• Title/Summary/Keyword: Security Importance

Search Result 1,147, Processing Time 0.022 seconds

Response to Security Threats through Importance Analysis of NFT Service Provider Security Level Check Items (NFT 서비스 제공자 보안 수준 점검 항목 중요도 분석을 통한 보안 위협 대응)

  • Dong Sung Im
    • Journal of Platform Technology
    • /
    • v.11 no.5
    • /
    • pp.126-135
    • /
    • 2023
  • Demand for NFT is expanding along with Blockchain. And cyber security threats are also increasing. Therefore, this study derives security level inspection items by analyzing status related to NFT security such as NFT features, security threats, and compliance for the purpose of strengthening NFT security. Based on this, the relative importance was confirmed by applying it to the AHP model. As a result of the empirical analysis, the priority order of importance was found in the order of Security management system establishment and operation, encryption, and risk management, etc. The significance of this study is to reduce NFT security incidents and improve the NFT security management level of related companies by deriving NFT-related security level check items and demonstrating the research model. And If you perform considering relative importance of the NFT check items, the security level can be identified early.

  • PDF

Information Security Importance Perception: Protection Motivation Theory Perpectives (정보보안 중요성 인식에 관한 연구: 예방동기이론 관점에서)

  • Yim, Myung-Seong
    • Journal of the Korea Convergence Society
    • /
    • v.13 no.1
    • /
    • pp.283-295
    • /
    • 2022
  • This study attempts to explore factors that influence the perception of importance of information security. Three possible exogenous variables including perceived certainty of punishment, perceived response cost, and acquiescense are suggested that are based on the protectiom motivation theory. As a result, we found followings. First, The perceived punishment certainty has a significant effect on the perceived importance of information security. Also, it influences a negative effect on acquiescence. Second, the response cost has a negative effect on the perceived importance of information security. In addition, the response cost positively effects on acquiescence. Finally, acquiescence negatively influences on the perceived importance of information security. The results show that, in order to increase the perceived importance of information security among employees, it is necessary to make them aware that a security violation can result in certain punishment. At the same time, organizations should also attempt to remove major obstacles accompanying security behaviors of employees. Finally, organizations encourage open communication relating to information security among employees.

Assessing the Importance of Information Security Factors Using AHP: Case of Defense Agency's Outsourcing Development of Information Systems (AHP를 이용한 정보보안 요소의 중요도 평가: 국방기관 정보시스템 외주개발 사례)

  • Park, Dongsoo;Yoon, Hanseong
    • Journal of Korea Society of Digital Industry and Information Management
    • /
    • v.14 no.3
    • /
    • pp.55-68
    • /
    • 2018
  • In this paper, we identify and evaluate the information security factors considered in outsourcing development of information systems for defense agency with analytic hierarchy process(AHP). To assess the information security elements, we prepared three groups including the experts of a defense agency, subcontractor managers and subcontractor practitioners who are involved in developing information systems. And the relative importance of security factors were analyzed using questionnaires and responses. As a result of analysis of 27 security factors, factors corresponding to human and physical security as a whole were evaluated as having higher importance. Although there are some differences in the ranking of some importance according to human roles, they can be positive for the implementation of complementary information security. And administrative security and technical security can be relatively insignificant considering that they can be considered as infrastructure of the overall information environment. The result of this paper will be helpful to recognize the difference of perception of information security factors among the persons in the organization where collaboration is activated and to prepare countermeasures against them.

Analysis of the Importance and Priority of HRM Factors in Private Security (민간경비 인사업무의 중요도 및 우선순위에 대한 고찰)

  • Kwon, Jung-Eon
    • Korean Security Journal
    • /
    • no.56
    • /
    • pp.55-81
    • /
    • 2018
  • The purpose of this study is to find significant activities in human resource management (HRM) to solve growing-pains caused by the rapid external growth in private security business. To this end, we applied the HRM factors suggested by the National Job Capability Standard (NCS) to the private security and investigated the relative importance using the Analytic Hierarchy Process (AHP). The results were as follows. First, the importance of 4 HRM criteria in the private security was ranked in order of recruitment, operation, benefit, and retirement. Particularly, the relative importance of recruitment reached 63.8%. Second, the composite importance was calculated by dividing the 4 HRM criteria into 14 capability sub-criteria and 46 capability alternatives. As a result, personnel planning and hiring at the recruitment turned out as the areas that needed the most improvement. In addition, the operating and planning of education involved in the highest rank, 8th and 10th respectively. Based on these results, we suggested critical HRM factors for developing the private security business as well as proposed research directions and methods for further studies.

An Analysis of the Relative Importance of Security Level Check Items for Autonomous Vehicle Security Threat Response (자율주행차 보안 위협 대응을 위한 보안 수준 점검 항목의 상대적 중요도 분석)

  • Im, Dong Sung
    • The Journal of The Korea Institute of Intelligent Transport Systems
    • /
    • v.21 no.4
    • /
    • pp.145-156
    • /
    • 2022
  • To strengthen the security of autonomous vehicles, this study derived checklists through the analysis of the status of autonomous vehicle security. The analyzed statuses include autonomous vehicle characteristics, security threats, and domestic and foreign security standards. The derived checklists are then applied to the AHP(Analytic Hierarchy Process) model to find their relative importance. Relative importance was ranked as one of cyber security management system establishment and implementation, encryption, risk assessment, etc. The significance of this study is to reduce cyber security incidents that cause human casualties as well improve the level of security management of autonomous vehicles in related companies by deriving the autonomous vehicle security level checklists and demonstrating the model. If the inspection is performed considering the relative importance of the checklists, the security level can be identified early.

For the efficient management of electronic security system false alams Study on hybrid Crime sensor (기계경비시스템 오경보의 효율적 관리를 위한 복합형 방범센서에 관한 연구)

  • Kim, Min Su;Lee, DongHwi
    • Convergence Security Journal
    • /
    • v.12 no.5
    • /
    • pp.71-77
    • /
    • 2012
  • Expenses in the form of personnel expenses in the past, in modern times, machine guards to gradually transition has been. This is because the machine guard is more efficient than personnel expenses. But due to false alarms, despite the high expectations of the effects of electronic security in the operation of the electronic security system due to factors that hinder the development of machine guards growth slows. Defect removal aspects of this paper, using IPA (Importance Performance Analysis) techniques to study the operation of electronic security systems and its importance in the development of machine guards, look at how high the technical aspects of electronic security systems composite type of malfunction to minimize crime sensor are presented.

The Efficient Operations of the Guard - Instructor's System in Korea (한국 경비지도사제도의 발전방안)

  • Park, Dong-Kyun
    • Korean Security Journal
    • /
    • no.5
    • /
    • pp.131-156
    • /
    • 2002
  • Private security industry employers in Korea has not concerned with the importance of training and education by lack of recognition and has been passive about qualified guards. And the authorities supervising and the administrating the guards has not recognized the importance of private security and has neglected the training of the guards. Korea has been operated the guard-instructor system for the acquiring the specialization of the security personnel since 1997, but there has been many problems. This study reviews the guard-instructor system in Korea comprehensively and suggests the efficient operation method of that system.

  • PDF

A comparative study on the priorities between perceived importance and investment of the areas for Information Security Management System (정보보호관리체계(ISMS) 항목의 중요도 인식과 투자의 우선순위 비교 연구)

  • Lee, Choong-Cheang;Kim, Jin;Lee, Chung-Hun
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.24 no.5
    • /
    • pp.919-929
    • /
    • 2014
  • Recently, organizational efforts to adopt ISMS(Information Security Management System) have been increasingly mandated and demanded due to the rising threat and the heavier cost of security failure. However there is a serious gap between awareness and investment of information security in a company, hence it is very important for the company to control effectively a variety of information security threats within a tight budget. To phase the ISMS, this study suggests the priorities based on evaluating the Importance of 13 areas for the ISMS by the information security experts and then we attempt to see the difference between importance and investment through the assessment of the actual investment in each area. The research findings show that intrusion incident handling is most important and IT disaster recovery is the area that is invested the most. Then, information security areas with the considerable difference between priorities of importance and investment are cryptography control, information security policies, education and training on information security and personnel security. The study results are expected to be used in making a decision for the effective investment of information security when companies with a limited budget are considering to introduce ISMS or operating it.

The Establishment of Security Strategies for Introducing Cloud Computing

  • Yoon, Young Bae;Oh, Junseok;Lee, Bong Gyou
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.7 no.4
    • /
    • pp.860-877
    • /
    • 2013
  • Cloud computing has become one of the most important technologies for reducing cost and increasing productivity by efficiently using IT resources in various companies. The cloud computing system has mainly been built for private enterprise, but public institutions, such as governments and national institutes, also plans to introduce the system in Korea. Various researches have pointed to security problems as a critical factor to impede the vitalization of cloud computing services, but they only focus on the security threats and their correspondents for addressing the problems. There are no studies that analyze major security issues with regard to introducing the cloud computing system. Accordingly, it is necessary to research the security factors in the cloud computing given to public institutions when adopting cloud computing. This research focuses on the priority of security solutions for the stepwise adoption of cloud computing services in enterprise environments. The cloud computing security area is classified into managerial, physical and technical area in the research, and then derives the detailed factors in each security area. The research derives the influence of security priorities in each area on the importance of security issues according to the identification of workers in private enterprise and public institutions. Ordered probit models are used to analyze the influences and marginal effects of awareness for security importance in each area on the scale of security priority. The results show workers in public institutions regard the technical security as the highest importance, while physical and managerial security are considered as the critical security factors in private enterprise. In addition, the results show workers in public institutions and private enterprise have remarkable differences of awareness for cloud computing security. This research compared the difference in recognition for the security priority in three areas between workers in private enterprise, which use cloud computing services, and workers in public institutions that have never used the services. It contributes to the establishment of strategies, with respect to security, by providing guidelines to enterprise or institutions that want to introduce cloud computing systems.

Future Education Skills Needs Analysis through Patent Analysis in the field of Information Security (특허분석을 통한 정보보안 부문 미래교육 수요분석)

  • Hwang, Gyuhee;Rim, Myung-Hwan;Song, Kyungseok;Lee, Jung Mann
    • Korean Management Science Review
    • /
    • v.31 no.4
    • /
    • pp.1-13
    • /
    • 2014
  • This study aims to expand the future study methodology and to develop a methodology of future-oriented curriculum analysis with future skills needs derived from patent analysis. With the case of information security, the methodology is applied to the 16 universities, which have information security department in undergraduate course. From the results, the followings are suggested : 1) for the increasing importance area including hacking, infiltration and PC security, a practical exercise should be emphasized; 2) for the convergence area including security policy, security legislation and OS security, proper faculties should be filed with recruiting field-based experts; 3) for the increasing importance area including professional area including security audit and information security protocol, the advanced curriculum related to graduate level should be provided.