• 디지털산업정보학회논문지
• /
• 제19권2호
• /
• pp.89-102
• /
• 2023

The purpose of this study is to examine what are the important variables for information security compliance and whether the information security investment by the industry is different. To comply with the information security policies, the organization must establish measures to prevent or resolve information security incidents. This research process consists of four stages, and the analysis method was conducted with the categorical regression analysis and the correspondence analysis. The first analysis analyzed the independent variables that affect security regulations compliance. The rest of the analysis was conducted by industry in the order of security compliance regulations, manpower investment, and budget investment. As a result of the first analysis, this had positive effects on an organization and personal information protection awareness, joint operation organization of information protection, manpower and budget investment, corporate size, and industry. The correspondence analysis was conducted from the second analysis to the fourth analysis and it analyzed the differences in information security investment by industry. The second analysis showed that the construction industry, science and technology industry, and finance industry have higher compliance with security regulations than other industries. The third analysis showed that the financial industry and the science and technology industry were higher than other industries. The last analysis showed that the financial industry was higher than other industries. The theoretical contribution of this study provided the basis for updating the information security theory. The practical contribution of this study requires government support to reduce information security deviations by industry.

• 안보군사학연구
• /
• 통권9호
• /
• pp.191-206
• /
• 2011

This study is presented a scheme that information security research institutions located within the central area can be participated actively m national defense information security industry. The many of information security company are located in the central region(Daejeon) and there are many research institutes. However, the participation rate of the Defense Information Security Industry is not high compared to other provinces. Although a variety of reasons, there are no the Defense Privacy Office that could have a role in protocol and the information about the industry. In addition, the Department of Defense related to national defense information security industry have not information about research institutions in the central region and are not well to identify the characteristics of institutional technology and research. So in this paper we presented some of the alternatives. 1) Building Pool involved in information security research according to the characteristics of each agency 2) Constitute the research community between Research institutions and the company 3) Build the technology cooperation between research institutions and the defense research institutes 4) Utilization of industry/university/research institutes related to Information Security Industry 5) Make strategic alliances among research institutes based on technical expertise.

• 디지털산업정보학회논문지
• /
• 제20권1호
• /
• pp.119-131
• /
• 2024

The purpose of this study is to examine the operational performances by the investment level of information security in companies. The theoretical background summarized the meaning of information security, management information security, and network security. The research process was carried out in four stages. As a result of the analysis, the level of information security was classified into four groups, and the difference in operational performance was confirmed. According to the categorical regression analysis of the three dependent variables, independent variables such as network threats, non-network threats, executive information security awareness, industry, organizational size, and information security education all affected information security regulations, in-house information security checks, and information security budget investments. The theoretical implications of this study have contributed to updating the latest information security theory. Practical implications are that rational investments should be made on the level of information security of companies.

• ETRI Journal
• /
• 제37권2호
• /
• pp.428-437
• /
• 2015

This study was conducted to analyze the effect of information security activities on organizational performance. With this in mind and with the aim of resolving transaction stability in the securities industry, using an organization's security activities as a tool for carrying out information security activities, the effect of security activities on organizational performance was analyzed. Under the assumption that the effectiveness of information security activities can be bolstered to enhance organizational performance, such effects were analyzed based on Herzberg's motivation theory, which is one of the motivation theories that may influence information protection activities. To measure the actual attributes of the theoretical model, an empirical survey of the securities industry was conducted. In this explorative study, the proposed model was verified using partial least squares as a structural equation model consisting of IT service, information security, information sharing, transaction stability, and organizational performance.

• 정보보호학회논문지
• /
• 제24권2호
• /
• pp.385-396
• /
• 2014

정보통신 산업이 발전하고 정보의 자산적 가치가 증대됨에 따라 정보보호에 대한 수요는 더욱 확대될 것으로 예상된다. 정보보호 산업은 정보보호제품을 개발 생산 또는 유통하거나 정보보호에 관한 컨설팅 등과 관련된 산업을 말한다. 본 연구에서는 제품 및 서비스 산업 정의에 기반 하여 정보보호 산업을 재분류하고, RAS 기법을 활용하여 산업연관 표를 연장하여 2013~2017년까지의 정보보호 산업의 경제적 파급효과를 분석하도록 한다. 정보보호 산업의 경제적 파급효과를 분석한 결과를 살펴보면, 정보보호 산업에 대한 투자('13 '17년)를 통해 나타나는 경제적 파급효과의 총생산유발액은 약 3조 2,069억 원에 달하였으며, 약 27,406명의 고용유발 기대할 수 있을 것으로 추정되었다.

• 한국정보통신학회:학술대회논문집
• /
• 한국정보통신학회 2014년도 추계학술대회
• /
• pp.86-87
• /
• 2014

사회 복잡성이 증대되면서 정보보호 기술개발의 필요성은 부각되고 있으나, 우리나라에서는 당해 산업에 대한 산업적 연구는 일천하다. 그 이유는 정보보호 산업의 중요성으로 인하여 해당 산업에 대한 논의는 무성하지만, 아직까지 정보보호 산업에 관한 정의나 분류가 불분명하기 때문이라 판단된다. 본 연구의 목적은 정보보호 산업을 정의하고 그에 따른 산업분류를 시도한 후, 우리나라 정보보호 산업의 경제파급효과를 분석함으로써 국내 정보보호 산업의 육성을 위한 기초 정책 자료를 제공하는 것이다.

• 디지털산업정보학회논문지
• /
• 제9권3호
• /
• pp.99-106
• /
• 2013

There has been a lot of growth more than 10% in the information security industry. In accordance with the industrial growth, it increased needs for the information security manpower development as a national problem. But there is an imbalance between demand and supply of the information security manpower in terms of the quantity and quality. It is mainly caused by the curriculum of the information security is made considering for suppliers not for demanders. As a resolution to solve this problem, we suggest the curriculum of information security for vocational education and training. As the information security area is wide in view of required knowledge and technology, we design the curriculum by selecting major occupation type from the information security manpower distribution and products and then by investigating the job description using NCS(National Competency Standard). And we compared the curriculum to that of two or three year diploma courses in Korea.

• 한국정보통신학회논문지
• /
• 제20권1호
• /
• pp.103-109
• /
• 2016

정보보호 산업은 기술집약적, 고부가 가치 산업이다. 한국은 우수한 ICT 기술과 다양한 사이버공격에 대응 경험과 기술을 보유하고 있어, 전 세계의 벤치마킹 대상이 되고 있다. 하지만 국내 정보보호기업의 영세성과 함께 지원인프라는 부족하다. 국내 정보보호 산업을 활성화하는데 일차적인 조건은, 해외진출이다. 부가가치가 높은 제품과 서비스의 해외 수출을 위해서는, 국내 IT 정보보호 산업의 해외진출 거점 인프라의 설립 추진이 필요하다. 국내 정보보호 산업을 분석해보니, 자본의 영세성과 해외 현지 진출의 판로개척, 관련 정보, 인력 부족이 문제점으로 나타났다. 무료 AS기간의 비용까지 합치면, 사실상 손실이 발생한다. 따라서 정보보호 산업 해외 거점의 인프라 구축에 관한 연구가 필요하다. 해외 거점의 인프라의 선정 방법과 선정 원인을 분석한다. 해외 거점의 인프라를 활용하여 부가가치를 올릴 수 있고, 정보보호 산업 중소기업들이 수출을 활성화하기 위한 해외 거점의 인프라를 연구를 한다.

• 한국정보전자통신기술학회논문지
• /
• 제13권1호
• /
• pp.72-80
• /
• 2020

인공지능, IoT 등의 4차 산업의 등장으로 정보화는 가속화됨에 따라 정보보호 산업의 중요성과 시장의 규모가 증가하고 있다. 본 논문에서는 증가하는 정보보호 산업이 국내 경제에 미치는 영향을 산업연관표를 이용하여 분석하였다. 본 논문에서는 산업부문을 정보보호 제품산업과 정보보호 서비스 산업을 분류한 후에, 35개의 산업으로 산업연관표를 재분류하였고, 생산유발계수, 부가가치유발계수, 고용유발계수 등을 산출하였다. 정보보안 제품산업과 정보보안 서비스 산업의 생산유발계수는 각각 1.571, 1.802이고, 부가가치유발계수는 각각 0.632, 0.997이고, 고용유발계수는 각각 2.494, 7.361이다. 정보보호 서비스 산업의 부가가치유발계수만이 전체 산업보다 다소 높고, 나머지 유발계수는 모두 전체 산업보다 낮게 나타났다. 그리고 정보보호 제품산업에는 전·후방연쇄효과가 없고, 정보보호 서비스 산업에는 후방연쇄효과는 없으나 전방연쇄효과는 있는 것으로 나타났다. 정보보호 산업의 경제적 파급효과를 분석한 결과, 생산유발액은 359.9조원, 부가가치유발액은 164.8조원에 달하고, 803천명의 고용을 유발하는 것으로 나타났다.

• 디지털산업정보학회논문지
• /
• 제6권4호
• /
• pp.307-317
• /
• 2010

The majority of financial and general business organizations have had individual damage from hacking, worms, viruses, cyber attacks, internet fraud, technology and information leaks due to criminal damage. Therefore privacy has become an important issue in the community. This paper examines various elements of the information security management system and discuss about Information Security Management System Models by using the analysis of the financial statue and its level of information security assessment. These analyses were based on the Information Security Management System (ISMS) of Korea Information Security Agency, British's ISO27001, GMITS, ISO/IEC 17799/2005, and COBIT's information security architecture. This model will allow users to manage and secure information safely. Therefore, it is recommended for companies to use the security management plan to improve the companies' financial and information security and to prevent from any risk of exposing the companies' information.