정보사회의 불확실성 관리를 위한 정책 논리와 대응: 정보보안사고의 유형화와 대응책

Most researches regarding information security underline technological factors in discussing information mis-use and system vulnerability. Technological advance in mitigating security incidents is a critical component. However, legal system, organizational preparedness, managerial framework, and individual awareness for information security should go in parallel with hardware-based measures. This study highlights the society-wide effort for information security as policy responses to manage uncertainty in information society. Historical data on security incidents reported by US. public organizations are reviewed. Incidents are categorized into 3 groups with consideration of frequency. Research findings provide a policy framework for reducing security incidents and managing uncertainty.