초록 열기/닫기 버튼
The purpose of this paper is to find out a level of information security in terms of the information security culture. To examine the level of information security, we have conducted the survey targeting to public officials in a local government. According to the paradigm of information security, the paper analyzed an internalization of information security culture and a gap between the information security awareness and behavior. The results of analysis are summarized as follows: (1) The level of information security phases as understanding-knowledge-behavior is measured. The level of information security behavior is low by comparison with that of awareness. (2) The paired sample t-test shows that the gap between the information security awareness and behavior for public officials is proved to be statistically significant. This means that public officials perceive the importance of information security and have the knowledge of information security sufficiently, but they relatively have not done that much effort in the security behavior. To improve the level of information security, the public officials should recognize that the importance of information security is connected with the information security culture. Also, the evaluation of information security culture should be fed back to the local government periodically.
