• Journal of the Semiconductor & Display Technology
• /
• v.23 no.1
• /
• pp.36-47
• /
• 2024

The purpose of this study is to identify the factors that impact the user's intention to accept technology when Introducing new information security systems for the workers of a semiconductor company. The findings of this study were as follows. First, the factors of a company's information security systems, namely reliability, expertise, availability, security, and economic efficiency, all significantly and positively impacted performance expectations. Second, the performance expectation of introducing information security systems for a company significantly and positively impacted the intention to accept technology. Third, the social impact of introducing information security systems for a company had a significant and positive impact on technology acceptance intention. Fourth, the facilitating conditions for introducing a company's information security systems significantly and positively impacted technology acceptance intention. Fifth, as for the moderating effect of innovation resistance, the moderating effect was significant in the paths of [performance expectation -> technology acceptance intention], [social impact -> technology acceptance intention], and [facilitating conditions -> technology acceptance intention]. The implication of this study is that the factors to be considered when introducing information security systems were provided to companies that are the actors of their proliferation, providing the base data to lay the foundation for introducing security technologies and their proliferation.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2019.10a
• /
• pp.491-494
• /
• 2019

The results from the analysis of recent security breach cases of industrial control systems revealed that most of them were caused by the employees of a partner company who had been managing the control system. For this reason, the majority of the current company security management systems have been developed focusing on their performances. Despite such effort, many hacking attempts against a major company, public institution or financial institution are still attempted by the partner company or outsourced employees. Thus, the institutions or organizations that manage Industrial Control Systems (ICSs) associated with major national infrastructures involving traffic, water resources, energy, etc. are putting emphasis on their security management as the role of those partners is increasingly becoming important as outsourcing security task has become a common practice. However, in reality, it is also a fact that this is the point where security is most vulnerable and various security management plans have been continuously studied and proposed. A system that enhances the security level of a partner company with a Virtual Desktop Infrastructure (VDI) has been developed in this study through research on the past performances of partner companies stationed at various types of industrial control infrastructures and its performance outcomes were statistically compiled to propose an appropriate model for the current ICSs by comparing vulnerabilities, measures taken and their results before and after adopting the VDI.

• Korean Security Journal
• /
• no.34
• /
• pp.313-336
• /
• 2013

The purpose of this study is to derive an optimal regression model for occurrences of major crimes on a security company's stock price through identifying precedence of the occurrences of major crimes on the security company's stock price, relationship between the occurrences of major crimes and the security company's stock price. Followings are the results of this study. First, the occurrences of murder crime, robbery crime, rape crime, theft crime move along the security company's monthly stock price simultaneously, and the occurrence of violence crime precedes 6 months to the security company's monthly stock price depending on the results of cross-correlation analysis of precedence of occurrences of major crimes, such as murder crime, robbery crime, rape crime, theft crime, violence crime on the security company's monthly stock price. Second, the explanation of the occurrences of robbery crime, rape crime, theft crime on the security company's monthly stock price is 61.7%($R^2$ = .617) excluding murder crime, violence crime depending on the results of multiple regression analysis(stepwise method) by putting the occurrences of major crimes, such as murder crime, robbery crime, rape crime, theft crime, violence crime into the security company's monthly stock price.

• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.39 no.3
• /
• pp.18-29
• /
• 2016

For most organizations, a security infrastructure to protect company's core information and their technology is becoming increasingly important. So various approaches to information security have been made but many security accidents are still taking place. In fact, for many Korean companies, information security is perceived as an expense, not an asset. In order to change this perception, it is very important to recognize the need for information security and to find a rational approach for information security. The purpose of this study is to present a framework for information security strategies of companies. The framework classifies companies into eight types so company can receive help in making decisions for the development of information security strategy depending on the type of company it belongs to. To develope measures to classify the types of companies, 12 information security professionals have done brainstorming, and based on previous studies, among the factors that have been demonstrated to be able to influence the information security of the enterprise, three factors have been selected. Delphi method was applied to 29 security experts in order to determine sub items for each factor, and then final items for evaluation was determined by verifying the content validity and reliability of the components through the SPSS analysis. Then, this study identified characteristics of each type of eight companies from a security perspective by utilizing the developed sub items, and summarized what kind of actual security accidents happened in the past.

• Convergence Security Journal
• /
• v.15 no.3_2
• /
• pp.83-93
• /
• 2015

In this research, we used KOSPI, KOSDAQ and a stock price of Information Security related Company - S1, Ahnlab, Suprema, Raonscure and Igloosecurity. From August 2010 to July 2014, that is during 208 weeks(4 years), we had grasped index and stock price trend. Also we had attempted various Empirical analysis - Basic statistics of Security related Stock, Analysis of variance, Correlation analysis and Weekly Rate of Rise trends. The first purpose of this research is to see correlation between Security related Company and KOSPI, KOSDAQ. The second purpose of this research is to analyze whether stock items have investment value or not while watching features of flow of stock price per item. We expect possibility and merit of investment when we suppose Security industry's high potential to grow. It seems that Security related Company deserves to be invested. We expect investment for Security related Company that has high possibility of growing will create high yields compared to Market yields.

• Journal of Information Technology Services
• /
• v.23 no.1
• /
• pp.11-25
• /
• 2024

In the field of information security management systems, one of the representative certifications in Korea is ISMS-P certification, and internationally, ISO/IEC 27001 certification is recognized. When companies acquire both ISMS-P (or ISMS) and ISO/IEC 27001 certifications, budget and manpower are duplicated in similar areas. Therefore, it is necessary for the company to choose and invest in a certification that is suitable for its conditions. This paper proposes a strategy for obtaining information security management system certification that is suitable for the characteristics of the company, allowing for effective information security management based on the company's conditions. To achieve this, data were collected from the Ministry of Science and ICT's Information Security Disclosure System (ISDS), the Korea Internet & Security Agency (KISA), and the Financial Supervisory Service's Data Analysis, Retrieval and Transfer System (DART), and Probit regression analysis was conducted. During the Probit regression analysis, the relationships between seven independent variables and five cases of ISMS-P (or ISMS) acquisition, ISMS-P acquisition, ISMS acquisition, ISO/IEC 27001 acquisition, and both ISMS-P (or ISMS) and ISO/IEC 27001 acquisition were analyzed. The analysis results revealed the relationship between company characteristics, including industry, and certification acquisition in the ISMS field. Through this, strategies for certification acquisition based on company types could be suggested.

• Convergence Security Journal
• /
• v.15 no.4
• /
• pp.121-126
• /
• 2015

Exposure of personal information that is held by hacking accident near the company has led to severe water level. And, it has changed security threat elements generated according to businessenterprise. Therefore, in this paper, I looked at security threat elements and proposed the way of appropriate information security consulting according type of company. First, In the financial and insurance industries, and should not have been compromised by a worm virus infection due to lack of awareness inside of members, by collectively apply in the same way the internal security standards of the organization to members, the risk of customer information. It shall be provided in advance that the security accident occurs due to a higher job group. Therefore, information security consulting method based on people and information is applied. Secondly, in industry of company, to perform consulting information security based on the attributes of the case industry groups.

• Knowledge Management Research
• /
• v.21 no.3
• /
• pp.197-213
• /
• 2020

This study analyzed the impact of information security service company certification on financial performance. The purpose of this study was to analyze the effect of the "Information Security Service Certification Company" system from a financial point of view for information security service certified & non-certified companies, and listed & unlisted companies. From a financial point of view, performance analysis was conducted using two-way ANOVA on sales, operating profit, and profit rate. This study verified whether there is a difference in management performance between an information security service certified company and an uncertified company. In the financial performance indicators of sales, operating profit, and profit rate, the information security service certification system showed an impact on financial performance because the information security service certification company showed better management performance than the uncertified company. The implications of this study are that the empirical performance analysis from the financial point of view of the information security service certified company system can be used as a basis for negative regulatory policies to revitalize the information security industry in the future, contributing to the growth of information security companies with excellent growth potential.

• Korean Security Journal
• /
• no.10
• /
• pp.1-14
• /
• 2005

The concern of personal and social security has been increased all over the world with each passing day by the international terrorism and the domestic crime of violence grew gradually in the late of 70's and the early of 80's. The Security-Guard Industry, especially, has been growing rapidly by the starting from the 911 terror in 2001, therefore there has been increasing the supply and demand of Security Service in Korea explosively by the reasons, Actually, the Facilities Security Service is increased actively more than the VIP security Service among them. So, most of the Security-Guard Companies in Korea also have treated the Facilities Security Service at present. Although the importance of quality at the Facilities Security Service, especially mechanical equipments and systems, is on the rise, actually the studies about relations with the Service Quality and the Client's Satisfaction are quite insufficient at the field of Security-Guard Science study in the actual situation. As a result, the purposes of this study are to contribute for composing the knowledge of Security-Guard Science and to offer the basic data for elevating the Service Quality and Client's Satisfaction by consulting other studies. In order to achieve the purposes of this study, we compare and analyze how the Service Quality have affect on the difference of Client's Satisfaction by the client's characteristic of sociology and demography, then we find out the effect to the Service Quality for Client's Satisfaction, finally we try to show the vision of the Security-Guard Company's future in Korea. 1. How does the Service Quality of Security-Guard Company has affect on the characteristic of sociology and demography 2. How does the characteristic of sociology and demography in Security-Guard Company has affect on the Client's Satisfaction 3. How does the Service Quality of Security-Guard Company has affect on the Client's Satisfaction.

• Journal of the Korea Safety Management & Science
• /
• v.12 no.4
• /
• pp.1-11
• /
• 2010

The purpose of this study is, by recognizing that recently, as crimes using information and various adverse-effect phenomena such as hacking and virus occur frequently with rapid development of information network such as Internet in every field of industry, the range of security is widening to the field of industrial areas for preventing the leaking of industrial technology and protecting that technology as well as information security only limited to IT area, and by establishing common concept about industrial security through education on the industrial security at the point of increasing importance of industrial security, to prepare the base of comprehensive risk management system for protecting company's assets (physical factor, technical factor and managerial factor) safely from the random threats or attacks inside and outside the company through assessment of important assets of the company, evaluation of threats and weak points, and risk assessment by building industrial security management system in order to protect company's information assets and resources which are connected to the existence of the company safely from the threats or attacks from inside or outside the company and to spread stable business activities.