBA students. The data was analyzed by AMOS 7.0 which is one of popular tools based on covariance-based structural equation modeling. According to the results of this study, while threat is not related to the risk, information assets and vulnerability are related to the user's awareness of risk. The relationships between the risk, users security awareness, password selection and security effectiveness are all significant. Password exposure may lead to intrusion by hackers, data exposure and destruction. The insignificant relationship between security threat and perceived risk can be explained by user's indetermination of risk exposed due to weak passwords. In other words, information systems users do not consider password exposure as a severe security threat as well as indirect loss caused by inappropriate password. Another plausible explanation is that severity of threat perceived by users may be influenced by individual difference of risk propensity. This study confirms that security vulnerability is positively related to security risk which in turn increases risk of information loss. As the security risk increases so does user's security awareness. Security policies also have positive impact on security awareness. Higher security awareness leads to selection of safer passwords. If users are aware of responsibility of security problems and how to respond to password exposure and to solve security problems of computers, users choose better passwords. All these antecedents influence the effectiveness of passwords. Several implications can be derived from this study. First, this study empirically investigated the effect of user's security awareness on security effectiveness from a point of view based on good password selection practice. Second, information security risk analysis framework is used as a core element of the research model in this study. Risk analysis framework has been used very widely in practice, but very few studies incorporated the framework in the research model and empirically investigated. Third, the research model proposed in this study also focuses on impact of security awareness of information systems users on effectiveness of password from cognitive aspect of information systems users.

Development of Measures of Information Security Policy Effectiveness To Maximize the Convergence Security (융합보안 강화를 위한 정보보안 정책 효과성 측정도구 개발)

  • Yim, Myung-Seong
    • Journal of the Korea Convergence Society
    • /
    • v.5 no.4
    • /
    • pp.27-32
    • /
    • 2014
  • The information security policy is one of the most important tools for organization to manage the implementation and ensure the organizational security. However, we do not have metrics for measuring its effectiveness. The ultimate purpose of this study is to develop the measures of information security policy effectiveness. To do this, this study review data quality and information quality literatures and investigate appropriate subfactors for information security policy. Rooted in these concepts, we suggest accuracy, completeness, interpretability, and relevance from content aspect and understandability, concise representation, and amount from form aspect as factors for information security policy effectiveness.

A Study on the Effect of Airline Staff's Contradictory Attitude between Aviation Safety and Aviation Security to Organizational Effectiveness (항공사 조직구성원의 항공안전과 항공보안에 대한 상충적 태도가 조직효과성에 미치는 영향 연구)

  • Kim, Chang-Woo;Kim, Kee-Woong;Park, Sung-Sik
    • Journal of the Korean Society for Aviation and Aeronautics
    • /
    • v.28 no.2
    • /
    • pp.18-28
    • /
    • 2020
  • This paper has studied the effect of airline staff's perception on both aviation safety and aviation security to their organizational effectiveness. Airline staff's perception on aviation safety is different from that on aviation security due to organizational difference in an airline. Through an empirical analysis, it was analyzed the effect of such perceptional difference on airline's organizational effectiveness. According to the analysis, it was found the perception of aviation safety has a significant positive effect on organizational effectiveness. Airline staff believed the safety is a core value of an airline and emphasizing the safety never impeded the airline's operation including service quality. Secondly, it was proven the perception on abiding by aviation security rules had a significant negative effect on organizational effectiveness. However, emphasizing aviation security had a very significant positive contribution on airline's philosophy of aviation safety. Following the research results, it was suggested an airline look for improving the process and regulations to deal with aviation security in the organization.

The Impact of Strategic Human Resource Management in Physical Security Companies on Organizational Effectiveness and Corporate Performance (물리보안기업의 전략적 인적자원관리가 조직유효성 및 기업성과에 미치는 영향)

  • Ye-Jin Jang;Soo-Ho Choi
    • Convergence Security Journal
    • /
    • v.24 no.3
    • /
    • pp.239-247
    • /
    • 2024
  • This study analyzed the impact of strategic human resource management on organizational effectiveness and corporate performance targeting security personnel working in a physical security company. To this end, a survey was conducted from April 15 to May 17, 2024 targeting 130 security managers working in physical security-related companies. In the survey, the variables were divided into "strategic human resource management, organizational effectiveness, and corporate performance." As a result of the analysis, among the research hypotheses, "Strategic human resource management ⇨ organizational effectiveness, organizational effectiveness ⇨ corporate performance, strategic human resource management ⇨ corporate performance" were all adopted. In order to increase the performance of security companies, organizational effectiveness must be improved, and to this end, efforts must be maintained to improve strategic human resource management within the company. In order to improve strategic human resource management in the future, it is necessary to present all the job skills that new employees must have and provide sufficient training opportunities on the job before being put into the field.

An Ex Ante Evaluation Method for Assessing a Government Enforced Security Measure (정부의 정보 보안 대책 법제화의 사전 효과성 분석 방법)

  • Shim, Woohyun
    • The Journal of Society for e-Business Studies
    • /
    • v.20 no.4
    • /
    • pp.241-256
    • /
    • 2015
  • In order to ensure that all firms are cyber-secure, many governments have started to enforce the implementation of various security measures on firms. Prior to the implementation, however, it is vague whether government enforced security measures will be effective for mitigating cyber-security risks. By applying a method for estimating the effectiveness of a mandatory seatbelt law in reducing fatalities from motor vehicle accidents, this study develops an ex ante evaluation method that can approximate the effectiveness of a government enforced security measure in reducing country-wide or industry-wide cyber-security risks. Using data obtained from the Korean Internet and Security Agency, this study then explores how to employ the developed method to assess the effectiveness of a specific security measure in mitigating cyber-security risks, if enforced by the government, and compares the effectiveness of various security measures. The comparison shows that compulsory security training has the highest effectiveness.

A Study on a Security Engineering Methodology for Information Security Systems Considering Quality and Cost (품질과 비용을 고려한 프로세스 기반의 보안공학방법론에 관한 연구)

  • Choi, Myeong-Gil
    • Journal of Information Technology Applications and Management
    • /
    • v.16 no.2
    • /
    • pp.23-43
    • /
    • 2009
  • For reliability and confidentiality of information security systems, the security engineering methodologies are accepted in many organizations. To improve the effectiveness of security engineering, this paper suggests a security methodology ISEM, which considers both product assurance and production processes, takes advantages in terms of quality and cost. To verify the effectiveness of ISEM, this paper introduces the concepts of quality loss, and compares the development costs and quality losses between ISEM and CC through the development of VPN system.

  • PDF

An Understanding of Impact of Security Countermeasures on Persistent Policy Compliance (보안 대책이 지속적 보안 정책 준수에 미치는 영향)

  • Park, Chul-Ju;Yim, Myung-Seong
    • Journal of Digital Convergence
    • /
    • v.10 no.4
    • /
    • pp.23-35
    • /
    • 2012
  • The goal of this study is to identify factors that influence on the persistent information security compliance intention of employees. Antecedents suggested in research model are security awareness training and perceived effectiveness of information security policy. Research results show that security awareness training has a positive effect on persistent information security compliance intention as well as effectiveness of information security policy. While policy breadth, which is one of the effectiveness of information security policy, influences on persistent information security compliance attitude and intention, policy brevity does not effect on persistent information security compliance intention. Conclusions and implications are discussed.

Standards on the Effectiveness of the Rights to Social Security of People with Disability (장애인 사회보장수급권의 실효성 기준에 관한 연구)

  • Seo, Jeong-Hee
    • Korean Journal of Social Welfare
    • /
    • v.62 no.1
    • /
    • pp.211-235
    • /
    • 2010
  • This study attempts to examine standards on the effectiveness of the rights to social security of people with disability. The current research makes the standards on effectiveness of social security rights to the disabled. This standards draw four right areas and five general principles from debates about effectiveness of general social security rights and extend for applying three social area to the disabled. Four right areas are benefit coverage, benefit structure, benefit restriction and rights relief. Five general principles are enforceable rule principle, national finance principle, unconditional principle, adequacy principle and penalties principle. These four right areas and five general principles apply to three social security areas of income support, employment security and medical security. Measurement values are 'high' and 'low'. These measurement values divided into two that are used to ensure same intervals. This study on standards to the effectiveness of the rights to social security of people with disability has political and theoretical implications. First, in political aspects, these standards provide objective understanding of the present level of social security policies for the disabled. Second, theoretically the current study expands debates about the effectiveness of general social security through multi-disciplined research. At once this study is significant to establish empirical research foundation.

  • PDF