研究生: |
周鈺翔 Yu-Hsiang Chou |
---|---|
論文名稱: |
建立金融業資安生態系統之研究 A Study on Building a Financial Industry Cyber Security Ecosystem |
指導教授: |
吳宗成
Tzong-Chen Wu |
口試委員: |
楊維寧
Wei-Ning Yang 陳正綱 Cheng-Kang Chen |
學位類別: |
碩士 Master |
系所名稱: |
管理學院 - 資訊管理系 Department of Information Management |
論文出版年: | 2020 |
畢業學年度: | 108 |
語文別: | 中文 |
論文頁數: | 61 |
中文關鍵詞: | 生態系統 、商業生態系統 、金融業生態系統 、金融業資安生態系統 |
外文關鍵詞: | Ecosystem, Business ecosystem, Financial industry ecosystem, Financial industry cyber security ecosystem |
相關次數: | 點閱:180 下載:0 |
分享至: |
查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報 |
金融業經營型態將因金融業資訊數位化而改變,且隨著金融科技應用發展趨勢不斷再進化,無論未來金融業樣態演變為何,一連串資訊安全挑戰將會不斷接踵而來。本研究是以利用生態系統理論做為基礎,並以金融業基本核心價值信賴(Trust)為主體,整理出金融業生態系統之間脈絡關係。為求維持金融業核心價值,本研究建議應將資訊安全融入組織策略與法規遵循之中。
本研究之重點在於建議金融業生態系統中每ㄧ個成員個體,應將資訊安全融入組織策略與法規遵循之中,並且須導入金融業資安系統框架,金融業才能得以創造出安全環境。唯有如此才能讓客戶放心將金融服務植入數位生活場域之中,並建立起客戶、供應商與相關利害關係人的信任基礎。再結合生態系統中重要的「利他、互補」理念,並透過金融業生態聚落合作,以鏈結客戶、上下游供應商與同業異業同盟,以建立共榮共存之金融業資安生態系統。
The business model of the financial industry will change with the digitization of financial industry information, and as the development trend of financial technology applications continues to evolve, no matter what the future financial industry will be, a series of information security challenges will follow. This paper is based on the use of ecosystem theory, with the financial industry’s basic core value Trust as the main body, sorting out the context of financial industry ecosystems. In order to protect the core values Trust of the financial industry, this paper suggests that cyber security should be integrated into organization strategies and regulatory compliance.
This paper suggests that every individual member of the financial industry ecosystem should integrate cyber security into organization strategies and regulatory compliance. Moreover, the cyber security framework of the financial industry must be introduced so that the financial industry can create a safe environment. Only in this way can customers be assured of embedding financial services into the digital life field, and establish a trust foundation for customers, suppliers and related stakeholders. And through the financial industry ecological settlement cooperation, to link customers, upstream and downstream suppliers and industry alliances, to build a financial industry cyber security ecosystem.
中文文獻
中央銀行(2019a),2019-06-20 本國中央銀行理監事會後記者會參考資料,2020/05/04 檢自:https://www.cbc.gov.tw/tw/cp-357-104331-afbb3-1.html
中央銀行(2019b),2019-09-19 本國中央銀行理監事會後記者會參考資料,2020/05/04 檢自:https://www.cbc.gov.tw/tw/cp-357-104479-66edc-1.html
行政院國家資通安全會報技術服務中心(2019),2019-9-6 俄羅斯駭客組織鎖定銀行業攻擊,2020/05/15 檢自:https://www.nccst.nat.gov.tw/NewsRSSDetail?seq=16292
行政院國家資通安全會報技術服務中心(2020),109年第1季資通安全技術報告,2020/05/10 檢自:https://download.nccst.nat.gov.tw/attachfilenew/109年第1季資通安全技術報告.pdf
金融監督管理委員會(2016a),2016-09-12 裁罰案件-第一商業銀行自動櫃員機(ATM)遭異常提領所涉缺失事項,2020/05/15 檢自:https://www.fsc.gov.tw/ch/home.jsp?id=131&parentpath=0,2&mcustomize=multimessage_view.jsp&dataserno=201609130012&aplistdn=ou=data,ou=penalty,ou=multisite,ou=chinese,ou=ap_root,o=fsc,c=tw&dtable=Penalty
金融監督管理委員會(2016b),2016-09-14 裁罰案件-兆豐國際商業銀行遭美國紐約州金融署(下稱DFS)裁罰美金1.8億元一案,2020/05/15 檢自: https://www.fsc.gov.tw/ch/home.jsp?id=131&parentpath=0,2&mcustomize=multimessage_view.jsp&dataserno=201609210002&aplistdn=ou=data,ou=penalty,ou=multisite,ou=chinese,ou=ap_root,o=fsc,c=tw&dtable=Penalty
金融監督管理委員會(2017),2017-12-1 遠東國際商業銀行SWIFT系統遭駭重大偶發事件所涉缺失事項,違反銀行法第45條之1第1項規定,依同法第129條第7款規定,核處新臺幣800萬元罰鍰,2020/05/15 檢自:https://www.fsc.gov.tw/ch/home.jsp?id=131&parentpath=0,2&mcustomize=multimessages_view.jsp&dataserno=201712180001&aplistdn=ou=data,ou=penalty,ou=multisite,ou=chinese,ou=ap_root,o=fsc,c=tw&dtable=Penalty
洪國興 趙榮耀 (2003),「資訊安全管理理論之探討」,資管評論,第十二期,P17-47。
英文文獻
A.J. Willis(1997), “The ecosystem: an evolving concept viewed historically”, Functional Ecology Vol. 11, No. 2 (Apr., 1997), pp. 268-271.
Avinandan Mukherjee, Prithwiraj Nath (2003), “A model of trust in online relationship banking,” International Journal of Bank Marketing
Brett King (2018), “Bank 4.0: Banking Everywhere, Never at a Bank”, published by John Wiley & Sons Inc
Campbell, Neil A., Reece, Jane B., Taylor, Martha R. and Simon,(2009), “Biology Concepts & Connections Sixth Edition.” , Benjamin Cummings
Douglas W. Arner,Janos Nathan Barberis,and Ross P. Buckley,(2015), “ The Evolution of Fintech: A New Post-Crisis Paradigm?”.
Eugene P. Odum, Gary W. Barrett,(1971),”Fundamentals of Ecology, 3rd ed.”,W.B.Saunders Co.,Philadelphia.
James E. Moore (1993), “Predators and Prey:A New Ecology of Competition”, Harvard Business Review, MAY-JUNE 1993, pp. 75-86
National Institute of Standards and Technology (2018), “Cybersecurity Framework Version 1.1”, https://www.nist.gov/cyberframework/framework, (May 2, 2020)
New York State Department of Financial Services, Press Release 2016-08-19 DFS FINES MEGA BANK $180 MILLION FOR VIOLATING ANTI-MONEY LAUNDERING LAWS, 2020/05/02 Retrieved from https://www.dfs.ny.gov/reports_and_publications/press_releases/pr1608191
Rainer Jr. R.K., Snyderr C.A., and Carr H.H. (1991), “Risk analysis for information technology,” Journal of management information systems, Summer 1991, p. 130
Schendel, D. & Hofer, C. W. (eds) (1979), “Strategic Management : A New View of Business Policy and Planning”, (Little, Brown & Company, Boston).
Smits M.T., van der Poel V.G., and Ribbers P.M.A.,(1997), “Assessment of information strategies in insurance companies in the Netherlands,” Journal of strategic information systems 6(2), June 1997, pp. 129-148.
Spyridon Samonas, David Coss,(2014), “The CIA Strikes Back: Redefining Confidentiality, Integrity and Availability in Security”, Journal of Information System Security Volume 10, Number 3 (2014), pp. 21–45
William Blake(1789), “Auguries of Innocence”
World Economic Forum (2018), Regional Risk for Doing Business 2018, 2020/05/02 Retrieved from http://www3.weforum.org/docs/WEF_Regional_Risks_Doing_Business_report_2018.pdf
World Economic Forum (2019), Regional Risk for Doing Business 2019, 2020/05/02 Retrieved from http://www3.weforum.org/docs/WEF_Regional_Risks_Doing_Business_report_2019.pdf
World Economic Forum (2019), The Global Risks Report 2019 , 2020/05/02 Retrieved from http://www3.weforum.org/docs/WEF_Global_Risks_Report_2019.pdf