• Asia pacific journal of information systems
• /
• v.22 no.1
• /
• pp.53-77
• /
• 2012

Financial firms, especially large scaled firms such as KB bank, NH bank, Samsung Card, Hana SK Card, Hyundai Capital, Shinhan Card, etc. should be securely dealing with the personal financial information. Indeed, people have tended to believe that those big financial companies are relatively safer in terms of information security than typical small and medium sized firms in other industries. However, the recent incidents of personal information privacy invasion showed that this may not be true. Financial firms have increased the investment of information protection and security, and they are trying to prevent the information privacy invasion accidents by doing all the necessary efforts. This paper studies how effectively a financial firm will be able to avoid personal financial information privacy invasion that may be deliberately caused by internal staffs. Although there are several literatures relating to information security, to our knowledge, this is the first study to focus on the behavior of internal staffs. The big financial firms are doing variety of information security activities to protect personal information. This study is to confirm what types of such activities actually work well. The primary research model of this paper is based on Theory of Planned Behavior (TPB) that describes the rational choice of human behavior. Also, a variety of activities to protect the personal information of financial firms, especially credit card companies with the most customer information, were modeled by the four-step process Security Action Cycle (SAC) that Straub and Welke (1998) claimed. Through this proposed conceptual research model, we study whether information security activities of each step could suppress personal information abuse. Also, by measuring the morality of internal staffs, we checked whether the act of information privacy invasion caused by internal staff is in fact a serious criminal behavior or just a kind of unethical behavior. In addition, we also checked whether there was the cognition difference of the moral level between internal staffs and the customers. Research subjects were customer call center operators in one of the big credit card company. We have used multiple regression analysis. Our results showed that the punishment of the remedy activities, among the firm's information security activities, had the most obvious effects of preventing the information abuse (or privacy invasion) by internal staff. Somewhat effective tools were the prevention activities that limited the physical accessibility of non-authorities to the system of customers' personal information database. Some examples of the prevention activities are to make the procedure of access rights complex and to enhance security instrument. We also found that 'the unnecessary information searches out of work' as the behavior of information abuse occurred frequently by internal staffs. They perceived these behaviors somewhat minor criminal or just unethical action rather than a serious criminal behavior. Also, there existed the big cognition difference of the moral level between internal staffs and the public (customers). Based on the findings of our research, we should expect that this paper help practically to prevent privacy invasion and to protect personal information properly by raising the effectiveness of information security activities of finance firms. Also, we expect that our suggestions can be utilized to effectively improve personnel management and to cope with internal security threats in the overall information security management system.

• Journal of the Economic Geographical Society of Korea
• /
• v.17 no.1
• /
• pp.45-68
• /
• 2014

This research addressed improvement directions and problems of regional science and technology(S&T) policies in Daegu and Gyungbuk regions in terms of 'Creative Economy' which was a new paradigm of Park Gunhye Government. Creative Economy stressed the construction of an ecosystem in regional research and development activities, and thus it was deeply associated with building a regional innovation system(RIS). There were several problems to strengthen RIS with regional S&T policies of the regions as follows: limits in meeting regional needs due to excessive attraction of central government's projects into regions; the high ratio of programs for future basic research potentials; the lack of programs assessing and coordinating the policies; and the lack of experiences and expenditure of research institutes and firm supporting organizations. Due to these problems, the role of the policies in building RIS did not seem to be effective. Therefore, the policies need to be improved through the following measures: the expansion of regional own policies focusing regional needs; the enhancement of policy coordination by shifting to systematic approach; the expansion of soft supporting programs for constructing innovation systems; and the enhancement of stability and ability of research institutes and firm supporting organizations.

• International Area Studies Review
• /
• v.16 no.1
• /
• pp.29-52
• /
• 2012

This study investigates the relationship between corporate social responsibility and corporate governance among major US corporations belonging to S&P 500 index during 2000-2008. Specifically, it examines the ways in which firms engage their boards of directors in integrated strategy by establishing a public affairs(PA) or social responsibility(SR) committee at the board level and the effects of this practice on their corporate social performance(CSP). The empirical findings show that negative CSP is the major driver for establishing such a committee, that is, firms suffering from negative CSP as a result of experiencing undesirable social events tend to establish such a committee. On the other hand, such a committee helps the firm increase positive CSP once it is established. In other words, the purpose of establishing such board-level committees is to address problems associated with negative CSP, and once established, they can help enhance positive CSP by enabling the firm to integrate market, non-market, and social responsibility aspects in strategy formulation more effectively. This is evidence that Baron's integrated strategy framework can help firms achieve tangible outcomes.

• Korean Security Journal
• /
• no.22
• /
• pp.37-64
• /
• 2010

Since the September 11, 2001, the motives and objectives of terrorism that have been targeted at hard targets such as key national facilities have now shifted towards soft targets such as subways, department stores, and tourist hotels; the attacks on these soft targets are steadily increasing. Simultaneous, unconventional, and indiscriminate terrorist attacks on civilians has also increased. In November, 2010, nearly forty states of the G20 and B20 (Business 20) will join in international summits to be hosted in Seoul. This coming July, an additional 350 troops will be deployed to Afghanistan for the sustainment of public security. Such events are sensitive topics, and there is the possibility of terrorist movement. Korea has successfully hosted various international events such as the APEC and ASEM Summits, and the 2002 Korea-Japan World Cup. The experiences from these events must be applied to ensure the safety of public facilities against the dangers of terrorism. First, counter-terrorism center must be established for the long-term, above the General Officer level to ensure the safety and efficiency of multilateral, international summits, as well as promoting policies and legislation aimed at preventing terrorism. Second, a terrorist threat management system must be secured and safety measures must be emphasized. Third, a fundamental structure must be established for the prevention of terrorism on public facilities, as well as legal and government action against the new threat of IED. Fourth, the police and fire fighting networks' must have a firm rapid response posture on the scene of an attack. Fifth, the state of mentality on the recognition of terrorist threats must be changed and restructured by promoting to and educating the population. Sixth, prevention measures must be established via research and academia. Seventh, for the guarantee of security in public facilities, safety management should employ cutting edge technology such as the 3D SICS and further develop and apply such technology. All methods and resources must be fully utilized for the establishment and strengthening terrorism prevention measures.

• Asia-Pacific Journal of Business Venturing and Entrepreneurship
• /
• v.15 no.2
• /
• pp.221-234
• /
• 2020

The role of entrepreneurship has become important for the continuous growth (scale-up) of companies in a rapidly changing economic environment. However, research has focused mainly on business-oriented growth that emphasizes efficiency only. However, in the era of the fourth industrial revolution, people have become more important than corporate efficiency. In particular, there are few studies on SMEs. The purpose of this study is to investigate how the characteristics of human - centered organizational culture affects the business ecosystem and firm excellence of SMEs, and how business ecosystem and firm excellence affect the performance of corporations. Therefore, this study focuses on the empathy, enablement, empowerment, and engagement of the corporate culture characteristics of the enterprise and the effects of the independent variables on the business ecosystem and the flower excellence as the parameters and the business ecosystem and company excellence. The main research subjects are the causality analysis that examines the effects on the management performance. The results of the study are as follows. Empathy, enablement, empowerment, engagement have a significant impact on the business ecosystem. In addition, the engagement have a positive effect on firm excellence. The results of empirical studies on the causal relationship between business ecosystem, corporate competence, and company excellence and business performance show that business ecosystem has no statistically significant effect on business performance. Corporate excellence has a significant effect on business performance Respectively. In addition to the above findings, this study can suggest the following implications. First, it is an empirical study of small and medium-sized enterprises (SMEs) by utilizing people-oriented entrepreneurship in addition to existing research. Small and medium-sized enterprises (SMEs) are expected to have lower perceptions of people-oriented management than large corporations or public institutions, but the analysis shows that people-centered entrepreneurship has a significant impact on the business ecosystem. Second, the research results of the serial multiple mediating effect analysis show that the higher the atmosphere of entrepreneurship in a company, the higher the atmosphere of entrepreneurship, and the parameters of business ecosystem and company excellence in the effect of people-oriented entrepreneurship on management performance. It is that the path through which people-oriented entrepreneurship influences management performance was verified by verifying the mediating effect by inputting. Lastly, it is hoped that research on people-oriented entrepreneurship in Korea's SMEs will be activated, providing a theoretical basis for transforming SMEs' business models into innovative types.

• Korean Security Journal
• /
• no.6
• /
• pp.47-65
• /
• 2003

In Korea, Private security companies has steadily grown and amounts to 2,051 places as of November 30, 2002. Private security in korea is carrying out firm name role assignment to have held the police and public peace environment change factors for a standard faithfully, and protects social a little property that is a basic purpose, and it is spare no efforts in loss prevention. In spite of numeral increase of private security companies, private security companies have many problem. Moreover, they mostly did not have any remarkable in-house expertises in their own business under tough conditions. Under the unfavorable circumstances including insufficient investment and education in private security guard, there have been actually little further studies on private security business in practices. So this study mainly focused on addressing the installation security business managed by authorized companies, which amount to 96%(1,963 companies) of total 2,051 domestic security companies. Furthermore, the study formulated and modeled a series of business procedures in private security companies. A series of business procedures of private security companies can be modeled as follows : Setting of a business scope and aim market ${\Rightarrow}$ Marketing, Contact from customers(On-line or Off-line) ${\Rightarrow}$ Diagnosis of security target ${\Rightarrow}$ Submission of security operational plan ${\Rightarrow}$ Estimation of security operational plan ${\cdot}$ decision ${\Rightarrow}$ Contract ${\Rightarrow}$ Employment, selection of security guards ${\Rightarrow}$ Nomination of security guard instructors ${\Rightarrow}$ Education & training of security guards ${\Rightarrow}$ subscribe to insurance of damage liability ${\Rightarrow}$ Commitment and placement of security guards ${\Rightarrow}$ Establishment and preparation of security planning ${\Rightarrow}$ Field management and procurement of relevant security service.

• Journal of Digital Convergence
• /
• v.18 no.6
• /
• pp.17-32
• /
• 2020

This study analyzes the regulatory issues of stakeholders, the firm, the government, and the individual, in the data industry using the principal-agent theory. While the importance of data driven economy is increasing rapidly, policy regulations and restrictions to use data impede the growth of data industry. We applied descriptive case analysis methodology using principal-agent theory. From our analysis, we found several meaningful results. First, key policy actors in data industry are data firms and the government among stakeholders. Second, two major concerns are that firms frequently invade personal privacy and the global companies obtain monopolistic power in data industry. This paper finally suggests policy and strategy in response to regulatory issues. The government should activate the domestic agent system for the supervision of global companies and increase data protection. Companies need to address discriminatory regulatory environments and expand legal data usage standards. Finally, individuals must embody an active behavior of consent.

• Journal of the Korea Convergence Society
• /
• v.7 no.6
• /
• pp.237-247
• /
• 2016

This study analyzed quantitative effects of ISMS certification. To measure the company value change the stock data was used and the methodology of event study was also applied. Event study methodology is a method of analyzing the effects of information or public announcement about certain events on the stock market through abnormal return of stock price. First, ISMS certification was acquired followed by the measurement of abnormal excess return of company. Based on the increase or decrease of abnormal excess return, the group was classified. There are 3 types of groups("Increase", "Reduce", "Maintain"). Next, the cluster analysis was performed for each group. Cluster analysis or clustering is the task of grouping a set of objects in such a way that objects in the same group (called a cluster) are more similar (in some sense or another) to each other than to those in other groups(clusters). The purpose of this study is to have a quantitative measurement of performance of ISMS certification. So, the result of this study will be promoted a company's ISMS certification acquisition. And it would further be beneficial to your company's information security activities.

• Journal of Information Technology Services
• /
• v.10 no.4
• /
• pp.171-189
• /
• 2011

KAs information and knowledge are increasingly becoming more important in the knowledge-driven society, knowledge management, as a very important management paradigm, is securing firm position in private and public sectors. Complying with this paradigm, government-funded research institutes in science-technology sector are actively utilizing knowledge management by employing knowledge management system and evaluating its applications' performance. The purpose of this study is to develop evaluation items and measurement indices to rationally measure knowledge management performance of the government-funded research institutes and to verify the feasibility of applying these evaluation items and indices. To achieve this research goal, the evaluation model of knowledge management performance was constructed by reviewing and integrating the existing studies, and subsequently, evaluation areas, evaluation items, measurement indices were derived from this evaluation model. Also, the feasibility analysis on the evaluation items and measurement indices was performed by means of FGI(Focus Group Interview) with the knowledge management experts belonging to Korean government-funded institutions in science-technology sector. The implications of this study are as follows : in theoretical perspective, this study has proposed a criterion frame to evaluate knowledge management performance, and has rationally drawn evaluation items and measurement indices from the criterion frame. And in practical perspective, this study has improved the validity and practicality of the measurement indices, which can lead to more reasonable and easier evaluation of knowledge management performance of the government-funded research institutes.

• Asia-Pacific Journal of Business Venturing and Entrepreneurship
• /
• v.6 no.4
• /
• pp.173-194
• /
• 2011

This paper analyzes quantitative economic effect of accuracy improvement in location based services. This analysis is motivated from the situation that Korea Communications Commission is preparing the notification for 'location accuracy standard.' The analysis includes three level of impacts. Firm level analyzes the impact on revenue of firms. Social level additionally includes consumers' surplus in LBS industry. Lastly, economywide level includes ripple effects to another industries, which uses input-output analysis. The result of analysis shows that the economic value reaches to considerable amount and cost-benefit ratio is considerably high. The consumers' surplus is much larger than revenue increase. This result supports the intuition that many of location based services are for public interest and that the services have much externalities among firms and consumers. This means that the role of government is very important in the execution of accuracy improvement.