• Information Systems Review
• /
• v.14 no.2
• /
• pp.21-46
• /
• 2012

Organizations that make widely use of information technologies can be more efficient. But, the dependence of information technologies leads to an increase in threat of security. This is the reason why organizations are investing in security risk management (SRM) which is designed to protect of information assets. Noting a lack of empirical research in SRM, we investigate the key factors having a direct effect on performance of SRM. Particularly, this study focused on identifying factors influencing awareness of SRM and Intention to develop SRM in Organization. Based on relevant literature review, six motivating factors, including Behavior for Security Management, Compliance with Security Policy, perceived Benefits, Perceived Sacrifice, Social Pressure, Experience of Security Risks, were initially identified. The results indicated that most perception factors were positively related to Organization's intention to develop SRM and awareness of SRM, which then had positive impact on performance of SRM. But Perceived Sacrifice was not significantly related to two variables which is Organization's intention to develop SRM and awareness of SRM.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.6
• /
• pp.243-253
• /
• 2016

Company strengthen various information security policy and activity in order to protect important information assets that the company has been dealing with and prevents information security accidents such as personal information spill. However, some study said these policy and activity increase employee's information security stress and still information security accidents by employees have happened so far. Therefore, this study will review preceding theories and studies used in many various fields including Information Security areas needed to explain human's behavioral intention and determinants and summarize characteristic factors that have influence on control of human's behavioral intention in the results of the above theories and studies. Secondly, this study will implement exploratory analysis on characteristic factors perceived by employees that has been stemmed from various company's information security policy and activity in order to increase employee/'s information security compliance intention under the its surrounding security circumstance. Thirdly, this study will fulfil multiple-regression analysis in order to identify cause-effect relationship between employee's perceived information security stress and employee's perceived characteristic factor. Finally, this study will explain casual relationship with same analysis methods between information security stress and information security compliance intention based on results of the survey conducted on the financial firm's employees with same analysis methods.

• Journal of Convergence Society for SMB
• /
• v.6 no.4
• /
• pp.9-15
• /
• 2016

Elderly welfare practitioners study on job performance systems and information security management though important information, including personal information, social services for the elderly extent of protection is insufficient. The elder welfare institution engaged in information security of whether the research was conducted to enhance information security capabilities against How does affect the information security acts as a parameter. The empirical research was conducted by latent mean analysis by gender of workers. As a result of the study, there were differences among the groups according to gender in relation to information security awareness, information security capacity enhancement, and information security behavior. There were gender differences in information security behavior. It has been found that the strengthening of information security has an important influence on information security behavior.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.5
• /
• pp.79-92
• /
• 2006

Computer virus is one of the most common information security problems in the information age. This study investigates the difference of users' perception of security elements between large companies and small-and-medium companies on the subject of computer virus. Based on t-test, no significant difference is found in users' perception on security threat and security risk While users satisfy with the level of security policy, there is a significant difference on the level of security policy recognition between the two sizes of companies. Moreover, there are significant differences on information assets, security vulnerability and security effectiveness, which implies difference in the users' perception on importance of assets, exposure to threats and computer virus prevention efforts between large and small-and-medium companies.

• Journal of Digital Convergence
• /
• v.11 no.1
• /
• pp.27-38
• /
• 2013

There are two elements of security policy that can have a bearing on its effectiveness: content and form. While the content of the security policy has been investigated extensively in the most of the previous studies, there is very little literature on the form of the security policy. Since the form of the policy influences its success, it is important to understand how to articulate the form of a security policy. Thus, the aim of this study is to investigate the relationship between security form and policy compliance of employees. Research results find that dimensions of security form have effect on attitude towards security compliance, subjective norm, perceived behavioral control, and perceived response costs, and besides attitude towards security compliance and subjective norm have an effect on persistent security compliance intention. The conclusions and implications are discussed.

• Journal of Venture Innovation
• /
• v.5 no.4
• /
• pp.91-108
• /
• 2022

This study is an empirical analysis regarding what kind of factors affect the intention to use autonomous vehicles. For the empirical analysis the research model was derived from value-based adoption model base and integrated some aspects that only autonomous vehicles have. At default variables of VAM are usefulness, enjoyment, technicality, perceived cost, some autonomous vehicle related variables were added, and those are convenience, safety, security, social influence. A survey was done in order to empirically analyze with this research model, and 216 valid survey answers were chosen to analyze. Empirical analysis was done by structural equation using AMOS24. The result of empirical analysis were as follows. Variables usefulness, enjoyment, safety, security had a significant positive effect on perceived value. Technicality and perceived cost had a significant negative effect of perceived value. In addition, security and social influence had no significant effect on perceived value. Furthermore, perceived value had significant positive effect on intention to use. Among the variables that came out to be significantly positive, the most influencing variable was safety, followed by convenience, perceived cost, enjoyment, usefulness and then technicality. In addition, the analysis of mediating effect of perceived value shows that usefulness, enjoyment, convenience, safety, technicality, perceived cost had mediating role towards intention to use. However, security and social influence had no siginificant mediating effect towards intention to use. Considering all these research results this study has provided theoretical and practical implications to researchers on the intention to use autonomous vehicles.

• Management & Information Systems Review
• /
• v.32 no.2
• /
• pp.213-235
• /
• 2013

This study investigates proper solution available for flexibly management pointing out reality a lack of understanding and interest for executing security management while importance of firm security management gets bigger. Accordingly, this study suggests 4 exogenous variables such as organizational commitment, experience of security risks, perceived benefits, partner interdependence as factors of having influence upon development and implementation in security management. It suggests IT volatility as moderating variable, which will intensify between development and implementation. The research model was tested by using Structural Equation Modeling, via Amos 19.0 analysis on a sample collected from 209 firms. As a result, the remaining variables except partner interdependence showed statistically positive influence. The implications of the findings suggest a new theoretical framework of the security management and offers important solutions for the practical application guidelines.

• Review of KIISC
• /
• v.16 no.2
• /
• pp.18-25
• /
• 2006

네트워크 보안 상황인지 기술이란 현재 네트워크에서 보안과 관련하여 무슨 일이 발생하고 있는 지를 관리자에게 인지시켜 주는 기술이다. 이는 침입탐지시스템이나 방화벽에서 수행하는 잠재적인 공격자의 패킷을 필터링하거나 보고하는 것과는 달리 현재 네트워크에서 발생하고 있는 상황(침입 또는 공격 등)을 알려주는 것에 초점을 맞춘다. 네트워크 보안 상황인지 기술에는 데이터 선정 및 수집, 특성 인자 추출, 연관성 분석, 데이터마이닝, 패턴분석, 이벤트시각화 등과 같이 매우 다양한 세부 기술들이 있지만, 본 고에서는 이벤트 종류에 따른 시각화 기술들의 현황과 ETRI에서 개발한 Visual Scope에 대해 살펴보고자 한다.

• Journal of Digital Convergence
• /
• v.17 no.1
• /
• pp.141-148
• /
• 2019

The advancement of digital technology accelerates intelligence, convergence, and demands better change beyond traditional methods in all aspects of business models and technologies, infrastructure, processes, and platforms. Risk management is becoming more important because of various security risks, depending on the changing business environment and aligned to business goals is emerging from the existing information asset based risk management. For business aligned risk management, it is essential to understand the risk appetite for achieving business goals, which provides a basis for decision-making in subsequent risk management processes. In this paper, we propose a framework for analyzing the risk management framework, pre - existing risk analysis, and protection motivation theory that influences decisions on security risk management. To examine the practical feasibility of the developed risk appetite framework, we reviewed the applicability and significance of the proposed risk appetite framework through an advisory committee composed of security risk management specialists.

• The Journal of the Korea Contents Association
• /
• v.11 no.6
• /
• pp.372-384
• /
• 2011

The purpose of this study is empirically analyzing the effects of external factors(user knowledge, service characteristics, security), perceived risk, trust, ease of use, and usefulness on continuous customer acceptance in Internet banking. To achieve the goal, we develop the extended Technology Acceptance Model(Ex-TAM) based in the theoretical backgrounds of the Technology Acceptance Model(TAM). To test the new model(Ex-TAM), path analysis is performed by AMOS 4.0 package as a statistical tool. The finding indicate that 4 factors(service characteristics, ease of use, usefulness, trust) are significant. However, 2 factors(security, perceived risk) are not significant, user knowledge is partly significant.