• Journal of Korea Society of Digital Industry and Information Management
• /
• v.19 no.2
• /
• pp.89-102
• /
• 2023

The purpose of this study is to examine what are the important variables for information security compliance and whether the information security investment by the industry is different. To comply with the information security policies, the organization must establish measures to prevent or resolve information security incidents. This research process consists of four stages, and the analysis method was conducted with the categorical regression analysis and the correspondence analysis. The first analysis analyzed the independent variables that affect security regulations compliance. The rest of the analysis was conducted by industry in the order of security compliance regulations, manpower investment, and budget investment. As a result of the first analysis, this had positive effects on an organization and personal information protection awareness, joint operation organization of information protection, manpower and budget investment, corporate size, and industry. The correspondence analysis was conducted from the second analysis to the fourth analysis and it analyzed the differences in information security investment by industry. The second analysis showed that the construction industry, science and technology industry, and finance industry have higher compliance with security regulations than other industries. The third analysis showed that the financial industry and the science and technology industry were higher than other industries. The last analysis showed that the financial industry was higher than other industries. The theoretical contribution of this study provided the basis for updating the information security theory. The practical contribution of this study requires government support to reduce information security deviations by industry.

• Journal of National Security and Military Science
• /
• s.9
• /
• pp.191-206
• /
• 2011

This study is presented a scheme that information security research institutions located within the central area can be participated actively m national defense information security industry. The many of information security company are located in the central region(Daejeon) and there are many research institutes. However, the participation rate of the Defense Information Security Industry is not high compared to other provinces. Although a variety of reasons, there are no the Defense Privacy Office that could have a role in protocol and the information about the industry. In addition, the Department of Defense related to national defense information security industry have not information about research institutions in the central region and are not well to identify the characteristics of institutional technology and research. So in this paper we presented some of the alternatives. 1) Building Pool involved in information security research according to the characteristics of each agency 2) Constitute the research community between Research institutions and the company 3) Build the technology cooperation between research institutions and the defense research institutes 4) Utilization of industry/university/research institutes related to Information Security Industry 5) Make strategic alliances among research institutes based on technical expertise.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.20 no.1
• /
• pp.119-131
• /
• 2024

The purpose of this study is to examine the operational performances by the investment level of information security in companies. The theoretical background summarized the meaning of information security, management information security, and network security. The research process was carried out in four stages. As a result of the analysis, the level of information security was classified into four groups, and the difference in operational performance was confirmed. According to the categorical regression analysis of the three dependent variables, independent variables such as network threats, non-network threats, executive information security awareness, industry, organizational size, and information security education all affected information security regulations, in-house information security checks, and information security budget investments. The theoretical implications of this study have contributed to updating the latest information security theory. Practical implications are that rational investments should be made on the level of information security of companies.

• ETRI Journal
• /
• v.37 no.2
• /
• pp.428-437
• /
• 2015

This study was conducted to analyze the effect of information security activities on organizational performance. With this in mind and with the aim of resolving transaction stability in the securities industry, using an organization's security activities as a tool for carrying out information security activities, the effect of security activities on organizational performance was analyzed. Under the assumption that the effectiveness of information security activities can be bolstered to enhance organizational performance, such effects were analyzed based on Herzberg's motivation theory, which is one of the motivation theories that may influence information protection activities. To measure the actual attributes of the theoretical model, an empirical survey of the securities industry was conducted. In this explorative study, the proposed model was verified using partial least squares as a structural equation model consisting of IT service, information security, information sharing, transaction stability, and organizational performance.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.2
• /
• pp.385-396
• /
• 2014

With development of Information Security industry and recognizing value of information as an asset, demand for information protection is foreseen to be expanding gradually. The Information Security industry in this paper defines as an industry where relative products as well as consulting services are developed, produced, and distributed. This study reclassifies sub-sectors of the Information Security industry based on the definition of product and services defined above, and it uses the RAS technique to broaden a scope of an input-output table to include the Information Security industry with purpose of analyzing economic spill-over effects industry will encounter during 2013~2017. Results show that investment in the Information Security industry during 2013-2017 induces total economic outputs to KRW 3,206.9 billion and is expected to employ additional 27,406 workforce.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.10a
• /
• pp.86-87
• /
• 2014

Although the importance of information security industry has been growing these days, the research of industrial respect for the industry has been rarely performed. This paper provides one definition of the information security industry and the industry classification system according to the definition. The purpose of this study is to provide the basic data for the industry development strategy by analyzing economic ripple effect on the domestic information security industry.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.9 no.3
• /
• pp.99-106
• /
• 2013

There has been a lot of growth more than 10% in the information security industry. In accordance with the industrial growth, it increased needs for the information security manpower development as a national problem. But there is an imbalance between demand and supply of the information security manpower in terms of the quantity and quality. It is mainly caused by the curriculum of the information security is made considering for suppliers not for demanders. As a resolution to solve this problem, we suggest the curriculum of information security for vocational education and training. As the information security area is wide in view of required knowledge and technology, we design the curriculum by selecting major occupation type from the information security manpower distribution and products and then by investigating the job description using NCS(National Competency Standard). And we compared the curriculum to that of two or three year diploma courses in Korea.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.1
• /
• pp.103-109
• /
• 2016

The information security industry is technology-intensive, high value-added industries. South Korea's response has excellent ICT skills and experience and skills in a variety of cyber attacks, has become a benchmark in the world. However, the small size of the domestic information security company, supporting infrastructure is lacking. Domestic information security industry is the primary condition to activate the export. For the export of high value-added enterprise information security products and services, it is necessary the establishment of the domestic IT information security infrastructure of the industrial promotion is based overseas. Come to analyze the domestic information security industry, capital of this small, market reclamation of overseas expansion, information, manpower shortage was a problem. This fact, combined losses caused by cost-free period AS. Therefore, the study on information security in the infrastructure industry overseas bases is necessary. How to select and analyze the causes of infrastructure in selected overseas offices. By utilizing the infrastructure of overseas bases, can raise the added value of the products and services of the Information Security company, we can enable the export of small and medium Information Security company from overseas offices.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.13 no.1
• /
• pp.72-80
• /
• 2020

The information security industry is increasing in importance and market size due to the development of the fourth industry such as artificial intelligence, IoT and etc. This paper was analyzed the impact of the increasing information security industry on the domestic economy by using the Input-Output table. It was classified industrial sectors into information security products and information security services industries, and then reclassified the Input-Output table into 35 industries. And it was estimated the production inducement coefficient, the value-added inducement coefficient, employment inducement coefficient, and etc. The production inducement coefficients of the information security product and service industry are each 1.571, 1.802, and the value-added inducement coefficients of them are each 0.632, 0.997, and the employment inducement coefficients of them are each 2.494, 7.361. Only the value-added inducement coefficient of the information security service industry is slightly higher than the total industry, and the remaining inducement coefficients are all lower than the total industry. In addition, the information security product industry has no the forward and backward linkage effect, and the information security service industry has no the backward linkage effect. But it has the forward linkage effect. As a result of analyzing the economic ripple effect of the information security industry, the production inducement amounted to 359.9 trillion won, value-added inducement amounted to 164.8 trillion won, and employment inducement amounted to 803 thousand people.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.6 no.4
• /
• pp.307-317
• /
• 2010

The majority of financial and general business organizations have had individual damage from hacking, worms, viruses, cyber attacks, internet fraud, technology and information leaks due to criminal damage. Therefore privacy has become an important issue in the community. This paper examines various elements of the information security management system and discuss about Information Security Management System Models by using the analysis of the financial statue and its level of information security assessment. These analyses were based on the Information Security Management System (ISMS) of Korea Information Security Agency, British's ISO27001, GMITS, ISO/IEC 17799/2005, and COBIT's information security architecture. This model will allow users to manage and secure information safely. Therefore, it is recommended for companies to use the security management plan to improve the companies' financial and information security and to prevent from any risk of exposing the companies' information.