• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.2
• /
• pp.1-8
• /
• 2016

A convergence of finance and information technology brought a remarkable development in Fin-Tech industry. On the other hand, currently existing laws seemed inappropriate to address the liability of financial institutions, Fin-tech enterprises and consumers in case of financial accidents due to its ambiguity. The minimum insurance obligation by financial institutions specified under the Electronic Financial Transaction Act 2006 is not keeping with current reality, considering transaction volume, frequency of incidents, and security investments. This paper aims to lay stress on the need of cyber liability insurance by understanding the domestic financial incidents and management, and the limit of existing insurance policy.

• International Journal of Computer Science & Network Security
• /
• v.22 no.4
• /
• pp.33-38
• /
• 2022

The main purpose of the study is to determine the key aspects of the mechanisms of state management of the exchange of information about cyberattacks, cyber incidents, and information security incidents. The methodology includes a set of theoretical methods. Modern government, on the one hand, must take into account the emergence of such a new weapon as cyber, which can break various information systems, can be used in hybrid wars, influence political events, pose a threat to the national security of any state. As a result of the study, key elements of the mechanisms of state management of the exchange of information about cyberattacks, cyber incidents, and information security incidents were identified.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.6 no.2
• /
• pp.233-245
• /
• 2010

This paper proposes security architecture, security audit framework, and audit check item. These are based on the security requirement that has been researched in the information system audit. The proposed information security architecture is built in a way that it could defend a cyber attack. According to its life cycle, it considers a security service and security control that is required by the information system. It is mapped in a way that it can control the security technology and security environment. As a result, an audit framework of the information system is presented based on the security requirement and security architecture. The standard checkpoints of security audit are of the highest level. It was applied to the system introduction for the next generation of D stock and D life insurance company. Also, it was applied to the human resources information system of K institution and was verified. Before applying to institutions, system developers and administrators were educated about their awareness about security so that they can follow guidelines of a developer security. As a result, the systemic security problems were decreased by more than eighty percent.

• Proceedings of the Korea Contents Association Conference
• /
• 2006.05a
• /
• pp.118-121
• /
• 2006

Insurance's service have been studied for purchase behavior, life style. And Insurance's service is more and more important. Steady necessity of study was on the rise for insurance's service. This study is based on existing study. We classified insurance's service factors into insurance business's characteristic factors(image, information, security), insurance agent's characteristic factors(expert knowledge, care) and insurance product's characteristic factors(multiplicity, a made-to-order goods) And then we investigated how these classified characteristic factors could influence on customer satisfaction.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.6
• /
• pp.1207-1217
• /
• 2013

This study utilizes raw data from "Research on the actual condition of firms' information security" of KISA (2010) and constructs panel dataset to analyze a causal relationship between information security investment and security breach. Using Difference in Difference estimation method we find the following results. First, while the usual causality that information security investment reduces security breach is not supported, the reverse causality that security breach increases information security investment is well explained. Second, contrary to the conventional wisdom, firms in the finance/insurance business sector show the most significant reverse causality pattern.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.6
• /
• pp.1605-1618
• /
• 2016

In recent years, security incidents - such as personal information leakage, homepage hacking, DDoS and etc. - targeting finance companies(banks, securities companies, credit card companies, insurance companies and etc.) have increased steadily. In this paper, we analyze problems of information security management level in the existing electronic financial infrastructure from perspective of compliance and information security certification system and propose improvements to enable sustainable high level of information security activities under a comprehensive management system for the financial sector characteristics using ISMS, SECU-STAR and CNIVAM system.

• The Journal of Society for e-Business Studies
• /
• v.16 no.4
• /
• pp.53-73
• /
• 2011

Many governments have tried to develop a liability and compliance law that can improve cyber security in a sustainable way. This paper explores whether a liability and compliance law is effective in motivating firms' information security activities. In particular, I empirically investigate the impact of the 2007 Electronic Financial Transaction Act (EFTA), a liability and compliance law in Korea, on the information security activities of financial institutions and services providers. In spite of various criticisms of the effectiveness of EFTA, the empirical findings of this study clearly show that EFTA is having a positive impact on information security activities. From these findings, this article concludes that a liability and compliance law is likely to contribute to a certain degree to the achievement of sustainable development of cyber security.

• Journal of Information Technology Services
• /
• v.17 no.4
• /
• pp.163-189
• /
• 2018

In this study, we analyze the acceptance theories of insurance services using blockchain technology. Although insurance services using block-chain technology are still in discussion, specific development methods for service methods applying block-chain technology in insurance services are being studied. In this study, the following analysis was conducted to analyze the acceptance of insurance services using block chain technology, focusing on four factors of the UTAUT model. As a result of the analysis, the technology benefits of the blockchain affecting the performance expectations of UTAUT are security and reliability. In addition, the factors influencing UTAUT's effort expectations were found to be availability and economics. Therefore, it was found that performance expectation and effort expectation for technology acceptance are influenced by different technology benefits. Among the four factors of UTAUT, the factors affecting the insurance service using the blockchain technology are performance expectation and effort expectation, and social influence and promotion condition have no effect on acceptance intention. Also, the moderating effect of user innovation on acceptance intention of insurance service applying blockchain was significant only for effort expectation among UTAUT factors.

• The Korean Society of Law and Medicine
• /
• v.20 no.1
• /
• pp.203-242
• /
• 2019

Since 2006, local governments in Korea have been providing premiums for social insurance, such as the National Health Insurance System, for the health care of local residents. The purpose of this study is to analyze the content of self-governing legislation that defines these policies. The method of conducting the research was based on the articles of the ordinance related to the 'public health insurance premium' of the self-governing statutes published on the website of the National Law Information Center. As of May 2019, 201 municipalities have enacted ordinances to support public health insurance premiums. In the case of state local governments, 8 out of 17 were found, and in the case of basic local governments, 193 out of 226. The constitution of the ordinance consisted of purpose, time of enactment, type of social insurance premium, object of social insurance premium, amount of social insurance premium support, method and process of social insurance premium support, time of social insurance premium support. This study analyzed contents of these articles. Finally, this study presented issues that could be controversial from the policy and legal viewpoints and suggestions for improvement.

• Convergence Security Journal
• /
• v.15 no.4
• /
• pp.121-126
• /
• 2015

Exposure of personal information that is held by hacking accident near the company has led to severe water level. And, it has changed security threat elements generated according to businessenterprise. Therefore, in this paper, I looked at security threat elements and proposed the way of appropriate information security consulting according type of company. First, In the financial and insurance industries, and should not have been compromised by a worm virus infection due to lack of awareness inside of members, by collectively apply in the same way the internal security standards of the organization to members, the risk of customer information. It shall be provided in advance that the security accident occurs due to a higher job group. Therefore, information security consulting method based on people and information is applied. Secondly, in industry of company, to perform consulting information security based on the attributes of the case industry groups.