• Title/Summary/Keyword: investment on security solutions

Search Result 13, Processing Time 0.021 seconds

A Framework for Making Decision on Optimal Security Investment to the Proactive and Reactive Security Solutions management (이 기종의 보안 솔루션 통합 운영을 위한 최적의 보안 투자 결정 모델)

  • Choi, Yoon-Ho
    • Journal of Internet Computing and Services
    • /
    • v.15 no.3
    • /
    • pp.91-100
    • /
    • 2014
  • While IT security investment of organizations has been increased, the amount of the monetary loss of organizations caused by IT security breaches did not decrease as much as their expectation. Also, from surveys, it was discovered that the poor usage of their security budget thwarted the improvement of the organization's security level. In this paper, to resolve the poor usage of security budget of organizations, we propose a comprehensive economic model for determining the optimal amount of investment in security solutions, including the proactive security solutions(PSSs) and the reactive security solutions(RSSs). Using the proposed analytical model under different parameters of security solutions, we show the optimal condition to maximize the expected net benefits from IT security investment of organizations. Also, we verify the common belief that the optimal level of investment in security solutions is an increasing function of vulnerability. Through simulations, we find the optimal level of IT security investment, given parameters of different characteristics of security solutions.

Strategic Business Values of the Blockchain Technology Market to Assist Professionals: Deployment Perspective

  • Waleed Rashideh
    • International Journal of Computer Science & Network Security
    • /
    • v.23 no.2
    • /
    • pp.210-226
    • /
    • 2023
  • It is difficult to transform a blockchain initiative from the feasibility stage to the fully commercialized the technology's products or services, especially considering the significant investment required and the lack of studies on the benefits and barriers from deployment perspective. Whereas some organizations have come up with their own solutions to moving beyond the feasibility stage, commercial applications do not yet exist and few organizations are willing to invest beyond the prototype phase and fill in the gap between the expected and actual business value of these types of projects. This study aims to develop a blockchain model using a survey to gather qualitative data on experts' opinions on the deployment of blockchain technology. Our model will measure how business professionals could take advantage of blockchain's disruptive technology to develop business opportunities. This study's contribution is to show blockchain technology's potential strategic business value. The findings from this exploration include the prospective for delivering comprehensions to businesses for different creating investment choices on the embracing of the blockchain technology.

The Standardization Modeling concerning Organizational Composition and a Management System for the Protection of Personal Information (개인정보 보호를 위한 조직구성과 관리체계에 관한 표준화 모델링)

  • Seo, Woo Seok;Jun, Moon Seog
    • Journal of Korea Society of Digital Industry and Information Management
    • /
    • v.8 no.3
    • /
    • pp.33-39
    • /
    • 2012
  • Since the passing of the Personal Information Act in March 2011 and its initial introduction in September, over the one year to date diverse security devices and solutions have been flowing into the market to enable observance of the relevant laws. Beginning with security consulting, corporations and institutions have focused on technology-based business in order to enable observance of those laws competitively in accordance with 6-step key procedures including proposal, materialization, introduction, construction, implementation, and execution. However there has not been any investment in human resources in the field of education such as technology education and policy education relative to the most important human resources field nor investment in professionals in the organization for the protection of personal information or in human resources for operating and managing IT infrastructure for actual entire personal information such as special sub-organizations. In this situation, as one process of attracting change from the nature of the technology-based security market toward a professional human resource-based security infrastructure market, it is necessary to conduct research into standardization modeling concerning special organizational composition and a management system for the protection of personal information.

The impact of the introduction of information security solutions by public organizations on the improvement of information security level (공공기관의 정보보안 솔루션 도입이 정보보안 수준 향상에 미치는 영향)

  • Kim, Hyeob;Eom, Su-Seong;Kwon, HyukJun
    • Convergence Security Journal
    • /
    • v.17 no.5
    • /
    • pp.19-25
    • /
    • 2017
  • Public institutions invest about half of the information protection budget annually to introduce information security products and information protection services in order to prevent cyber terrorism and establish organizational security. However, research on whether introduced information security products has a positive influence on improving the information security level of the actual institution is in an incomplete state, and accordingly, There are problems such as the measurement of the investment effect of the information security product introduced in the organization and the difficulty in selecting the optimum information security product that the agency actually needs. In this paper, prior research will conduct research on the influence of the introduction of information security products on the improvement of information security level of organization through analysis of operational data of inadequate information security products, and based on the research results, It would be useful to use it for information security practices such as optimal product selection and internal security policy formulation through validation of the introduction of information security products of public institutions.

A Blockchain Framework for Investment Authorities to Manage Assets and Funds

  • Vinu Sherimon;Sherimon P.C.;Jeff Thomas;Kevin Jaimon
    • International Journal of Computer Science & Network Security
    • /
    • v.23 no.11
    • /
    • pp.128-132
    • /
    • 2023
  • Investment authorities are broad financial institutions that carefully manage investments on behalf of the national government using a long-term value development approach. To provide a stronger structure or framework for In-vestment Authorities to govern the distribution of funds to public and private markets, we've started research to create a blockchain-based prototype for managing and tracking numerous finances of such authorities. We have taken the case study of Oman Investment Authority (OIA) of Sultanate of Oman. Oman's wealth is held in OIA. It is an organization that oversees and utilizes the additional capital generated by oil and gas profits in public and private markets. Unlike other Omani funds, this one focus primarily on assets outside the Sultanate. The operation of the OIA entails a huge number of transactions, necessitating a high level of transparency and administration among the parties involved. Currently, OIA relies on various manuals to achieve its goals, such as the Authorities and Responsibilities manual, the In-vestment Manual, and the Code of Business Conduct, among others. In this paper, we propose a Blockchain based framework to manage the operations of OIA. Blockchain is a part of the Fourth Industrial Revolution, and it is re-shaping every industry. The main components of every blockchain are assets and participants. The funds are the major assets in the proposed study, and the participants are the various fund shareholders/recipients. The block-chain's transactions are all safe, secure, and immutable, and it's part of a trustless network. The transactions are simple to follow and verify. By replacing intermediary firms with smart contracts, blockchain-based solutions eliminate any middlemen in the fund allocation process.

Review on improving measurement of cyber terror management system

  • Park, Jong-Ryeol;Noe, Sang-Ouk
    • Journal of the Korea Society of Computer and Information
    • /
    • v.21 no.6
    • /
    • pp.89-96
    • /
    • 2016
  • Damage and attack size of cyber terror is growing to the national size. Not only targeting at a certain companies or individuals but number of cyber terror targeting government bodies or unspecific people is increasing. This is because compared to traditional weapon, input cost is very cheap but ripple effect and shock are much stronger, affecting not only certain groups but also each individuals. 'Anti-terror measurement for protection of nation and public safety' passed last month is one of the renowned measurement passed regardless of objection from opposition party. The opposition party went against this through filibuster for 192 hours but this finally passed National Congress due to lack of oppositions. Korean government is taking post actions after passage of anti-terror measurement. Legislation of enforcement ordinance and regulations is due by 6th of next month. This regulation will be executed from June 4th after legislation. Whenever there is any security issues such as hacking of Korea Hydro and Nuclear Power and National Intelligence Service happens, lot of attention is made to those hackers. However, social recognition or management of those hackers need lot more improvement. Especially, as market of internet of things is increasing, there is an increased anxiety on information security. But as we only rely on security solutions, this problems are keep happening. Therefore, active investment on nurturing hackers who play the role of 'spear and shield' shall be made. Government should put more efforts to allow white hackers to show their abilities. We should have a policy for supporting high-quality programs such as BoB. To make information protection industry into future growth engine, it is necessary to nurture professionals for information protection and white hackers through special programs. Politicians should make related regulations as soon as possible to remove factors that prevent swift management of cyber attack due to lack of legislation. Government should pay lot more financial investment to nurturing professional manpower than now. Protecting life and asset of nation is responsibility and duty of our government. We all should recognize that controlling cyber attack is a part of national defense.

A Model of Artificial Intelligence in Cyber Security of SCADA to Enhance Public Safety in UAE

  • Omar Abdulrahmanal Alattas Alhashmi;Mohd Faizal Abdullah;Raihana Syahirah Abdullah
    • International Journal of Computer Science & Network Security
    • /
    • v.23 no.2
    • /
    • pp.173-182
    • /
    • 2023
  • The UAE government has set its sights on creating a smart, electronic-based government system that utilizes AI. The country's collaboration with India aims to bring substantial returns through AI innovation, with a target of over $20 billion in the coming years. To achieve this goal, the UAE launched its AI strategy in 2017, focused on improving performance in key sectors and becoming a leader in AI investment. To ensure public safety as the role of AI in government grows, the country is working on developing integrated cyber security solutions for SCADA systems. A questionnaire-based study was conducted, using the AI IQ Threat Scale to measure the variables in the research model. The sample consisted of 200 individuals from the UAE government, private sector, and academia, and data was collected through online surveys and analyzed using descriptive statistics and structural equation modeling. The results indicate that the AI IQ Threat Scale was effective in measuring the four main attacks and defense applications of AI. Additionally, the study reveals that AI governance and cyber defense have a positive impact on the resilience of AI systems. This study makes a valuable contribution to the UAE government's efforts to remain at the forefront of AI and technology exploitation. The results emphasize the need for appropriate evaluation models to ensure a resilient economy and improved public safety in the face of automation. The findings can inform future AI governance and cyber defense strategies for the UAE and other countries.

The Contribution of Innovation Activity to the Output Growth of Emerging Economies: The Case of Kazakhstan

  • Smagulova, Sholpan;Mukasheva, Saltanat
    • Journal of Distribution Science
    • /
    • v.10 no.7
    • /
    • pp.33-41
    • /
    • 2012
  • The purpose of this study is to analyse the state of the energy industry and to determine the efficiency of its functioning on the basis of energy conservation principle and application of innovative technologies aimed at improving the ecological modernisation of agricultural sectors of Kazakhstan. The research methodology is based on an integrated approach of financial and economic evaluation of the effectiveness of the investment project, based on calculation of elasticity, total costs and profitability, as well as on comparative, graphical and system analysis. The current stage is characterised by widely spread restructuring processes of electric power industry in many countries through introduction of new technical installations of energy facilities and increased government regulation in order to enhance the competitive advantage of electricity market. Electric power industry features a considerable value of creating areas. For example, by providing scientific and technical progress, it crucially affects not only the development but also the territorial organisation of productive forces, first of all the industry. In modern life, more than 90% of electricity and heat is obtained by Kazakhstan's economy by consuming non-renewable energy resources: different types of coal, oil shale, oil, natural gas and peat. Therefore, it is significant to ensure energy security, as the country faces a rapid fall back to mono-gas structure of fuel and energy balance. However, energy resources in Kazakhstan are spread very unevenly. Its main supplies are concentrated in northern and central parts of the republic, and the majority of consumers of electrical power live in the southern and western areas of the country. However, energy plays an important role in the economy of industrial production and to a large extent determines the level of competitive advantage, which is a promising condition for implementation of energy-saving and environmentally friendly technologies. In these circumstances, issues of modernisation and reforms of this sector in Kazakhstan gain more and more importance, which can be seen in the example of economically sustainable solutions of a large local monopoly company, significant savings in capital investment and efficiency of implementation of an investment project. A major disadvantage of development of electricity distribution companies is the prevalence of very high moral and physical amortisation of equipment, reaching almost 70-80%, which significantly increases the operating costs. For example, while an investment of 12 billion tenge was planned in 2009 in this branch, in 2012 it is planned to invest more than 17 billion. Obviously, despite the absolute increase, the rate of investment is still quite low, as the total demand in this area is at least more than 250 billion tenge. In addition, industrial infrastructure, including the objects of Kazakhstan electric power industry, have a tangible adverse impact on the environment. Thus, since there is a large number of various power projects that are sources of electromagnetic radiation, the environment is deteriorated. Hence, there is a need to optimise the efficiency of the organisation and management of production activities of energy companies, to create and implement new technologies, to ensure safe production and provide solutions to various environmental aspects. These are key strategic factors to ensure success of the modern energy sector of Kazakhstan. The contribution of authors in developing the scope of this subject is explained by the fact that there was not enough research in the energy sector, especially in the view of ecological modernisation. This work differs from similar works in Kazakhstan in the way that the proposed method of investment project calculation takes into account the time factor, which compares the current and future value of profit from the implementation of innovative equipment that helps to bring it to actual practise. The feasibility of writing this article lies in the need of forming a public policy in the industrial sector, including optimising the structure of energy disbursing rate, which complies with the terms of future modernised development of the domestic energy sector.

  • PDF

On Efficient Implementation of the Regeneration Projects for the Zones Vulnerable to Natural Disasters (자연재해위험지구 정비사업의 효율적인 추진방안 연구)

  • Kim, Seonguen;Cho, Woncheol;Lee, Taeshik;Shim, Jaehyun
    • Journal of Korean Society of societal Security
    • /
    • v.1 no.1
    • /
    • pp.45-51
    • /
    • 2008
  • The purpose of this study is to suggest some effective ways to implement the regeneration projects for the zones vulnerable to natural disasters which have been delayed due to shortage of the financial resources, and thereby complete the disaster prevention projects as early as possible and thus secure the financial resources for the projects continuously. For this purpose, the researcher reviewed the statutory grounds and designation procedures or the zones vulnerable to natural disasters, and thereupon, examined and analyzed the regeneration projects being implemented in Gyeonggi-do in view of contents by zone, history of damages, annual investment plans and financial resources for investments. In addition, the researcher examined the criteria for reserve of the disaster management fund and its uses and investigated the fund sources and expenditures and thereby, addressed the problems of the statutory reserve and suggested their solutions. All in all, the researcher suggested that the disaster management fund should be invested in regeneration projects for the zones vulnerable to natural disasters in order to remove the disaster risks earlier and that the uses of the fund should be adequately deregulated with a reserve fund ceiling system to secure the financial resources for the disaster prevention projects continuously.

  • PDF

A Case Study of Profit Optimization System Integration with Enhanced Security (관리보안이 강화된 수익성 최적화 시스템구축 사례연구)

  • Kim, Hyoung-Tae;Yoon, Ki-Chang;Yu, Seung-Hun
    • Journal of Distribution Science
    • /
    • v.13 no.11
    • /
    • pp.123-130
    • /
    • 2015
  • Purpose - Due to highly elevated levels of competition, many companies today have to face the problem of decreasing profits even when their actual sales volume is increasing. This is a common phenomenon that is seen occurring among companies that focus heavily on quantitative growth rather than qualitative growth. These two aspects of growth should be well balanced for a company to create a sustainable business model. For supply chain management (SCM) planners, the optimized, quantified flow of resources used to be of major interest for decades. However, this trend is rapidly changing so that managers can put the appropriate balance between sales volume and sales quality, which can be evaluated from the profit margin. Profit optimization is a methodology for companies to use to achieve solutions focused more on profitability than sales volume. In this study, we attempt to provide executional insight for companies considering implementation of the profit optimization system to enhance their business profitability. Research design, data, and methodology - In this study, we present a comprehensive explanation of the subject of profit optimization, including the fundamental concepts, the most common profit optimization logic algorithm -linear programming -the business functional scope of the profit optimization system, major key success factors for implementing the profit optimization system at a business organization, and weekly level detailed business processes to actively manage effective system performance in achieving the goals of the system. Additionally, for the purpose of providing more realistic and practical information, we carefully investigate a profit optimization system implementation case study project fulfilled for company S. The project duration was about eight months, with four full-time system development consultants deployed for the period. To guarantee the project's success, the organization adopted a proven system implementation methodology, supply chain management (SCM) six-sigma. SCM six-sigma was originally developed by a group of talented consultants within Samsung SDS through focused efforts and investment in synthesizing SCM and six-sigma to improve and innovate their SCM operations across the entire Samsung Organization. Results - Profit optimization can enable a company to create sales and production plans focused on more profitable products and customers, resulting in sustainable growth. In this study, we explain the concept of profit optimization and prerequisites for successful implementation of the system. Furthermore, the efficient way of system security administration, one of the hottest topics today, is also addressed. Conclusion - This case study can benefit numerous companies that are eagerly searching for ways to break-through current profitability levels. We cannot guarantee that the decision to deploy the profit optimization system will bring success, but we can guarantee that with the help of our study, companies trying to implement profit optimization systems can minimize various possible risks across various system implementation phases. The actual system implementation case of the profit optimization project at company S introduced here can provide valuable lessons for both business organizations and research communities.