The Journal of Society for e-Business Studies (한국전자거래학회지)

Society for e-Business Studies (한국전자거래학회)
권호 표지
DOI QR코드

DOI QR Code

A Design on Information Security Occupational Classification for Future Convergence Environment

미래 융합환경 기반의 정보보호 직업군 설계

  • Lee, Yunsoo (Korea Internet & Security Agency) ;
  • Shin, Yongtae (School of Computing, College of Information Science, Soongsil University)
  • Received : 2015.01.30
  • Accepted : 2015.02.19
  • Published : 2015.02.28
Download PDF
⟨ Previous Next ⟩

Abstract

Recently advanced security threats have increasingly occurred, and the necessity and importance of Information Security has been growing with the advent of the era of convergence beyond information-oriented age. Most domestic studies in the field of occupational classification of Information Security have only focused on technology-oriented occupations. Relatively little research has been carried out on the occupational classification in the view of convergence environment. Therefore, in this paper we gave a definition of Information Security occupations, classified them and draw required capabilities by occupations in order to design the occupational classification system of Information Security and the required capabilities for future convergence environment by analyzing the previous studies. We also reclassified the occupational classification and required capabilities by occupations, and verified the validity of them based on National Initiative for Cybersecurity Education's the occupational classification system of Information Security considering the future convertgence environment. It is expected that the results of this study will be employed as base data for manpower demand and supply and improvement of working conditions in the future convergence environments. In the future study we will build standardized instruction methods which provide occupational capabilities by using the required capabilities by occupations.

정보화 시대를 넘어 융합의 시대로 나아감에 따라 고도화된 보안위협이 발생하고, 그에 따라 정보보호에 대한 필요성 및 중요성은 더욱 커져가고 있다. 그러나 그간의 국내 연구들은 정보보호 기술 직업군 위주의 단편적인 분류를 수행하고 있으며 미래 융합환경에 대한 고려가 부족한 실정이다. 따라서, 본 논문에서는 미래 융합환경에 대비한 정보보호 직업분류체계 및 필요역량을 설계하기 위해서 기존 정보보호 직업군 분류체계 및 직업군별 필요역량에 대한 선행연구 분석을 통해 정보보호 인력의 정의를 내린 후 직업군 분류를 실시하고 직업군별 필요역량을 도출하였다. 세부적으로 미래 융합환경에 대해 고려하여 정보보호 직업분류체계를 구성한 미국의 NICE(National Initiative for Cybersecurity Education)를 기반으로 하여 국내 실정에 적합한 형태로 직업군 및 직업군별 필요역량을 재분류하고 타당성을 검증하였다. 본 연구결과는 미래 융합환경에 적합한 정보보호 인력의 수급차 해소 및 처우개선을 위한 기초 자료로서 활용할 수 있을 것이다. 또한 향후 연구를 통해 정보보호 직업군별 필요역량을 이용하여 해당 직업군에 필요한 융합적인 직무역량을 습득할 수 있는 표준화된 교육 훈련방법을 마련하는데 활용할 수 있을 것으로 기대된다.

Keywords

References

  1. Bae, Y. S. and Chang, H. B., "A Qualitative Research on ICT Policy Design for Small and Medium Business," The Journal of Society for e-Business Studies, Vol. 18, No. 1, pp. 57-70, 2013. https://doi.org/10.7838/jsebs.2013.18.1.057
  2. Bailey, J. and Stefaniak, G., "Preparing the information technology workforce for the new millennium," ACM SIGCPR Computer Personnel, Vol. 20, No. 4, pp. 4-15, 1999. https://doi.org/10.1145/571475.571476
  3. Carey, A., "2006 Global Information Security Workforce Study," IDC, 2006.
  4. Chai, S. M. and Kim, M. K., "A Road To Retain Cybersecurity Professionals : An Examination of Career Decisions Among Cybersecurity Scholars," Journal of The Korea Institute of Information Security and Cryptology, Vol. 22, No. 2, pp. 295-316, 2012.
  5. Chai, S. M., Bagchi, S., Goel, R., Raghav, H., and Upadhyaya, S., "A Framework for Understanding Minority Students' Cybersecurity Career Interests," Procedings of the Twelfth Americas conference on Information systems, pp. 3426-3432, 2006.
  6. Human Resources Development Service of Korea, "A Study on National Technical Qualifications, Engineer Information Security and Industrial Engineer Information Security," 2010.
  7. Kim, J. D. and Baek, T. S., "A Study on Essential Body of Knowledge and Education Certification Program for Information Security Professional Development," Journal of Digital Convergence, Vol. 9, No. 5, pp. 113-121, 2011.
  8. Kim, K. G., "Cybersecurity Career Roadmap," The Magazine of the IEIE, Vol. 41, No. 4, pp. 50-59, 2014.
  9. Korea Employment Information Service, "KECO," 2009.
  10. Lee, J. T., Kim, Y. H., Na, Y. S., and Chang, H. B., "A Study on IT Based Risk Management System Development for Business Continuity Management : Centering on Cases at Automobile Manufacturing Industry," The Journal of Society for e-Business Studies, Vol. 18, No. 2, pp. 69-79, 2013. https://doi.org/10.7838/jsebs.2013.18.2.069
  11. NIST, "National Initiative for Cybersecurity Education(NICE)," 2011.
  12. United States Department of Homeland Security, "Information Technology(IT) Security Essential Body of Knowledge (EBK)" : A Competency and Functional Framework for IT Security Workforce Development," 2008.
  13. Yoo, H. W. and Kim, T. S., "Information Security Professionals' Turnover Intention and Its Causes," Journal of the Korea Institute of Information Security and Cryptology, Vol. 20, No. 1, pp. 95-104, 2010.

Cited by

  1. Security experts’ capability design for future internet of things platform vol.72, pp.1, 2016, https://doi.org/10.1007/s11227-015-1490-0
  2. A Design on Information Security Core Knowledge for Security Experts by Occupational Classification Framework vol.20, pp.3, 2015, https://doi.org/10.7838/jsebs.2015.20.3.113
  3. An empirical study on security expert ecosystem in the future IoT service environment vol.52, 2016, https://doi.org/10.1016/j.compeleceng.2016.04.001
  4. Security Knowledge Classification Framework for Future Intelligent Environment vol.20, pp.3, 2015, https://doi.org/10.7838/jsebs.2015.20.3.047