The Journal of Society for e-Business Studies (한국전자거래학회지)

Society for e-Business Studies (한국전자거래학회)
권호 표지
DOI QR코드

DOI QR Code

A Study on the Corporate Members' Autonomy-centric Security Management in the Context of Internet Companies

인터넷기업에서 기업구성원 자율중심의 보안관리 방안 연구

  • Seo, Hyunjin (Department of Security Convergence, Graduate School, Chung-Ang University) ;
  • Kim, Jungduk (Department of Industrial Security, Chung-Ang University)
  • Received : 2019.11.04
  • Accepted : 2020.01.08
  • Published : 2020.02.28
Download PDF
⟨ Previous Next ⟩

Abstract

In the rapidly changing business environments, Internet companies have the characteristics of organizational culture that emphasize the flexible, open and autonomous nature of organizational culture, and are transforming into flexible smart working environment that is independent of time and place. Despite such an Internet business environment, the security management system still fails to reflect the business environment and organizational culture of the Internet company, and the control-focused security management system in the Internet company is facing limitations. Therefore, this study designed and developed Corporate members' autonomy-centered security items that considering the characteristics of the business environment and organizational culture of the Internet company. The results of this study are expected to be used to implement and operate corporate members' autonomy-centered security management system in internet companies with an agile business environment and an autonomous organizational culture.

급변하고 있는 비즈니스 환경에서 인터넷기업들은 비즈니스 특성상 유연하고 개방적이며 자율성을 강조하는 조직문화의 특징을 가지며, 시간과 장소에 구애받지 않는 유연한 스마트 업무환경으로 변화하고 있다. 이러한 인터넷 비즈니스 환경에도 불구하고 보안관리체계는 여전히 인터넷기업의 비즈니스 환경과 조직문화를 반영하지 못하고 있으며, 이로 인해 인터넷기업에서의 통제중심의 보안관리 방식은 한계에 부딪히고 있다. 따라서 본 연구에서는 인터넷기업의 비즈니스 환경과 조직문화의 특성을 고려한 보안관리의 연구를 위해 기업구성원 자율중심의 보안역할 항목을 설계하고 개발하였다. 본 연구결과는 민첩한 비즈니스 환경과 자율적인 조직문화의 인터넷기업에서 기업구성원 자율중심의 보안관리체계를 구현하고 운영하는데 활용될 것으로 기대된다.

Keywords

References

  1. Cha, I. H., "A study on the development of personnel security management for protection against insider threat," The Journal of the Korea Institute of Electronic Communication Sciences, Vol. 3, No. 4, pp. 210-220, 2008.
  2. Education Research Institute Seoul National University, Dictionary of the Terms of Education, 1994.
  3. Gartner, "Maverick research: Kill off security controls to reduce risk," Sep. 2012.
  4. Hackman, J. R. and Oldham, G. R., “Development of the job diagnostic survey,” Journal of Applied Psychology, Vol. 60, No. 2, pp. 159-170, 1975. https://doi.org/10.1037/h0076546
  5. Huumonen, J., “Conceptualizing agility of enterprises,” Human Factors and Ergonomics in Manufacturing & Service Industries, Vol. 21, No. 2, pp. 132-149, 2011. https://doi.org/10.1002/hfm.20255
  6. ISO/IEC 27001:2013, Information security-Security techniques-Information Security Management Systems-Requirements, ISO, 2013
  7. Jeffrey, D. W. and Paul, B. L., "Control-related motivations and information security policy compliance: The role of autonomy and efficacy," Journal of Information Privacy and Security, Vol. 9, No. 4, 2013.
  8. Kang, H. S. and Kim, J. D., "A study on information security departmentalization model," The Journal of Society for e-Business Studies, Vol. 20, No. 2, pp. 167-174, 2015. https://doi.org/10.7838/jsebs.2015.20.2.167
  9. Kim, J. D., “Major issues and future strategies for information protection management paradigm shift,” Review of KIISC, Vol. 23, No. 5, pp. 5-8, 2013.
  10. Kim, J. D., Kim, B. K., Park, S. H., and Kim, K. W., "Considerations for information protection innovation in a self-regulated environment," Review of KIISC, Vol. 25, No. 4, pp. 63-68, 2015.
  11. Kim, J. S., Kim, J. B., and Shin, Y. T., "A study on the effect of CISO's recognition of the role to the information security performance," Korean Management Consulting Review, Vol. 12, No. 4, pp. 21-34, 2012.
  12. Kim, K. W. and Kim, J. D., “A study on effects of implementing information security governance by information security committee activities,” Journal of the Korea Institute of Information Security & Cryptology, Vol. 25, No. 4, pp. 915-920, 2015. https://doi.org/10.13089/JKIISC.2015.25.4.915
  13. Kim, S., “Internet business environment,” e-Business Review, Vol. 3, No. 1, pp. 247-272, 2002.
  14. KISA, A Research on ISMS Maturity Level and Evaluation Methodology, 2010.
  15. Ko, E. J., Lee, S. J., and Kim, S. S., “Effects of job autonomy and self-efficacy on creative behavior: Focusing on the mediation effect of knowledge sharing in smart work environment,” Knowledge Management Research, Vol. 19, No. 2, pp. 163-185, 2018. https://doi.org/10.15813/kmr.2018.19.2.009
  16. Lee, C. S., “A research on the revenue structure model for internet business,” The Journal of Internet Electronic Commerce Research, Vol. 9, No. 3, pp. 93-113, 2009.
  17. Lee, J. K., Na, O. K., and Chang, H. B., “A study on the research security system of the researcher-centric,” The Journal of Society for e-Business Studies, Vol. 23, No. 3, pp. 65-84, 2018. https://doi.org/10.7838/JSEBS.2018.23.3.065
  18. Lee, M. R. and Ju, S. H., “Policy suggestions for autonomy of university,” CNU Journal of Educational Studies, Vol. 27, No. 1, pp. 69-93, 2006.
  19. McClure, M. L., "Managing the professional nurse: Part II. Applying management theory to the challenges," JONA: The Journal of Nursing Administration, Vol. 14, No. 3, 1984.
  20. Ministry of Science and ICT, Korea Internet & Security Agency, "Critical information infrastructure protection technical vulnerability & analysis assessment detailed guides," 2017.
  21. Ministry of Science and ICT, Ministry of the Interior and Safety, Korea Communications Commission and Korea Internet & Security Agency, Information & Personal Information management System Guidebook, 2019.
  22. Ministry of SMEs and startup and Korea Foundation for Corporation of Large Small Business, Rural Affairs, "SMEs Technical Protection Guide," 2018.
  23. Ministry of Trade, Industry and Energy, "White paper of trade, industry and energy(part of industry)," 2018.
  24. National Information Society Agency, "2017 Smart work survey report," 2017.
  25. Netflix Culture, Https://jobs.netflix.com/culture.
  26. NIST, "Security and Privacy Controls for Federal Information Systems and Organizations (NIST SP 800-53 R4)," 2013.
  27. Pfeffer, J., "The human equation: Building profits by putting people first," Harvard Business School Press, 1998.
  28. Rha, H. D., "A theoretical comparative study of human resource security based on Korean and int'l information security management systems," Journal of Convergence for Information Technology, Vol. 6, No. 3, pp. 13-19, 2016. https://doi.org/10.14801/jaitc.2016.6.1.13