Journal of the Korea Institute of Information and Communication Engineering (한국정보통신학회논문지)

The Korea Institute of Information and Commucation Engineering (한국정보통신학회)
권호 표지
DOI QR코드

DOI QR Code

Study of Problem Based Learning for Information Security Consultant and its Analysis

정보보호 컨설턴트 양성을 위한 PBL 교육방안 적용 및 효과성 분석

  • Oh, Changhyun (Graduate School of Information Security, Sejong Cyber University) ;
  • Park, Yongsuk (Graduate School of Information Security, Sejong Cyber University)
  • Received : 2017.10.10
  • Accepted : 2017.11.03
  • Published : 2017.12.31
Download PDF
⟨ Previous Next ⟩

Abstract

Consulting projects such as diagnosis of vulnerabilities of major information and telecommunication infrastructure are increasing, mandatory public information infrastructure assessment (PIA) for public institutions and ISMS (Information Security Management System) The demand for information protection consulting is continuously increasing as the field obeys the law, but the lack of information security consultant is not improving. One reason is that information security consultants are not being developed to meet the increasing demand for information protection consulting. In this paper, we present the case of information protection consulting as a scenario for studying and educating the duty of information security consultant by studying overseas case and domestic case based on standardization and standardization. We propose a problem-based learning (PBL) training method. In addition, we analyze the effectiveness of the PBL - based learning method.

주요정보통신기반시설의 취약점진단 등 컨설팅 프로젝트가 증가하고 있으며, 공공기관의 개인정보영향평가(PIA) 의무화와 정보보호 관리체계(ISMS) 인증 의무화 등 정보통신 분야의 법률 준수가 의무화 되면서 정보보호 컨설팅 수요는 지속적으로 증가하고 있으나 정보보호 컨설턴트 부족은 개선되고 있지 않다. 한 이유는 증가하는 정보 보호 컨설팅 수요에 맞게 정보보호 컨설턴트가 양성되고 있지 않기 때문이다. 본 논문에서는 정보보호 컨설턴트 직무를 해외 사례와 국내 사례를 살펴보고 이를 기반으로 표준화/규격화하여 해당 직무를 실무관점에서 학습하고 교육할 수 있는 방안으로 정보보호 컨설팅 업무를 시나리오로 제시하여 스스로 문제를 풀어나가는 PBL (Problem-based learning) 교육방법을 제안한다. 또한 전문가 분석을 실시하고 그 효과성을 알아본다.

Keywords

References

  1. S. Kim, "Analysis of the Competencies of Information Security Consultants: Perceptual Differences between Staffs and Managers," Master of Business Administration thesis, Chungbuk National University, 2015.
  2. K. Yang, "Development of information security professional manpower," Public Administration Master's Thesis, Kyunghee University, 2001.
  3. S. Kim, D. Park, "The Research for Cyber Security Experts," Journal of the Korea Institute of Information and Communication Engineering, vol.21 no.6, pp. 1137-1142, Jun. 2017. https://doi.org/10.6109/JKIICE.2017.21.6.1137
  4. KISA Academy, Information Security Consulting Training Course, 2017. [Internet]. Available : http://academy.kisa.or.kr/main.kisa.
  5. Lyzeum Academy, Information Security Consulting Training Course, 2017. [Internet]. Available : https://www.lyzeum.com/board/board_list.asp?Boar_code=MP1174&Clas_Code=CC1580.
  6. W. Hung, "Problem-Based Learning: A Learning Environment for Enhancing Learning Transfer", New Directions for Adult and Continuing Education, vol. 2013, no 137, pp. 27-38, Spr. 2013. https://doi.org/10.1002/ace.20042
  7. D. C. Sharp, "Problem-Based Learning in an MBA Economics Course: Confessions of a First-Time User", New Directions for Teaching and Learning, vol 2003, no 95, pp 45-51, Oct. 2003. https://doi.org/10.1002/tl.112
  8. M. Yun, "Teaching Methods of Teaching and Writing using PBL - Focusing on Moral Subject," M.S. Thesis, Yonsei University Graduate School, Seoul, 2008.
  9. H. Park, "Study on Teaching and Learning Method of Music Expression Class using PBL," M.S Thesis, Kyung Hee University Graduate School, Seoul, 2014.
  10. H. Kim, "Effects of PBL Applied to a Teaching Training Course on Cognitive, Affective, and Social Features of Pre-service Teachers", Asia-pacific Journal of Multimedia Services Convergent with Art, Humanities, and Sociology, ISSN:2383-5287, vol.6, no.11, pp. 181-190, Nov. 2016.
  11. C. Oh and Y. Park, "Understanding of Information Security Consultant and Study of PBL," in Korea IT Services Society Fall Conference, pp.351-354, 2016.
  12. NCS Nation Competency Standards. NCS Information Technology Consulting Job Standards Rep. Korea, IT service management and provision Job standard British case, IT service management job standard Japan case, Korea Industrial Property Corporation, Ulsan, 2016.
  13. Information Security Consulting Service of AhnLab Co.Ltd, 2017. [Internet]. Available : http://www.ahnlab.com/kr/site/product/consultInfo.do.
  14. Information Security Consulting Service of SK INFOSEC Co. Ltd, 2017. [Internet]. Available : http://www.skinfosec.com/ko/consulting/scr_overview.jsp.
  15. F. Frank, "Problem-Based Learning", The Economics Network, University of Ulster, bt15 1ed, Belfast York Street, pp 4-5, Oct. 2010.
  16. S. Kwon, "The effect of subject learning using PBL on attitude and problem solving ability," M.S Thesis, Cheongju National University Graduate School, Cheongju, 2010.
  17. KISA ISMS Certification Criteria, 2017. [Internet]. Available : https://isms.kisa.or.kr/main/isms/intro/.
  18. Korea Government Notice, "Vulnerability Analysis Criteria for Major IT Infrastructure", Ministry of Science and ICT, Government Complex-Gwacheon, Gwacheon, Notice No. 2013-37, 2013.
  19. G. Rowe, G. Wright, "Expert Opinions in Forecasting: The Role of the Delphi Technique", In: Armstrong J.S. (eds) Principles of Forecasting. International Series in Operations Research & Mana, vol 30. Springer, Boston, MA, pp125-144, 2001.

Cited by

  1. 프로그래밍 직업능력개발훈련교사의 직업정체성 형성 과정에 대한 연구 vol.25, pp.2, 2017, https://doi.org/10.6109/jkiice.2021.25.2.294