• Title/Summary/Keyword: National Cybersecurity Management Act

Search Result 4, Processing Time 0.021 seconds

A Study on Cybersecurity Bills for the Legislation of Cybersecurity Act in Korea (사이버안보법 제정을 위한 국내 사이버안보 법률안 연구)

  • Park, Sangdon;Kim, So Jeong
    • Convergence Security Journal
    • /
    • v.13 no.6
    • /
    • pp.91-98
    • /
    • 2013
  • Cyber attacks threaten the national security in this day and age. The government of the Republic of Korea recently released the National Cyber Security Comprehensive Countermeasures as a new cybersecurity policy. But current legal system cannot provide legal basis for the implementation of such measures. The current legal system related to cybersecurity is applied in each sector, thus the governance system in cybersecurity is separate. So there are many problems in the governance system in cybersecurity. To solve these problems fundamentally, it is righter to make a new cybersecurity law than to revise existing laws. Meanwhile, lawmakers proposed some bills in Congress to strengthen the cybersecurity in Korea in 2013. It will increase possibility of legislation of cybersecurity act to make a law through the analysis of these bills and to derive the essential elements from those. and to reflect these in the new cybersecurity act.

Analysis of the Global Data Law & Policy and its Implications: Focusing on the cases of the United States, the United Kingdom, and the European Union (국내외 데이터법·정책 분석 및 시사점: 미국, 영국, EU의 사례를 중심으로)

  • Yoon, Sang-Pil;Kwon, Hun-Yeong
    • Informatization Policy
    • /
    • v.28 no.2
    • /
    • pp.98-113
    • /
    • 2021
  • This study presents implications of the Global Data Law & Policy by comparing national data strategies, data regulations and policies, and governance in South Korea, the United States, the United Kingdom, and the European Union. According to the result of the comparative analysis, the biggest difference is in data governance, in other words, the management and coordination of policies at the pan-government level and data ethics. Therefore, this study proposes the establishment of a presidential special committee on data policy or the creation of a 'National Digital Innovation Office' at the Presidential Secretariat as a national CDO for the governance of data policies. Furthermore, this paper suggests a) to enact 'the Framework Act on the Development of Data Industry' that can regulate data practices in the private sector, b) to institutionalize the data-centric security and data protection, c) to settle the public ethics and personnel management based on data expertise and professional ethics, including explainability and responsibility, and d) the education and training systems.

Risk Management-Based Application of Anti-Tampering Methods in Weapon Systems Development (무기 시스템 개발에서 기술보호를 위한 위험관리 기반의 Anti-Tampering 적용 기법)

  • Lee, Min-Woo;Lee, Jae-Chon
    • Journal of the Korea Academia-Industrial cooperation Society
    • /
    • v.19 no.12
    • /
    • pp.99-109
    • /
    • 2018
  • Tampering involves illegally removing technologies from a protected system through reverse engineering or developing a system without proper authorization. As tampering of a weapon system is a threat to national security, anti-tampering measures are required. Precedent studies on anti-tampering have discussed the necessity, related trends, application cases, and recent cybersecurity-based or other protection methods. In a domestic situation, the Defense Technology Protection Act focuses on how to prevent technology leakage occurring in related organizations through personnel, facilities and information systems. Anti-tampering design needs to determine which technologies are protected while considering the effects of development cost and schedule. The objective of our study is to develop methods of how to select target technologies and determine counter-measures to protect these technologies. Specifically, an evaluation matrix was derived based on the risk analysis concept to select the protection of target technologies. Also, based on the concept of risk mitigation, the classification of anti-tampering techniques was performed according to its applicability and determination of application levels. Results of the case study revealed that the methods proposed can be systematically applied for anti-tampering in weapon system development.

A Study on the Korea Future Internet Promotion Plan for Cyber Security Enhancement (사이버 보안 강화를 위한 한국형 미래 인터넷 추진 방안에 관한 연구)

  • Lim, Gyoo-Gun;Jin, Hai-Yan;Ahn, Jae-Ik
    • Informatization Policy
    • /
    • v.29 no.1
    • /
    • pp.24-37
    • /
    • 2022
  • Amid rapid changes in the ICT environment attributed to the 4th Industrial Revolution, the development of information & communication technology, and COVID-19, the existing internet developed without considering security, mobility, manageability, QoS, etc. As a result, the structure of the internet has become complicated, and problems such as security, stability, and reliability vulnerabilities continue to occur. In addition, there is a demand for a new concept of the internet that can provide stability and reliability resulting from digital transformation-geared advanced technologies such as artificial intelligence and IoT. Therefore, in order to suggest a way of implementing the Korean future internet that can strengthen cybersecurity, this study suggests the direction and strategy for promoting the future internet that is suitable for the Korean cyber environment through analyzing important key factors in the implementation of the future internet and evaluating the trend and suitability of domestic & foreign research related to future internet. The importance of key factors in the implementation of the future internet proceeds in the order of security, integrity, availability, stability, and confidentiality. Currently, future internet projects are being studied in various ways around the world. Among numerous projects, Bright Internet most adequately satisfies the key elements of future internet implementation and was evaluated as the most suitable technology for Korea's cyber environment. Technical issues as well as strategic and legal issues must be considered in order to promote the Bright Internet as the frontrunner Korean future internet. As for technical issues, it is necessary to adopt SAVA IPv6-NID in selecting the Bright Internet as the standard of Korean future internet and integrated data management at the data center level, and then establish a cooperative system between different countries. As for strategic issues, a secure management system and establishment of institution are needed. Lastly, in the case of legal issues, the requirement of GDPR, which includes compliance with domestic laws such as Korea's revised Data 3 Act, must be fulfilled.