• Title/Summary/Keyword: Information security education

Search Result 913, Processing Time 0.028 seconds

Comparing the Effects of Two Methods of Education (Online versus Offline) and Gender on Information Security Behaviors

  • Minjung Park;Sangmi Chai
    • Asia pacific journal of information systems
    • /
    • v.30 no.2
    • /
    • pp.308-327
    • /
    • 2020
  • The importance of information security is increasing, and various efforts are being made to improve users' information security behaviors. Among these various efforts, information security education is mainly aimed at providing users with information security knowledge and improving information security awareness. This study classified the types of information security education into offline and online to examine the effects of each education method on attitudes toward information security (perceived severity, vulnerability, self-efficacy and response-efficacy) and information security behaviors. A survey was conducted for users with information security education experiences. The results obtained by comparing the differences in the path coefficients of personal information security behaviors according to information security education experiences showed that security behaviors were more significant in the online experience group than the offline group. In addition, gender differences were analyzed, and it was found that females had a greater impact on information security attitudes than males. This study also found that among Internet users with online information security education experience, females tend to have more information security behavior than males, but there were contrasting results among users with offline information security education experiences. The results of this study finally address the necessity of reflecting users' personalities in the systematic design of information security education in the future. Furthermore, the results of this study support the need for an appropriate education system that sufficiently understands education types to maximize the effects of information security education.

Effects of Information Security Education on the Practice of Information Security for the Youth (정보보호 교육이 청소년의 정보보호 실천에 미치는 영향)

  • Kang, Min-Seong;Kim, Tae-Sung;Kim, Taek-Young
    • Journal of Information Technology Applications and Management
    • /
    • v.26 no.2
    • /
    • pp.27-40
    • /
    • 2019
  • As reliance on information and communication becomes widespread, a variety of information dysfunctions such as hacking, viruses, and the infringement of personal information are also occurring. Korean adolescents are especially exposed to an environment in which they are experiencing information dysfunction. In addition, youth cybercrimes are steadily occurring. To prevent cybercrime and the damage caused by information dysfunction, information security practices are essential. Accordingly, the purpose of this study is to discuss the factors affecting the information security practices of Korean youths, considering information security education, perceived severity, and perceived vulnerability as leading factors of the theory of planned behavior. A questionnaire survey was administered to 118 middle and high school students. Results of the hypothesis test show that information security education affects perceived behavior control, and perceived severity affects attitude. Subjective norms, information security attitudes, and perceived behavioral control were found to influence adolescents' practices of information security. However, perceived vulnerabilities did not affect youths' information security attitudes. This study confirms that information security education can help youths to practice information security. In other words, information security education is important, and it is a necessary element in the information curriculum of contemporary youth. However, perceived vulnerability to youth information security threats did not affect information security attitudes. Consequently, we suggest that it is necessary to strengthen the contents of the information security education for Korean youths.

Difference between Information Security Education Demand of Information Security Employees and Curriculum of Information Security Education Center (교육기관 정보보호 담당자의 정보보호 교육수요와 정보보호 교육센터의 교육과정과의 차이)

  • Kang, Mi-Hwa;Jun, Hyo-Jung;Kim, Tae-Sung
    • Information Systems Review
    • /
    • v.16 no.3
    • /
    • pp.179-190
    • /
    • 2014
  • Because personal information files held by educational institutions include sensitive information such as personal school affairs information or health information, damages resulted from personal information leakage of educational institutions are expected to be serious. In order to respond to this problem, the Ministry of Education has expanded information security education targeting (personal) information security officers in educational institutions. However, a number of personal information leakage cases of public institutions occurred at educational institutions. Thus, this study, targeting information security education centers, through an empirical research, tries to confirm whether information security education supply is being properly provided for (personal) information security officers in educational institutions, and suggest the appropriate balance between education supply and education demand as the implication for the educational direction of information security education centers.

Study on the college curriculum for systematic education of the domestic information security (국내 정보보호의 체계적인 교육을 위한 대학교육과정에 관한 연구)

  • Jeon, Jeong Hoon
    • Convergence Security Journal
    • /
    • v.16 no.4
    • /
    • pp.35-41
    • /
    • 2016
  • Recently, the awareness of the domestic information security is very higher due to cyber war and hacking incidents. Yet, the information security professional is very scarce situation. In these circumstances are increasing of a opening the information security related departments of the domestic universities. And the Educational institutions are developed various curriculums. However, the domestic information security curriculum is different depending on the university or department. And there tends to be concentrated on the practical education rather than theoretical education. Therefore, in this paper will be analyzed to the Information security curriculum situation of the domestic Information Security related universities. This is expected to be utilized in a systematic curriculum development of the domestic information security education in a future.

Development of a Standardized Framework for Domestic Information Security Education; Focusing on a Two-Track Curriculum Customized by Age and Job (국내 정보보호 교육 표준 프레임워크 개발; 연령 및 직무 맞춤의 이원화(Two-track) 교육과정을 중심으로)

  • Park, Minjung;Lee, GI Hyouk;Chai, Sangmi
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.31 no.5
    • /
    • pp.1083-1095
    • /
    • 2021
  • With the recent increase in users' dependence on the Internet and the spread of various IT devices, the influence of information security on the users' has expanded compared to the past. Therefore, it is expected to have an increased influence on information security in personal life. In addition, as the intrusion factors that threaten security continue to become more advanced and diversified (eg., fake news, cyberbullying, identity theft), the need for nurturing information security experts is increasing. Furthermore, not only corporate information security workers, but also all individuals, cannot be free from the threat of information security. Therefore, it is necessary to prepare various information security education to improve information security awareness and induce proactive information security behaviors. In this study, characteristics of domestic and foreign information security education courses are analyzed and provide a standardized framework for information security education applicable to the domestic environment.

A Study on the Factors of Online Information Security Behavior Failure: Focused on the Elderly (중·노년층의 온라인 개인정보보호 행동에 영향을 미치는 요인에 관한 연구; 한국과 중국 인터넷 사용자를 중심으로)

  • TIAN, YANG;Park, Minjung;Chai, Sangmi
    • The Journal of Information Systems
    • /
    • v.29 no.1
    • /
    • pp.51-74
    • /
    • 2020
  • Purpose Since the number of personal information breach incidents increased, many people have perceived the importance of personal information protection, in the recent. Especially, the number of personal information breach targeting middle-aged and elderly people rapidly increases. Therefore, the purpose of this study is to identify the factors which influence to fail of online information security behaviors among the elderly. Design/methodology/approach This study made a research model by adopting the factors deducted from the protection motivation theory. To analyze the research model, we conducted an online survey targeted on the elderly and middle ages users who have nations of Korean and Chinese respectively. Findings According to the empirical analysis result, we identified that only perceived severity and perceived vulnerability affected information security awareness. On contrast, it was also discovered that perceived barriers, self-efficacy, and response efficacy did not affect information security awareness. Additionally, the awareness of information security also did not affect information security behaviors. Middle-aged and elderly people with personal information protection education did more information security behaviors than people those who no education experiences. Korean middle-aged and elderly people with education significantly did more information protection behaviors than the people without the education.

Designing demand side education of information security professionals (수요자 중심의 정보보호 전문 인력 양성을 위한 교육과정 설계)

  • Lee, Jong Lark
    • Journal of Korea Society of Digital Industry and Information Management
    • /
    • v.9 no.3
    • /
    • pp.99-106
    • /
    • 2013
  • There has been a lot of growth more than 10% in the information security industry. In accordance with the industrial growth, it increased needs for the information security manpower development as a national problem. But there is an imbalance between demand and supply of the information security manpower in terms of the quantity and quality. It is mainly caused by the curriculum of the information security is made considering for suppliers not for demanders. As a resolution to solve this problem, we suggest the curriculum of information security for vocational education and training. As the information security area is wide in view of required knowledge and technology, we design the curriculum by selecting major occupation type from the information security manpower distribution and products and then by investigating the job description using NCS(National Competency Standard). And we compared the curriculum to that of two or three year diploma courses in Korea.

Teaching Book and Tools of Elementary Network Security Learning using Gamification Mechanism (게이미피케이션 메커니즘을 이용한 초등 네트워크 정보보안 학습교재 및 교구 개발)

  • Lee, Donghyeok;Park, Namje
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.26 no.3
    • /
    • pp.787-797
    • /
    • 2016
  • This paper is directed for the information security education of the elementary students. The dependence on human involvement and human behavior to protect information assets necessitates an information security education to make the awareness of their roles and responsibilities towards information security. The information security education is needed even to elementary school students. The information security learning model integrating knowledge, attitudes, and ways to practice was developed, and the teaching plan and learning material hand-out were accordingly made out. As the test result analysis, it was verified that the developed teaching tools of elementary network security learning using gamification mechanism was effective to help the students learn the knowledge, attitudes, skills and ways to practice.

A Study on Domestic Information Security Education System (국내 정보보호 교육체계 연구)

  • Kim, Dong-Woo;Chai, Seung-Woan;Ryou, Jae-Cheol
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.23 no.3
    • /
    • pp.545-559
    • /
    • 2013
  • There is a limitation on counteracting recent cyber-attacks with only technical security measures because they become more intelligent and large-scale to aim at employees instead of systems directly or to be conducted with unspecified multiple PCs. Thus, comprehensive measures revolved around related manpower are necessary to deal with them. However, domestic information security education system which is the base of professional manpower training lacks medium-and long-term plans for information security education, verification of education programs, and information sharing among educational institutions. This paper suggests information security education development plans for resolving problems on domestic education systems and improving cyber information security environment such as a national information security education master plan, certification system introduction of education programs, and professional manpower database management.

A Study on the Capability of Cyber Security Education and Training Professional Personnel (사이버보안 교육훈련 전문 인력의 역량에 관한 연구)

  • Eom, Jungho
    • Journal of Korea Society of Digital Industry and Information Management
    • /
    • v.15 no.1
    • /
    • pp.43-51
    • /
    • 2019
  • This research proposed the necessary capability of cyber security professional personnel for cyber security education and training. Cyber security professional personnel were required specialized capability because the curriculum of cyber security education and training is structured around practice and training. Based on the knowledge, skills, and attitudes of professors, we derive candidate capabilities and index through the results of precedent research. As a result, we derived capability such the candidate capability group as teaching qualification, expert knowledge, practical ability, lecture ability, and research ability, and detailed capability index was derived accordingly. Finally, based on the questionnaire results of the professors related to the information security, it was determined that the capability required for the cyber security education and training professional personnel were expert knowledge, practical ability, and lecture ability. Among the capabilities, executive ability means that they have to fulfil abundant executive experience due to the high proportion of practical training due to the characteristics of cyber security education and training.