Abstract :
This paper has conducted analyzing the accident case of data spill to study policy issues for ICT security from a social science perspective focusing on risk. The results from case analysis are as follows. First, ICT risk can be categorized ´severe, strong, intensive and individual´ from the level of both probability and impact. Second, strategy of risk management can be designated ´avoid, transfer, mitigate, accept´ by understanding their own culture type of relative group such as ´hierarchy, egalitarianism, fatalism and individualism´. Third, personal data has contained characteristics of big data such like ´volume, velocity, variety´ for each risk situation. Therefore, government needs to establish a standing organization responsible for ICT risk policy and management in a new big data era. And the policy for ICT risk management needs to balance in considering ´technology, norms, laws, and market´ in big data era.
Keywords :
Big Data; data privacy; risk management; Big Data characteristics; Big Data laws; Big Data market; Big Data norms; Big Data technology; ICT risk based policy design; ICT risk management; ICT security; South Korea; culture type; data spill accident case analysis; data variety; data velocity; data volume; egalitarianism group; fatalism group; hierarchy group; impact level; individual ICT risk; individualism group; intensive ICT risk; personal data; privacy invasion; probability level; risk acceptance; risk avoidance; risk mitigation; risk transfer; severe ICT risk; social science perspective; strong ICT risk; Accidents; Big data; Data privacy; Moon; Privacy; Risk management; Security; ICT policy; big data; cultural types; privacy invasion; technological risk;
