참고문헌
- 김수엽, 최종희, 김찬호(2009), 항만물류보안산업의 발전방안 연구, 한국해양수산개발원
- 김정덕(2000), ISO 정보기술 보안관리지침 표준화동향, 한국정보보호진흥원
- 노순동(2004), "기업체의 효율적인 보안관리 모델", 산업보안논총 창간호, pp. 79-101.
- 문용은, 박유진(2002), "IS 아웃소싱의 위험과 아웃소싱의 정도에 관한 연구", 정보시스템 연구 11권 1호, pp. 1-28.
- 박준경, 김범수, 조성우(2011), "기업 정보보호 활동을 위한 조직 구성원들의 태도와 주요 영향 요인", 경영학연구 40 권 4호, pp. 955-985.
- 엄정호(2003), "정보시스템의 체계적인 위험관리를 위한 실용적인 위험감소 방법론에 관한 연구", 정보처리학회논문지 10권 C호, pp. 125-132.
- 이문구(2004), "정보시스템 보안관리를 위한 위험분석 방법론", 전자공학회논문지 41권 6호, pp. 13-22.
- 이민섭(2003) "정규학교에서의 정보보호 교육 강화 방안", 정보보호학회지 13권 6호, pp. 67-78.
- 이재원, 류형근, 안정흠(2010), "국내물류기업의 물류보안 인식에 관한 연구", 한국항해항만학회지 34권 1호, pp. 45-50.
- 이홍걸(2009), "주요 컨테이너 터미널의 정보보호 수준 평가에 관한 연구", 한국항해항만학회지 33권 10호, pp. 735-742.
- 임채호(2006) "효과적인 정보보호인식제고방안", 정보보호학회지 16권 2호, pp. 30-36.
- 정우리(2012), "해상보안관리 분석모델 개발에 관한 연구", 한국항해항만학회지 36권 1호, pp. 9-14.
- 정보통신부(2010), 국가정보보호백서
- 홍일유, 이종삼(2000), "국내기업의 정보시스템 보안위협 인식에 관한 연구", 경영학회지 27권 2-1호, pp. 157-185.
- Broderick, J.S.(2001), "Information Security Management -When Should it be Managed?", Information Security Technical Report, Vol.6, No.3, pp. 12-18.
- BSI(2005), Code of Practices for Information Security Management. London: British Standards Institution.
- Choi, N., Kim, D and Whitmore, A.(2008), "Knowing is Doing", Information Management & Computer Security, Vol.16, No.5, pp. 484-501. https://doi.org/10.1108/09685220810920558
- CMU/SEI(1999), Operationally Critical Threat, Asset, Vulnerability Evaluation(OCTAVE) Framework, Ver. 1.0, CMU/SEI-99-TR-017. Carnegie Mellon University/ Software Engineering Institute, June.
- CSE(1996), Guide to Security Risk Management for IT Systems, Communications Security Establishment, Government of Canada.
- Dhillon, G. and Backhouse, J.(2000), "Information System Security Management in the New Millennium", Communications of the ACM, Vol.43, No.7, pp. 125-128. https://doi.org/10.1145/341852.341877
- Finne, T.(1998), "A Conceptual Framework for Information Security Management", Computers & Security, Vol.17, No.4, pp. 303-307. https://doi.org/10.1016/S0167-4048(98)80010-2
- Haller, S. C(2002), "PRIVACY: WHAT Every Manager Should Know", The Information Management Journal, Vol.36, No.3, pp. 33-44.
- Hawkins, S., Yen, D.C. and Chou, D.C.(2000), "Awareness and Challenges of Internet Security", Information Management & Computer Security, Vol. 8, No.3, pp. 131-143. https://doi.org/10.1108/09685220010372564
- ISO/IEC(2005), Guideline for the Management of IT Security(GMITS), International Organization for Standardization/International Electrotechnical Commission.
- Loch, K.D., Carr, H.H. and Warkentin, M.E.(1992), "Threats to Information Systems: Today's Reality, Yesterday's Understanding", MIS Quarterly, Vol.16, No.2, pp. 173-186. https://doi.org/10.2307/249574
- McCoy, C and Fowler, R.T.(2004), "You are the Key to Security :Establishing a Successful Security Awareness Program", ACM SIGUCCS Conference, No.32, pp .346-349.
- NIST(2001), Security Self-Assessment Guide for Information Technology Systems. Special Publication 800-26.
- NIST(2002), Risk Management Guide for Information Technology Systems. Special Publication 800-30.
- Nosworthy, J. D.(2000), "Implementing Information Security in the 21st Century-Do You Have the Balancing Factors?", Computers & Security, Vol.19, No.4, pp. 337-347. https://doi.org/10.1016/S0167-4048(00)04021-9
- Petrova, K., Sinclair, R.(2003), "Expanding the Understanding: Transactions and Security Awareness for Business Students", New Zealand Journal of Applied Computing and Information Technology, Vol.7, No.1, pp. 82-88.
- Pounder, C.(2003), "Security with Unfortunate Side Effects", Computers & Security, Vol.22, No.2, pp. 115-118. https://doi.org/10.1016/S0167-4048(03)00206-2
- Rainer, R., Snyder, C. and Carr, H.(1991), "Risk Analysis for Information Technology", Journal of Management Information System, Vol.8, No.1, pp. 129-147. https://doi.org/10.1080/07421222.1991.11517914
- Rezgui, Y. and Marks, A.(2008), "Information Security Awareness in Higher Education: an Exploratory Study", Computers & Security, Vol.27, No.7, pp. 241-253. https://doi.org/10.1016/j.cose.2008.07.008
- Ronald, C., Curtis, C. and Aaron, J.(2007), "Phishing for User Security Awareness", Computer & Security, Vol.26, pp. 73-80. https://doi.org/10.1016/j.cose.2006.10.009
- Spurling, P.(1995), "Promoting Security Awareness and Commitment", Information Management & Computer Security, Vol.3, No.2, pp. 20-26.
- Straub, D. and Nance, W.(1990), "Discovering and Disciplining Computer Abuse in Organizations: A Field Study", MIS Quarterly, Vol.14, No.1, pp. 45-60. https://doi.org/10.2307/249307
- White, S.(1998), "Open Problems in Computer Virus Research", Virus Bulletin Conference, Oct 22.
피인용 문헌
- The Effects of User's Security Awareness on Password Security Behavior vol.14, pp.2, 2013, https://doi.org/10.9728/dcs.2013.14.2.179