Skip to main content
Fachgebiete
Automobil + Motoren Bauwesen + Immobilien Business IT + Informatik Elektrotechnik + Elektronik Energie + Nachhaltigkeit Finance + Banking Management + Führung Marketing + Vertrieb Maschinenbau + Werkstoffe Versicherung + Risiko
DE
EN
Themenseiten
Organisationspsychologie Projektmanagement Marketing Smart Manufacturing
Bücher
Zeitschriften
Weitere Formate
Podcasts Webinare Technik Webinare Wirtschaft Kongresse Veranstaltungskalender Awards
Jetzt Einzelzugang starten
Zugang für Unternehmen
Referenzkunden
ATZ-Fachkongress

Chassis.tech plus 2024


4 Kongresse in einer Veranstaltung

Treffen Sie in München die Fachleute von Chassis, Lenkung, Bremsen sowie Reifen/Räder.
Erweiterte Suche
Anmelden
nach oben
Erschienen in:
Does Query Blocking Improve DNS Privacy? Kapitel lesen Erstes Kapitel lesen

2017 | OriginalPaper | Buchkapitel

Development of Information Security Management Assessment Model for the Financial Sector

verfasst von : Eun Oh, Tae-Sung Kim, Tae-Hee Cho

Erschienen in: Information Security Applications

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

This study integrates the representative information security certification systems such as ISMS, PIMS and PIPL in order to improve efficiency of information security management. It also suggests information security management assessment model for the financial sector by incorporating new control items derived from laws and regulations related to financial IT and information security into the integration model of information security certifications to reflect characteristics of financial industry. The findings have significance in that they solve problems related to duplication of previous information security certification systems and suggest the orientation of information security management system for financial industry enhancing the organizations’ ability to cope with security accidents. Moreover, the suggested methodology can be used in study on systematic and specific information security management standard for each industry.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Jetzt informieren
Vorheriges Kapitel Empirical Analysis of SSL/TLS Weaknesses in Real Websites: Who Cares?
Nächstes Kapitel A Practical Approach to Constructing Triple-Blind Review Process with Maximal Anonymity and Fairness
Literatur
1.
Jung, C.Y.: Financial authority’s policy and financial institution’s response on the latest financial information security related incidents. Credit Union Research, no. 63, pp. 45–82 (2014)
2.
Seo, D.J., Kim, T.S.: Influence of personal information security vulnerabilities and perceived usefulness on bank customers “willingness to stay”. J. Korean Inst. Commun. Sci. 40(8), 1577–1587 (2015)
3.
Goodhue, D.L., Straub, D.W.: Security concerns of system users: a study of perceptions of the adequacy of security. Inf. Manage. 20(1), 13–27 (1991)CrossRef
4.
Humphreys, E.: Information security management standards: Compliance, governance and risk management. Inf. Secur. Techn. Report 13(2), 247–255 (2008)CrossRef
5.
6.
Oh, E., Kim, T.S., Cho, T.H.: Improvement of the certification model for enhancing information security management efficiency for the financial sector. J. Korea Inst. Inf. Secur. Cryptology 26(2), 541–550 (2016)CrossRef
7.
Enforcement Decree of the Electronic Financial Transactions Act
8.
Enforcement Decree of Use and Protection of Credit Information Act
9.
Kim, G.A.: Analysis on the status of ISMS certification acquisition in financial industry …last year, only 15 security companies. The Boannews, 22 January 2015
10.
Mun, H.J., Kim, K.S., Um, N.K., Li, Y.Z., Lee, S.H.: Effective access control mechanism for protection of sensitive personal information. J. Korean Inst. Commun. Sci. 32(7), 667–673 (2007)
11.
Kang, H.S.: An analysis of information security management system and certification standard for information security. J. Secur. Eng. 11(6), 455–468 (2014)CrossRef
12.
13.
Park, J.E.: Financial security institute, start to issue ISMS certification. The Electronic Times, 13 December 2015
14.
Lee, J.H., Park, M.H., Jung, S.W.: OTP-based transaction verification protocol using PUFs. J. Korean Inst. Commun. Sci. 38(6), 492–500 (2013)
15.
Korea Internet & Security Agency, Information Security Management System (ISMS) certification guideline (2013)
16.
17.
Korea Internet & Security Agency, Personal Information Management System (PIMS) certification guideline (2010)
18.
Randazzo, M.R., Keeney, M., Kowalski, E.: Insider threat study: Illicit cyber activity in the banking and finance sector, U.S. Secret Service and CERT Coordination Center, Technical report (2004)
19.
Yim, M.S., Jeong, T.S., Lee, J.M.: A suggestion for information security awareness of finance firms. J. Secur. Eng. 11(6), 479–498 (2014)CrossRef
20.
National Information Society Agency, Personal Information Protection Level (PIPL) guideline (2015)
21.
Yeh, Q.J., Chang, A.J.T.: Threats and countermeasures for information system security: a cross-industry study. Inf. Manage. 44(5), 480–491 (2007)CrossRef
22.
Regulation on Supervision of Credit Information Business
23.
Regulation on Supervision of Electronic Financial Activities
24.
Park, S.Y.: Cards company still turns away ISMS certification. The Digital Times, 19 January 2015
25.
Use and Protection of Credit Information Act
26.
Metadaten
Titel
Development of Information Security Management Assessment Model for the Financial Sector
verfasst von
Eun Oh
Tae-Sung Kim
Tae-Hee Cho
Copyright-Jahr
2017
Buch
Information Security Applications

Print ISBN: 978-3-319-56548-4

Electronic ISBN: 978-3-319-56549-1

Copyright-Jahr: 2017

DOI
https://doi.org/10.1007/978-3-319-56549-1_16

Premium Partner

    Bildnachweise