THE GREAT advancement of the Internet has brought huge benefits and opportunities to our society. People have become able to run businesses without much expense and enjoy entertainment anywhere. However, along with the benefits the Internet offers, there are many shortfalls that such as the spread of viruses and the threat of hackers. Its worldwide popularization and comparatively easiness of access to confidential information also have provided new opportunities for criminals. Under such circumstances, the role of the information security specialist is now being emphasized and it is seen as a promising job in ten years.
What information security specialists do
The Internet is growing rapidly, and, at a similar rate, the number of on-line crimes is also increasing that cannot be ignored anymore. Sometimes damages caused by on-line criminals are much severer than those caused in the off-line world. Information security specialists are those who fight against such crimes. They defend information systems from various domestic and foreign threats. Also, they protect highly classified information of enterprises or other groups. Recently, the National Assembly passed a bill that would require companies to employ information security specialists to enhance the nation’s general level of information security. It means that the role of information security specialists is getting bigger.
There are generally four kinds of information security departments in information security companies: research and development of information security; management; business marketing; and other information security including security education. Generally, employees are allocated in each department depending on their individuality, aptitude, and major.
Why the role of information security specialists is being highlighted
As confidential information leakage has increased compared to the past, economic damage has increased more than two-folds. Jan. 25, 2003, a so-called Internet disturbance happened in Korea due to a vicious virus (slammer worm) that came from a foreign server. The Internet servers of Seoul and Kyeonggi-do were seriously damaged, and most Internet services such as Internet banking stopped. Even some air services were cancelled at that time. This alarmed many people because they were afraid that their private information would be leaked out since most administrative works was done through the Internet. After the 2003 Internet disturbance, information security specialists have come into the spotlight. Also, the demand for information security highly increased, and the National Cyber Security Center was established to enhance protection of confidential information.
How to become an information security specialist
Most people think that the School of Humanities graduates cannot become information security specialists since this profession is related to IT and computer science. Of course, it is true that it is easier for information engineering or computer science graduates to get a job in this field. However, Jeon Ju-hyun (Manager, Solution Box) says, “Any graduate can become an information security specialist regardless of his or her major.” For example, when one’s expertise in the field of law and IT are combined together, he or she can work as a cyber forensic specialist. Acquiring certificates with regard to information security such as CISSP (Certified Information Systems Security Professional), CISA (Certified Information Systems Auditor) and SIS (Specialist for Information Security) will be helpful since companies prefer certificates holders regardless of major. Students can take related courses in school or private academies, or they can visit websites such as “http://cafe.naver.com/nsis” for further information. Also, award-winning experiences in national hacking contests are highly considered.
Challenges facing information security specialists
Most large corporations have their own information security departments since they are well aware of the importance of information protection. Small and medium enterprises, however, have no choice but to pay little attention to information security. Though they feel the necessity, they usually fall short of human powers and budgets, hesitating to invest in security related areas.
What is worse is that when a leakage accident happens; companies strive to release related curing software as soon as possible because of harsh competition in the market. Thus the extreme competition mostly results in poor outcomes, and sometimes such software even harms the whole server. As a consequence, the inferior goods ruin market confidence and bring a loss to some small and unknown companies that actually provide superior software programs. In this sense, excessive competition can make small companies go bankrupt, and flood the market with unnecessary goods. Although information security specialists are now suffering these hardships, it will get better as people come to recognize the importance of security.
Bright future of information security specialists
The function of the Internet is like a double edged sword; it has both positive and negative effects. Thus there will be continuous demands for information security specialists for protection against possible threats on the Internet. It means the outlook of information security specialists is bright. “As information security specialists are currently in short supply, more human resources will be needed in the future” says Lee Jung-woo (Prof., Graduate School of Info.). Due to the economic crisis worldwide, most government departments’ budgets were curtailed, but budgets for information security were an exception. Instead, information security budgets were raised by the Lee administration. As long as we live in an information-oriented society, there will be a steady demand for information security specialists.
<An interview with an information security specialist, Jeon Ju-hyun>
Why did you decide to become an information security specialist?
Actually, I majored in international business and trade in college. I had never imagined that I would work in this field because I thought information security is only related to engineering department. However, I worked at an IT company by chance right after graduation, and I felt the necessity to protect information from potential risks. Also, I expected that security technology would be more important in the future. That is why I started studying information security. And last year I got a master’s degree from the Graduate School of Information.
Special incidents while working as a specialist
On Jan. 25, 2003, I was directly involved in an Internet disturbance that hit the IDC center where most servers are gathered. I learned a lot from that crisis, and I realized the importance of information security. There are also some embarrassing moments while I was working. Once, I deleted data files on the whole system by mistake. I learned the hard way that a prudent attitude is essential for an information security specialist.