Journal of Convergence for Information Technology (융합정보논문지)

Convergence Society for SMB (중소기업융합학회)
권호 표지
DOI QR코드

DOI QR Code

Concern and Prediction for Future Information Security expected by IT Executives

IT 실무자들이 전망하는 미래 정보보안의 우려와 예측

  • Kim, Tae-Yang (Division of Software Security, Korea University)
  • 김태양 (고려대학교 소프트웨어보안학과)
  • Received : 2018.09.27
  • Accepted : 2018.12.20
  • Published : 2018.12.31
Download PDF
⟨ Previous Next ⟩

Abstract

In this paper, we review the security issues reported by the organizations every year and analyze the similarities and differences with the concerns that the practitioners engaged in the IT environment are concerned about the necessary security matters. Interviews and questionnaires were collected for practitioners working in various IT work environments such as government agencies, financial companies, general companies, airlines, etc. to gather their opinions on the concerns of future information security. We analyzed the collected opinions and derived key keywords. The results should be compared with the security issue keywords or statistical data reported by the security companies or related organizations in the first half and the second half of each year to find common security trends and to analyze the differences and supplement them I checked whether there was any danger. We will comprehensively analyze key security issues reported by security companies and information security related organizations and future security concerns predicted by IT practitioners to prepare for the security threats of the current era of the fourth industrial revolution.

본 논문에서는 매년 기관에서 보도된 보안이슈 내용을 살펴보고 IT 환경에서 종사하는 실무자들이 업무를 진행하면서 필요한 보안사항이라고 우려한 사항들과의 공통점과 차이점에 대해 분석하고자 한다. 정부기관, 금융업, 일반 기업, 항공사 등 다양한 IT 업무 환경에서 종사하는 실무자를 대상으로 미래 정보보안 관점에서의 우려 사항이 무엇인지 직접 인터뷰 및 설문조사를 하여 의견을 수집했다. 수집된 의견을 분석하여 핵심 키워드를 도출했다. 도출된 결과를 매년 상반기와 하반기 시점에 보안업체나, 정보보호와 관련된 기관들이 보도하는 당해 보안이슈 키워드나 통계자료와 비교하여 공통으로 고려되는 보안 동향을 발견하고 차이점을 분석하여 추가로 보완해야 할 위험사항은 없는지 살펴보았다. 보안업체나, 정보보호와 관련된 기관들에서 보도된 주요 보안이슈와 IT 실무자들이 예측하는 미래의 보안 우려 사항을 종합적으로 분석하여 발견된 보완점을 현존하는 4차 산업혁명 시대의 보안위협에 대비하고자 한다.

Keywords

JKOHBZ_2018_v8n6_117_f0001.png 이미지

Fig. 1. Analytical methodology

JKOHBZ_2018_v8n6_117_f0002.png 이미지

Fig. 2. Results of future information security concerns surveyed in 2017

JKOHBZ_2018_v8n6_117_f0003.png 이미지

Fig. 3. Comparison of security concerns between KISA and IT executives in 2017

JKOHBZ_2018_v8n6_117_f0004.png 이미지

Fig. 4. Comparison of security concerns between FSI and IT executives in 2017

JKOHBZ_2018_v8n6_117_f0005.png 이미지

Fig. 5. Results of future information security concerns surveyed in 2018

JKOHBZ_2018_v8n6_117_f0006.png 이미지

Fig. 6. Comparison of security concerns between KISA and IT executives in 2018

JKOHBZ_2018_v8n6_117_f0007.png 이미지

Fig. 7. Comparison of security concerns between FSI and IT executives in 2018

JKOHBZ_2018_v8n6_117_f0008.png 이미지

Fig. 8. Comparing main Keywords of Future Information Security Concerned by Organizations and IT Practitioners

References

  1. S. Sagiroglu & D. Sinanc. (2013, May). Big data: A review. In Collaboration Technologies and Systems (CTS). 2013 International Conference on. (pp. 42-47). IEEE.
  2. I. A. T. Hashem, I. Yaqoob, N. B. Anuar, S. Mokhtar, A. Gani, & S. U. Khan. (2015). The rise of "big data" on cloud computing: Review and open research issues. Information Systems, 47, 98-115. https://doi.org/10.1016/j.is.2014.07.006
  3. D. Puthal, S. Nepal, R. Ranjan & J. Chen. (2016). Threats to networking cloud and edge datacenters in the internet of things. IEEE Cloud Computing, 3(3), 64-71. https://doi.org/10.1109/MCC.2016.63
  4. L. Xu, C. Jiang, J. Wang, J. Yuan & Y. Ren. (2014). Information security in big data: privacy and data mining. IEEE Access, 2, 1149-1176. https://doi.org/10.1109/ACCESS.2014.2362522
  5. Nick Carr. (2017). Cyber Espionage is Alive and Well: APT32 and the Threat to Global Corporations. FireEye. https://www.fireeye.com/blog/threat-research/2017/05/cyber-espionage-apt32.html
  6. E. David. (2017). IT threat evolution Q1. Kasperskylab. https://securelist.com/it-threat-evolution-q1-2017/78452/
  7. E. David. (2017). IT threat evolution Q2. Kasperskylab. https://securelist.com/it-threat-evolution-q2-2017/79354/
  8. D. Gray. (2018). IBreaking Down the Rapidly Evolving GandCrab Ransomware. McAfeelab. https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/gandcrab-ransomware/
  9. A. Rehman & T. Saba. (2014). Evaluation of artificial intelligent techniques to secure information in enterprises. Artificial Intelligence Review, 42(4), 1029-1044. https://doi.org/10.1007/s10462-012-9372-9
  10. D. Gary. (2018). Breaking Down the Rapidly Evolving GandCrab Ransomware. McAfeelab. https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/gandcrab-ransomware/
  11. R. Richardson & M. North. (2017). Ransomware: Evolution, mitigation and prevention. International Management Review, 13(1), 10-21.
  12. R. Roman, J. Lopez, & M. Mambo. (2018). Mobile edge computing, fog et al.: A survey and analysis of security threats and challenges. Future Generation Computer Systems, 78, 680-698. https://doi.org/10.1016/j.future.2016.11.009
  13. J. L. Tsai & N. W. Lo. (2015). A privacy-aware authentication scheme for distributed mobile cloud computing services. IEEE systems journal, 9(3), 805-815. https://doi.org/10.1109/JSYST.2014.2322973
  14. KISA. (2017). Prospects for Top 10 Information Protection Issues in 2017. Korea Internet & Security Agency. http://www.kisa.or.kr/public/library/etc_View.jsp?regno=022280&searchType=&searchKeyword=&pageIndex=1
  15. Financial Security Institute. (2017). The Forecast of the Top 10 Financial IT Security Issues in 2017. http://www.fsec.or.kr/user/bbs/fsec/42/312/bbsDataView/696.do?page=1&column=bbsDataTitle&search=2017&searchSDate=&searchEDate=&bbsDataCategory=
  16. KISA. (2018). Prospects for Top 10 Internet Issues in 2018. Korea Internet & Security Agency. http://www.kisa.or.kr/public/library/etc_View.jsp?regno=0011859&searchType=&searchKeyword=&pageIndex=1
  17. Financial Security Institute. (2018). The Forecast of the Top 10 Financial IT Security Issues in 2018. Financial Security Institute. http://www.fsec.or.kr/user/bbs/fsec/42/312/bbsDataView/968.do?page=1&column=bbsDataTitle&search=2018&searchSDate=&searchEDate=&bbsDataCategory=