• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.3
• /
• pp.673-685
• /
• 2017

STI(Social Trust Index) indicates levels of trustworthiness, honesty and reliability among people in a society. Since the STI varies in countries, security control on cyber space should be applied differently according to the STI so that companies can protect their assets efficiently and effectively. We compare STIs between Korea and United States using the Diamond Model and investigate how the STIs affect corporate security controls in those two countries. We finally present a formula using AHP (Analytic Hierarchy Process) to measure levels of corporate security controls in different countries.

• Korean Security Journal
• /
• no.61
• /
• pp.163-179
• /
• 2019

The purpose of this study is to analyze the effect of service quality of security safety system users on corporate image and customer satisfaction. To confirm this through empirical analysis, a survey was conducted on about 200 users nationwide for about 40 days from May 2 to June 12, 2019. The survey was composed of "service quality, corporate image and customer satisfaction". The empirical analysis was conducted mainly on the analysis of importance, reliability, validity and correlation. This study used SPSS WIN 18.0 to calculate structural equations and exploratory factors. The research results are as follows: The users of the security safety system showed that the better the service quality, the better the corporate image. The better the corporate image, the higher the customer satisfaction. Also, the better the service quality, the higher the customer satisfaction. Therefore, each security safety system company should steadily improve the service quality to improve customer satisfaction.

• Journal of Information Technology Applications and Management
• /
• v.18 no.2
• /
• pp.91-108
• /
• 2011

Enormous losses of shareholders and consumers caused by the risks threatening today's business (e.g., accounting fraud and inside trading) have ignited the necessity of international regulations on corporate ethics and internal control, such as Basel II and SOX. Responding to these regulations, companies are establishing governance system, applying it consistently to the core competency of the company, and increasing the scope of the governance system. Recently occurred security related incidents require companies to take more strict accountability over information security. One of the results includes strengthening of legislation and regulations. For these reasons, introduction of information security governance is needed. Information security governance governs the general information security activities of the company (establishment of information security management system, implementation of information security solutions) in the corporate level. Recognizing that the information security is not restricted to IT domain, but is the issue of overall business, this study develops information security governance framework based on the existing frameworks and systems of IT governance. The information security governance framework proposed in the study include concept, objective, and principle schemes which will help clearly understand the concepts of the information security governance, and execution scheme which will help implement proper organization, process and tools needed for the execution of information security governance.

• Journal of Information Technology and Architecture
• /
• v.11 no.2
• /
• pp.143-155
• /
• 2014

In recent years, domestic electronics, banking, electricity, services, manufacturing, pharmaceutical, corporate type and malicious hackers is corporate security through the accident occurred and the resulting loss of corporate information and the damage each year is steadily increasing. Many companies have responded to domestic business activities and to protect critical information related to laptops, smart phones, tablets, and introduced a variety of Endpoint security solutions within. However, being introduced to senselessly Endpoint security solution across the over-budget, with the same features and performance, such as conflicts and problems arise, resulting in additional maintenance costs, in an effort to resolve the conflict in the operational security of the IT department's new difficulty in becoming. Here is the introduction and operation of these Endpoint security solutions in order to solve the problem on employees's PC into the center of the information security governance based on Endpoint security solution to provide the process for determining the solutions presented.

• Asia pacific journal of information systems
• /
• v.23 no.4
• /
• pp.129-149
• /
• 2013

According to the development of new Information Technologies, firms consistently invest a significant amount of money in IT activities, such as establishing internal and external information systems. However, several anti-Information activities-such as hacking, leakage of information and system destruction-are also rapidly increasing, thus many firms are exposed to direct and indirect threats. Therefore, firms try to establish information security systems and manage these systems more effectively via an enterprise perspective. However, stakeholders or some managers have negative opinions about information security systems. Therefore, in this research, we study the relationship between multibusiness firms' performance and information security systems. Information security indicates physical and logical correspondence of information system department against threats and disaster. Studies on information security systems suggested frameworks such as IT Governance Cube and COBIT Framework to identify information security systems. Thus, this study define that information security systems is a controlled system on enterprise IT process and resource on IT Governance perspective rather than independent domain of IT. Thus, Information Security Systems should be understood as a subordinate concept of IT and business processes. In addition, this study incorporates information capability to information security system literature to show the positive relationship between Information Security Systems and Corporate Performance. The concept of information capability suggested that an interaction of human, information, technical and an effect on corporate performance using three types of capability (IT Practice, Information Management Practice, Information Behaviors and Values). Information capability is about firms' capability to manage IT infrastructure and information as well as individual employees who use IT infrastructure and information. Thus, this study uses information capability as a mediating variable for the relationship between information security systems and firms' performance. To investigate the relationship between Information Security Systems and multibusiness firms' performance, this study extends the IT relatedness concept into Information Security Systems. IT relatedness provides understanding of how corporations cope with conflicts between headquarters and business units to create a synergy effect and achieve high performance using IT resources. Based on the previous literature, this study develops the IT Security Relatedness model. IT Security Relatedness is our main independent variable, while Information Capability and Information Security Performance are mediating variables. To control for the common method bias, we collect each multibusiness firm's financial performance and use it as our dependent variable. We find that Information Security Systems influence Information Capability and Information Security Performance positively, and these two variables consequently influence Corporate Performance positively. In addition, this result indirectly shows that corporations under a multibusiness environment can obtain synergy effects using the integrated Information Security Systems. This positive impact of Information Security Systems on multibusiness firms' performance has an important implication to various stakeholders. Therefore, multibusiness firms need to establish Information Security Systems to achieve better financial performance.

• Journal of Convergence Society for SMB
• /
• v.2 no.2
• /
• pp.43-49
• /
• 2012

Recently, the safety of being processed in a corporate enterprise with a wide range of IT skills applied to the Corporate Affairs information services are increasing requirement. Businesses that are required by various IT corporate information technology services to companies that need to protect information being leaked to other companies, a security incident has been applied and is growing, but is lacking about how to respond to the protection of corporate information services. In this paper, the information that is important in the corporate authority by the user's access control model to reduce the number of security incidents such as information leakage and security services for enterprise informatization is proposed. The proposed model can be used in order to block the access of the users to access information managed by a central administrator role and the rights of users to access information any abnormality has been captured. In addition, the proposed model can take advantage of protecting corporate information from the systematic recovery and operational continuity strategies to build your company's information services.

• Journal of the Korea Society of Computer and Information
• /
• v.12 no.4
• /
• pp.239-248
• /
• 2007

There's been a difficulty for general corporate to adopt recent incident response study because those studies focus on nation wide CERT Coordination Center or large organization aspect. This study is focus on study and design on security ticket based CERT system through analysis Security management's threat element, attack element, response element and it also help general corporate establish incident response process that is adjusted on IT operation. Confirmed CERT model's effectiveness and effect of quantitative Security incident management way that propose executing Security incident response experiment on the basis of this way. This study which provides general corporate oriented CERT model can be used to improve corporate's capability of responding incident by quantified management technique and select incident response SLA indicator. Already, formation which operate CERT can heighten corporation's information protection level by measure Security incident response result as metrical and analyze and improve problem continuously.

• KSCI Review
• /
• v.15 no.1
• /
• pp.141-150
• /
• 2007

There's been a difficulty for general corporate to adopt recent incident response study because those studies focus on nation wide CERT Coordination Center or large organization aspect. This study is focus on study and design on security ticket based CERT system through analysis Security management's threat element, attack element. response element and it also help general corporate establish incident response process that is adjusted on IT operation. Confirmed CERT model's effectiveness and effect of quantitative Security incident management wav that propose executing Security incident response experiment on the basis of this way. This study which Provides general corporate oriented CERT model can be used to improve corporate's capability of responding incident by quantified management technique and select incident response SLA indicator. Already, formation which operate CERT can heighten corporation's information protection level by measure Security incident response result as metrical and analyze and improve problem continuously.

• The Journal of the Korea Contents Association
• /
• v.21 no.9
• /
• pp.234-244
• /
• 2021

The purpose of this study is to investigate the effect of the retirement pension system on workers' retirement income security and job commitment, and to verify the mediating effect of corporate welfare satisfaction in the relationship between the retirement pension system's retirement income security and job commitment. Employees of domestic K-company, which have been implementing the retirement pension system since 2011, were surveyed, and 403 copies of the final data were analyzed using SPSS 22.0. The analysis results are as follows. First, as the sub-factors of the retirement income security, the guarantee of the retirement benefits right and the income replacement rate had a significant positive(+) effect on job commitment. Second, as sub-factors of the retirement income security, the income replacement rate and customized retirement design had a significant positive(+) effect on corporate welfare satisfaction. Third, corporate welfare satisfaction had a significant positive(+) effect on job commitment. Fourth, it was found that the relationship between the income replacement rate and job commitment, which are sub-factors of retirement income security, is mediated by diversity and the level of benefits, sub-factors of corporate welfare satisfaction. Based on the results of this study, it was confirmed that the implementation of the retirement pension system enhances the employee's job commitment and corporate welfare satisfaction, and is also important for corporate management.

• International Journal of Computer Science & Network Security
• /
• v.21 no.6
• /
• pp.29-34
• /
• 2021

The article formulates the key characteristics and features of country models of corporate governance. It was revealed that all countries are characterized by a fairly high concentration of ownership, insider control; Key gaps in the implementation of corporate governance principles were found: transparency and disclosure of information, protection of shareholders' rights, gender diversity of boards of directors, implementation of recommendations on the share of independent directors; The criterion of countries' efficiency (total investments) was identified and recommendations for their improvement were developed.