A framework to improve the compliance guideline for critical ICT infrastructure security

Q1 Economics, Econometrics and Finance

Journal of Open Innovation: Technology, Market, and Complexity Pub Date : 2025-05-13 DOI:10.1016/j.joitmc.2025.100547

Jinyong Park , Tae-Sung Kim

{"title":"A framework to improve the compliance guideline for critical ICT infrastructure security","authors":"Jinyong Park , Tae-Sung Kim","doi":"10.1016/j.joitmc.2025.100547","DOIUrl":null,"url":null,"abstract":"<div><div>The security of critical ICT infrastructure is very important because it is directly related to the safety and lives of the people, and a successful cyber-attack can cause catastrophic damage. According to Korean laws, all critical ICT infrastructures are required to confirm the implementation of infrastructure security measures at least once a year. However, the guideline for checking the implementation of infrastructure security measures has problems such as not being suitable for infrastructures that use special systems. This study aims to identify the problems in the structure, check items, and scoring of the guideline, and seek solutions through defining principles and interviewing with infrastructure operators and security experts. The results of this study can be used to efficiently conduct security vulnerability checks and implementation checks of critical ICT infrastructure, and the improved guideline is expected to contribute to the improvement of security levels.</div></div>","PeriodicalId":16678,"journal":{"name":"Journal of Open Innovation: Technology, Market, and Complexity","volume":"11 2","pages":"Article 100547"},"PeriodicalIF":0.0000,"publicationDate":"2025-05-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Open Innovation: Technology, Market, and Complexity","FirstCategoryId":"1085","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2199853125000824","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"Economics, Econometrics and Finance","Score":null,"Total":0}

引用次数: 0

Abstract

The security of critical ICT infrastructure is very important because it is directly related to the safety and lives of the people, and a successful cyber-attack can cause catastrophic damage. According to Korean laws, all critical ICT infrastructures are required to confirm the implementation of infrastructure security measures at least once a year. However, the guideline for checking the implementation of infrastructure security measures has problems such as not being suitable for infrastructures that use special systems. This study aims to identify the problems in the structure, check items, and scoring of the guideline, and seek solutions through defining principles and interviewing with infrastructure operators and security experts. The results of this study can be used to efficiently conduct security vulnerability checks and implementation checks of critical ICT infrastructure, and the improved guideline is expected to contribute to the improvement of security levels.

查看原文本刊更多论文

改进关键ICT基础设施安全合规准则的框架

关键ICT基础设施的安全性非常重要，因为它直接关系到人们的安全和生命，而成功的网络攻击可能会造成灾难性的破坏。根据韩国法律，所有关键信息通信技术（ICT）基础设施每年至少要确认一次基础设施安全措施的实施情况。但是，检查基础设施安全措施执行情况的指南存在不适合使用特殊系统的基础设施等问题。本研究旨在找出指引在架构、检查项目、评分等方面存在的问题，并透过厘定原则、访谈基础设施营运商及安全专家，寻求解决方案。研究结果可用于有效地进行关键ICT基础设施的安全漏洞检查和实施检查，改进后的指南有望有助于提高安全水平。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊