상세 보기
초록
This paper proposes an integrated governance model of ISAC⋅ISAO and CERT⋅CSIRT to proactively respond to cyber threats that are rapidly becoming intelligent and automated in the era of artificial intelligence and to strengthen the resilience of the defense industry. The proposed model combines multi-layered convergence analysis of industry-specific (defense ISAC) and subject-specific (ISAO) intelligence and centralization through national CERT, with the core of grading and metadata tagging according to information sensitivity, encryption/access control and automatic compliance inspection modules by grade. In addition, the automated cycle of detection, verification, and teaching is organized through the isolation verification infrastructure including air-gapped test labs, digital twins, and automated Red Team/BAS and the standardized post-motem feedback process. In addition, it also presents organizational and operational plans including legal frames (standardized MOU and export control linkage), trust-based trust circuits, incentives for private participation and sharing roles and responsibilities.
키워드
- 제목
- 통합 사이버 보안 거버넌스 모델의 방위산업 적용 : ISAC⋅ISAO와 CERT⋅CSIRT 융합 접근
- 제목 (타언어)
- Application of Integrated Cybersecurity Governance Model to Defense Industry : ISAC/ISAO and CERT/CSIRT Convergence Approach
- 저자
- 이화영; 최종원
- 발행일
- 2025-12
- 유형
- Y
- 저널명
- 한국방위산업학회지
- 권
- 32
- 호
- 3
- 페이지
- 149 ~ 163