최소 단어 이상 선택하여야 합니다.
최대 10 단어까지만 선택 가능합니다.
다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
NTIS 바로가기Journal of Korean Society of Industrial and Systems Engineering = 한국산업경영시스템학회지, v.38 no.4, 2015년, pp.193 - 201
Corporation's valuable intelligent asset is being threatened from the skills of threatening subject that has been evolved along with the growth of the information system and the amount of the information asset. Domestically, attempts of various private information attacks, important information exto...
* AI 자동 식별 결과로 적합하지 않은 문장이 있을 수 있으니, 이용에 유의하시기 바랍니다.
핵심어 | 질문 | 논문에서 추출한 답변 |
---|---|---|
현직 직원들의 경우 정보를 유출하는 목적은 무엇이었는가? | 또한 경쟁사로 이직한 후에 전 직장동료였던 현직 직원들과 수시로 접촉하면서 직․간접적으로 기업 내 정보에 접근이 가능했기 때문에 고의적이든 무의식적이든 보안 사고를 일으키는 경우가 많았다. 현직 직원들의 경우에도 정보를 유출하는 방법은 비슷했는데, 대부분의 경우가 금전적인 유혹과 같은 개인의 영리를 목적으로 이루어졌다. 이것은 기본적으로 임직원들의 보안에 대한 인식이 낮기 때문에 일어나는 것이라고 예상할 수 있었다. | |
개인정보란 무엇인가? | 여기서 개인정보(Personal Data)라 함은 생존하는 개인에 관한 정보로서 성명․주민 등록 번호 등에 의하여 개인을 식별할 수 있는 정보(해당하는 정보만으로는 특정 개인을 식별할 수 없더라도 다른 정보와 용이하게 결합하여 식별할 수 있는 것을 포함)를 이야기 한다[27]. 영업 비밀(Trade Secret)은 공유된 공공의 정보를 기반으로 하지 않은 제조법, 도안, 데이터 수집방법 등 비즈니스에 사용되는 지적 생산품을 의미하는데, 일반적으로 알려지지 않았고 비밀로서 유지하기 위한 합리적인 노력의 대상이 되는 것을 의미한다[43]. | |
조직의 정보는 보호되어야 하고 알맞게 관리되어야 하는 배경은 무엇인가? | 갈수록 경쟁이 격화되는 오늘날 기업 환경 하에서 정보는 많은 조직들의 생명선과 같다. 그렇기 때문에 조직의 정보는 보호되어야 하고 알맞게 관리되어야 한다[4, 11, 32, 38]. |
Aljifri, H. and Navarro, D.S., International Legal Aspects of Cryptography. Computers and Security, 2003, Vol. 22, No. 3, pp. 196-203.
Announcement on National Industrial Security Center, NISC, 2015.
Besnard, D. and Arief, B., Computer security impaired by legitimate user. Computers and Security, 2004, pp. 253-264.
Bharadwaj, A. and Keil, M. and Mahring, M., Effects of Information Technology Failures on the Market Value of Firms. The Journal of Strategic Information Systems archive, 2009, Vol. 18, No. 2, pp. 66-79.
Brancheau, J.C., Janz, B.D., and Wetherbe, J.C., Key Issues in Information Systems Management : 1994-95 SIM Delphi Results. MIS Quarterly, 1996, Vol. 20, No. 2, pp. 225-242.
Broderick, J.S., Information Security Risk Management- When should it be Managed?. Information Security Technical Report, 2001, Vol. 6, No. 3, pp. 12-18.
Calder, A. and Van Bom, J., Implementing Information Security Based on ISO 27001/ISO 17799. Van Haren Publishing, 2006.
Cavusoglu, H. and Raghunathan, S., Economics of IT Security Management : Four Improvements to Current Security Practices. Communications of the Association for Information Systems, 2004, Vol. 14, No. 3.
Deloitte, Touche and Tohmatsu (2005). Global Security Survey, Available at : www.deloitte.com.
Dhillon, G. and Moores, S., Computer Crimes : Theorizing about the Enemy within. Computers and Security, 2001, Vol. 20, No. 8, pp. 715-723.
Doherty, N.F. and Fulford, H., Do Information Security Policies Reduce the Incidence of Security Breaches : An Exploratory Analysis. Information Resources Management Journal, 2005, Vol. 4, pp. 21-38.
Ettredge, M. and Richardson, V.J., Information Transfer among Internet Firms: the Case of Hacker Attacks. Journal of Information Systems, 2003, Vol. 17, No. 2, pp. 71-82.
Finne, T., Information Systems Risk Management : Key Concepts and Business Processes. Computer and Security; 2000, Vol. 19, No. 3, pp. 234-42.
Flint, D.J., Woodruff, R.B. and Gardial, S.F., Exploring the Phenomenon of Customers Desired Value Change in a Business-to-Business Context. Journal of Marketing, 2002, Vol. 66, pp. 102-117.
Hagen, J.M. and Albrechtsen et al., Implementation and Effectiveness of Organizational Information Security Measures. Information Management and Computer Security, 2008, Vol. 16, No. 4, pp. 377-397.
Halliday, S., Badenhorst, K., and von Solms, R., A Business Approach to Effective Information Technology Risk Analysis and Management. Information Management and Computer Security, 1996, Vol. 4, No. 1, pp. 19-31.
Hawkins, S. and Yen, D.C., Awareness and Challenges of Internet Security. Information Management and Computer Security, 2000, Vol. 8, No. 3, pp. 131-143.
Hu, Q., Hart, P., and Cooke, D., The Role of External and Internal Influences on Information Systems Security Practices : An Institutional Perspective. The Journal of Strategic Information Systems Archive, 2006, Vol. 16, No. 2, pp. 153-172.
Information Security Specialist's CISSP Note, 2012.
Jahner, S. and Krcmar, H., Beyond Technical Aspects of Information Security : Risk Culture as a Success Factor for IT Risk Management, AMCIS 2005 Proceedings, 2005, p. 462.
Karyda, M., Kiountouzis, E., and Kokolakis, S., Information security policies : a contextual perspective. Computers and Security, 2005, pp. 246-260.
Korea Communications Commission Report, A Fact-Finding on Leak Out of Personal Data, KCC, 2015.
Kotulic, A.J. and J.G. Clark, Why There aren't more Information Security Research Studies. Information and Management, 2004, Vol. 41, No. 5, pp. 597-607.
Lebek, B., Degirmenci, K., and Breitner, M.H., Investigating the Influence of Security, Privacy, and Legal Concerns on Employees Intention to Use BYOD Mobile Devices, Proceedings of the Nineteenth Americas Conference on Information Systems, Chicago, Illinois, 2005, pp. 15-17.
Lee, A.S., Retrospect and Prospect : Information Systems Research in the Last and Next Twenty-Five Years. Journal of Information Technology, 2010, Vol. 25, No. 4, pp. 336-348.
Lewis, A., Time to Elevate IT Security to the Boardroom. e Secure, 2000, Vol. 1, No. 1, p. 28.
Lohmeyer, D.F., McCrory, J., and Pogreb, S., Managing Information Security, The McKinsey Quarterly, Special Edition : Risk and Resilience, 2002, Vol. 2, pp. 12-16.
National Defense Science and Technology Vocabulary, 2011.
National Institute of Standards and Technology, An Introduction to Computer Security : The NIST Handbook, Special Publication, 2000, pp. 800-12.
NIST, Information Security Handbook : A Guide for Managers, 2006.
Peppard, J., The Conundrum of IT Management. European Journal of Information Systems, 2007, pp. 336-345.
Pfhleeger, C.P., Security in Computing, Second edn, Prentice Hall, United States of America, 1997.
Posthumus, S. and Von Solms, R., A Framework for the Governance of Information Security. Computers and Security, 2004, Vol. 23, No. 8, pp. 638-646.
Ransbotham, S. and Mitra, S., Choice and Chance : A Conceptual Model of Paths to Information Security Compromise. Information Systems Research, 2009, Vol. 20, No. 1, pp. 121-139.
Sarker, S., Lau, F., and Sahay, S., Using an Adapted Grounded Theory Approach for Inductive Theory Building About Virtual Team Development. DATA BASE for Advances in Information Systems, 2001, Vol. 2, No. 1, pp. 38-56.
Smith, E., Kritzinger, E., Oosthuizen, H.J., and Von Solms, S.H., Information Security Education, in Proceedings of the WISE 4 Conference, Moscow, Russia, 2004.
Son, J.Y. and Benbasat, I., Organizational Buyer's Adoption and Use of B2B Electronic Marketplace : Efficiency and Legitimacy-Oriented Perspectives. Journal of Management Information Systems, 2007, Vol. 24, No. 1, pp. 55-99.
Spears, J.L. and Barki, H., User Participation in Information Systems Security Risk Management. MIS Quarterly, 2010, pp. 503-522.
Squara, D., LAN Security will become a Priority in the Networks of Tomorrow. Available at: http://itweb.co.za. 29, 2000.
Stiles, P. and Taylor, B., Boards at work : How directors view their roles and responsibilities. Oxford : Oxford University Press, 2001.
Straub, D. and Welke, R., Coping with Systems Risk : Security Planning Models for Management Decision Making. MIS Quarterly, 1998, Vol. 22, No. 4, pp. 441-469.
The 9th Korean Standard Industrial Classification, 2007.
Thomson, M.E. and Von Solms, R., Information Security Awareness : Educating Your Users Effectively. Information Management and Computer Security, 1998, Vol. 6, No. 4, pp. 167-173.
Unfair Competition Prevention and Business Secret Protection Law, 2007.
Vidgen, R. and Wang, X., Coevolving Systems and the Organization of Agile Software Development. Information Systems Research, 2009, Vol. 20, No. 3, pp. 355-376.
Von Solms, R. and Von Solms, S.H., From policies to culture. Computers and Security, 2004, Vol. 23, No. 4, pp. 275-279.
Von Solms, S.H., Information Security Management through Measurement, in Prodeedings of the SEC99 conference, Johannesburg, South-Africa, 1999.
Whiteman, W. and Mattord, H.J., Principles of Information Security, Thomson-Course Technology, Canada, 2003.
Wood, C.C., Why Information Security is Now Multi- Disciplinary, Multi-Departmental, and Multi-Organizational in Nature. Computer Fraud and Security, 2004, No. 1, pp. 16-17.
*원문 PDF 파일 및 링크정보가 존재하지 않을 경우 KISTI DDS 시스템에서 제공하는 원문복사서비스를 사용할 수 있습니다.
Free Access. 출판사/학술단체 등이 허락한 무료 공개 사이트를 통해 자유로운 이용이 가능한 논문
※ AI-Helper는 부적절한 답변을 할 수 있습니다.