논문 상세보기

기업 정보보안 전략 수립을 위한 보안 사고 유형 분류에 관한 연구 KCI 등재

A Study on Categorization of Accident Pattern for Organization’s Information Security Strategy Establish

  • 언어KOR
  • URLhttps://db.koreascholar.com/Article/Detail/319935
구독 기관 인증 시 무료 이용이 가능합니다. 4,000원
한국산업경영시스템학회지 (Journal of Society of Korea Industrial and Systems Engineering)
한국산업경영시스템학회 (Society of Korea Industrial and Systems Engineering)
초록

Corporation’s valuable intelligent asset is being threatened from the skills of threatening subject that has been evolved along with the growth of the information system and the amount of the information asset. Domestically, attempts of various private information attacks, important information extortion, and information damage have been detected, and some of them have abused the vulnerability of security of information system, and have become a severe social problem that generates security incident. When accessing to the security, most of companies used to establish a strategy with a consistent manner and a solution plan. However, this is not a proper way. The order of priorities vary depending on the types of business. Also, the scale of damage varies significantly depending on the types of security incidents. And method of reaction and critical control point vary depending on the types of business and security incidents. In this study, I will define the security incidents by their types and preponderantly examine how one should react to those security incidents. In this study, analyzed many types of security accidents that can occur within a corporation and an organization considering various factors. Through this analysis, thought about factors that has to be considered by corporations and organizations when they intend to access to the information security. This study focuses on the response methodology based on the analysis of the case analysis of the leakage of industrial secret and private secret other than the conceptual response methodology that examines the way to prevent the leakage of the industry security systems and the industry information activities. And based on these factors, want to be of help for corporations to apply a reasonable approach when they establish a strategy to information security.

목차
1. 서 론
 2. 정보보안 사고 사례 분석
  2.1 유출정보 유형별 분석 결과
  2.2 산업 분야별 분석 결과
  2.3 보안사고 주체별 분석 결과
  2.4 정보유출 방법에 따른 분석 결과
 3. 산업 분야별 사고 사례 종합
 4. 결 론
 References
저자
  • 김희올(한양대학교 일반대학원 경영컨설팅학과) | Hee-Ohl Kim
  • 백동현(한양대학교 경상대학 경영학부) | Dong-Hyun Baek Corresponding Author