Badan Kepegawaian Negara memiliki tugas dan fungsi sebagai pembina dan penyelenggara manajemen ASN secara nasional yang menggunakan teknologi informasi didalam pelaksanaannya. Terdapat 4,2 juta data ASN yang tersebar diseluruh Indonesia yang harus dijaga oleh BKN. Seiring dengan pertumbuhan pemanfaatan sistem informasi, turut berdampak pada meningkatnya risiko keamanan informasi. Dari Laporan Id-SIRTII/CC dan laporan internal BKN adanya peningkatan serangan siber yang ditujukan kepada BKN. Selain itu terdapat juga berbagai serangan yang terjadi seperti web defacement, phising, DDOS, hingga pencurian data pegawai serta masih adanya pegawai yang belum peduli terhadap keamanan informasi. Berdasarkan hal tersebut dibuatlah tujuan dari penelitian ini untuk melakukan pengukuran tingkat kesadaran keamanan informasi pegawai di BKN. Penelitian ini menggunakan pendekatan kualitatif untuk mendapatkan permasalahan dan rekomendasi peneltian serta pendekatan kuantitatif untuk mendapatkan data dari survei menggunakan kuisioner. Knowledge, Attitude, dan Behavior (KAB) yang diperluas dengan penambahan dimensi demografi responden dalam organisasi serta penambahan fokus area Manajemen aset SI/TI merupakan model pada penelitian ini. Kuisoner The Human Aspects of Information Security Questionnaire (HAIS-Q) dipilih untuk pengukuran yang ditambahkan fokus area Manajemen Aset SI/TI dengan total 75 pernyataan. Sampel penelitian berjumlah 356 responden yang tersebar di seluruh Indonesia berdasarkan penyebaran secara acak menggunakan media whatsapp. Hasil yang didapat dari pengukuran kuantitatif yang telah dilakukan diperoleh nilai tingkat kesadaran keamanan informasi pegawai BKN sebesar 88,80% dengan kategori baik. Berdasarkan hasil tersebut diadakan konfirmasi dan validasi melalui wawancara terhadap salah satu responden mengenai setiap fokus area penelitian sehingga didapatkan hasil bahwa setiap indikator pada fokus area yang ditanyakan dalam kuesioner dimengerti oleh responden. Masih terdapat kasus insiden keamanan informasi yang terjadi namun tidak mempengaruhi nilai pengujian dikarenakan insiden tersebut dilakukan oleh sekelompok individu saja. Berdasarkan hasil survei, demi mempertahankan Tingkat kesadaran keamanan informasi yang didapatkan saat ini dapat disimpulkan bahwa perlu terus dilakukan sosialisasi keamanan informasi terhadap pegawai BKN dengan mengimplementasikan program kesadaran keamanan informasi seperti penyampaian pesan melalui media sosial, pelaksanaan workshop secara luring dan daring, pembuatan buku pedoman keamanan informasi, dan mengadakan seminar dengan mengundang narasumber profesional di bidang keamanan informasi.

---

The National Civil Service Agency (BKN) has duties and functions as supervisors and organisers of ASN management nationally and uses information technology in its implementation. There are 4.2 million ASNs spread throughout Indonesia that must be maintained by BKN. Along with the growth of information system utilisation, it also has an impact on increasing information security risks. This has led to an increase in cyber attacks directed at BKN, including Id-SIRTII/CC reports and BKN internal reports. In addition, there are also various attacks that occur, such as web defacement, phishing, DDOS, and employee data theft. Based on this, the purpose of this study was to measure the level of information security awareness of employees at BKN. This study uses a mixed-methods approach that combines qualitative approaches to obtain problems and research recommendations with quantitative approaches to obtain data from surveys using questionnaires. The research model was made based on the Knowledge, Attitude, and Behaviour (KAB) model, which was expanded by adding the demographic dimension of respondents in the organisation and adding a focus area of IS/IT asset management. The measurement was carried out using the Human Aspects of Information Security Questionnaire (HAIS-Q) questionnaire and the focus area of SI/IT Asset Management, with a total of 75 statements. The research sample amounted to 356 respondents spread throughout Indonesia based on random distribution using WhatsApp media. The results obtained from the quantitative measures that have been carried out indicate that the value of the level of information security awareness of BKN employees is 88.80%, which is in the good category. Based on these results, confirmation and validation were held through interviews with one of the respondents regarding each focus area of research so that the results were obtained that each indicator in each focus area asked in the questionnaire was understood by respondents. There are still cases of information security incidents that occur but do not affect the value of testing because the incident was carried out by a group of individuals only. Based on the survey results, in order to maintain the level of information security awareness obtained today, it can be concluded that it is necessary to continue to socialize information security to BKN employees by implementing information security awareness programs such as delivering messages through social media, conducting offline and online workshops, making information security manuals, and holding seminars by inviting professional resource persons in the field of security information.