• Convergence Security Journal
• /
• v.13 no.4
• /
• pp.3-10
• /
• 2013

Cyber attacks are threats to national security. Today, cybersecurity threats have various types, the theft or spread of privacy and national secret, the realization of direct attacks to infrastructure and the hacktivism with political or social objectives. Furthermore, There are special situations in South Korea because of North Korea's threats. Thus, It is necessary to handle cybersecurity as a kind of national security problem. It is a time to identify problems of governance system in cybersecurity and to improve related Acts and subordinate statutes. There are several tasks for legal improvement for governance system in cybersecurity. They are improving legal bases for the roles of the relevant authorities in cybersecurity, consolidating national joint response to cyber accidents, establishing and vitalizing information sharing system, constructing foundation of cybersecurity through industry promotion and manpower development, and acquiring defensive tools by enhancement research an development. In order to address these challenges, it is necessary to pay much attention to enactment and to revision laws and to practice legislative procedure.

• Convergence Security Journal
• /
• v.13 no.6
• /
• pp.91-98
• /
• 2013

Cyber attacks threaten the national security in this day and age. The government of the Republic of Korea recently released the National Cyber Security Comprehensive Countermeasures as a new cybersecurity policy. But current legal system cannot provide legal basis for the implementation of such measures. The current legal system related to cybersecurity is applied in each sector, thus the governance system in cybersecurity is separate. So there are many problems in the governance system in cybersecurity. To solve these problems fundamentally, it is righter to make a new cybersecurity law than to revise existing laws. Meanwhile, lawmakers proposed some bills in Congress to strengthen the cybersecurity in Korea in 2013. It will increase possibility of legislation of cybersecurity act to make a law through the analysis of these bills and to derive the essential elements from those. and to reflect these in the new cybersecurity act.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.2
• /
• pp.843-859
• /
• 2018

Cybersecurity has emerged as a serious problem in Korea and there have been relevant movements to improve domestic cybersecurity policy and system. However, discussions have yet to result in actual progress and the legislation for improvement of cybersecurity policy and system have been stagnant until now. As evidenced by the introduction of primary government legislation bill for national cybersecurity in 2017, the preparations for improvements to the policy and system are still in progress. However, we cannot be positive about the possibility of implementing these improvements during the process. Recognition of the importance of cybersecutiry has gradually risen and is more prevalent than in years past, however, in-depth discussions are not being made. In principle, misunderstandings about cybersecurity itself and insufficient understandings of the relevant legislation seem to cause such problems. Therefore, it is necessary to review key issues related to the improvement of cybersecurity policy and system and reconsider tasks for the future. Such issues include the relationship between cybersecurity and fundamental rights, establishing responsibility and capability of each of entities for cybersecurity, and the role of the military in cybersecurity. This type of in-depth discussion will be helpful for finding ways to improve upon cybersecurity policy and system. Moreover, this study aims to key issues with questionnaire survey and political and normative inquiry.

• Electronics and Telecommunications Trends
• /
• v.38 no.4
• /
• pp.58-69
• /
• 2023

Cyberspace is emerging as a critical domain requiring national-level governance and international cooperation owing to its potential financial and societal impacts. This research aims to investigate the cybersecurity policies from major countries for understanding with comprehensive perspectives. Global trends emphasize a comprehensive command-centered approach, with top leadership directing cybersecurity policies. Key policy areas include security across technology ecosystems, protection of critical infrastructure, and software supply chain security. Investment is being focused on zero-trust architectures, software bills, and new technologies like artificial intelligence. For countries like Korea, immediate response and adaptation to these trends are crucial to develop and enforce national cybersecurity policies.

• Convergence Security Journal
• /
• v.17 no.1
• /
• pp.45-52
• /
• 2017

The Cybersecurity Information Sharing Act(CISA) of 2015, enacted in December 2015, is one of the greatest achievements of cybersecurity legislation in the United States. The promotion of cybersecurity information sharing is one of the tasks to improve cybersecurity governance in Korea. So it is an important issue to be addressed in cybersecurity legislation in Korea in the near future. CISA has many implications for cybersecurity legislation in Korea. Nevertheless, it is difficult to find preceding research that explain the content of CISA and study its normative meaning in Korea. Therefore, in this paper, the contents of the CISA is identified and its normative meaning and implication is found in five categories: definition of terms, establishment of information sharing procedures and conditions, promotion of voluntary information sharing by the private sector, checks on the executive branch and report to the Congress, and other matters. CISA facilitates information sharing based on willingness, while eliminating the side effects that may arise in the information sharing process. It is necessary to appropriately apply the good points of CISA to the cybersecurity legal system in Korea.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.5
• /
• pp.1259-1277
• /
• 2018

This study analyzes cyber security strategies, laws, organizations, and the roles of the ministries in the US, Germany, UK, Japan, China, and Korea and draws implications for establishing a practical and efficient next generation national cyber security governance. Under this goal, this study analyzes cyber security strategies, laws, organizations, and the roles of the ministries in the US, Germany, UK, Japan, China, and Korea and draws implications for establishing a practical and efficient next generation national cyber security governance. Based on the results of this analysis, this study suggests suggestions and directions for improvement of domestic cyber security governance.

• Informatization Policy
• /
• v.28 no.2
• /
• pp.98-113
• /
• 2021

This study presents implications of the Global Data Law & Policy by comparing national data strategies, data regulations and policies, and governance in South Korea, the United States, the United Kingdom, and the European Union. According to the result of the comparative analysis, the biggest difference is in data governance, in other words, the management and coordination of policies at the pan-government level and data ethics. Therefore, this study proposes the establishment of a presidential special committee on data policy or the creation of a 'National Digital Innovation Office' at the Presidential Secretariat as a national CDO for the governance of data policies. Furthermore, this paper suggests a) to enact 'the Framework Act on the Development of Data Industry' that can regulate data practices in the private sector, b) to institutionalize the data-centric security and data protection, c) to settle the public ethics and personnel management based on data expertise and professional ethics, including explainability and responsibility, and d) the education and training systems.

• Review of Korean Society for Internet Information
• /
• v.14 no.4
• /
• pp.63-76
• /
• 2013

This short report introduces the general background why Brazil conference is being prepared and what topics would be undertaken and what goals are being taken into account. It overviews what differences from traditional telecommunication governance, internet governance has had in its historical development and how such differences had been formed from its technological differences and the regulatory policy shift from common carrier regulation to privatization. Moreover, the fact that open, voluntary, bottom-up, diverse stakeholder's participation had evolved throughout the historical development of the internet, had established the present multistakeholder governance model from technological standardization to addressing scheme policies. ICANN, which has governed internet addressing schemes since the earlier 2000s, had developed address policies including IANA function from Jon Postel and technical community's legacy management system into contract based formation between ICANN and gTLD, ccTLD registries. And it made dispute resolution policies responding to trademark disputes and resolved gTLD monopoly issue by introducing new TLD generation and the separation of registry and registar. However, there had been challenges on the legitimacy of ICANN due to its dependency on the Federal Government of the U.S. particularly in its oversight role over ICANN and IANA contract. WSIS raised up internet governance issues including addressing governance, and set up IGF as a discussion platform for multistakeholders to discuss and share all views on other internet related public policies. IGF's loose and non-binding discussion once frustrated governments and other stakeholders, but more focused discussion and visible outcomes have consolidated its unique role for internet governance discourses. Particularly, IGF addressed many emerging internet related issues like cybersecurity, privacy, net neuratlity, development related issues. WTPF of 2013, after WCIT debate on whether traditional telecommunication regulation could be applied to internet infrastructure, suggested other governance issues such as the transition to ipv6, IXP coordination etc. How to make sure the legitimacy of internet addressing governance and how and where other internet related public policies could be undertaken are fundamental tasks for internet governance. Brazil conference, which has been motivated by the breakdown of trust in internet governance from NSA mass surveillance revealed by Snowden, faces these questions and try to make consensus on principles, institutions and roadmap for internet governance in multistakeholder participation way.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.4
• /
• pp.801-816
• /
• 2021

This study analyzes the political and legislative progress that although basic acts to establish an integrated system of cybersecurity are steadily being proposed, they have not been passed as legislative deadlocks under the two major parties. It shall be analyzed through Korea's legislative system, including differences in contents and interests of the disposal act, the timing and cycle of election ect. The study analyzes why the basic cybersecurity law was previously scrapped and faced political gridlock situation by analyzing the differences in the contents and interests of the two major parties, and the timing and cycle of the proposed legislation.

• Informatization Policy
• /
• v.30 no.1
• /
• pp.89-108
• /
• 2023

Science, technology and innovation (STI) has expanded the activity of actors from the traditional physical territory to the cyberspace. Data-driven platform services and markets advance new discussions on cross-border cooperation and cyber security, as well as discourse on sovereignty in cyberspace. These changes are also affecting the hegemony competition between the US and China. In particular, competition for aid to developing countries that are located along major resource transportation routes, such as natural gas and deep sea resources, is fierce. ASEAN is not only a geopolitical military and security point where the US and China powers collide, but its population of 600 million has great potential for the development of the digital economy due to its data resources. In this regard, this article aims to connect the discourse of liberalism and authoritarianism with data regulation and cybersecurity in international development cooperation, and derive implications for ASEAN integration through this. This study has significance as a convergence study that links international political issues related to big data in terms of global governance.