Hasil Pencarian  ::  Simpan CSV :: Kembali

Hasil Pencarian

Ditemukan 32175 dokumen yang sesuai dengan query
cover
Muhammad Iqbal Izzul Haq
Mengukur Tingkat Kesadaran Keamanan Informasi berbasis Taksonomi Bloom = Measuring the Level of Information Security Awareness based on Bloom's Taxonomy
"Perlindungan informasi sangat penting bagi organisasi, pemerintah, maupun individu. Pengembangan langkah-langkah untuk melawan akses ilegal ke informasi adalah hal yang menjadi  perhatian utama saat ini. Terdapat cukup banyak teknik serangan siber  seperti phising, pretexting, baiting, dll. Sehingga dibutuhkan tingkat kesadaran individu yang tinggi agar dapat terhindar dari serangan tersebut. Berdasarkan hal tersebut penelitian ini mengusulkan KAB(Knowledge, Attitude, Behaviour) dan Taksonomi Bloom untuk mengetahui level awareness individu terhadap serangan siber. Beberapa solusi yang telah dibuat seperti membuat anti-phising framework dan membuat sebuah pelatihan. Namun, ada banyak kekurangan seperti tidak semua aspek divalidasi dalam penelitian sebelumnya. Solusi yang dibuat dengan mengukur tingkat kesadaran keamanan informasi terhadap serangan siber dengan pendekatan berbasis Taksonomi Bloom. Dalam penelitian ini penggunaan Taksonomi Bloom dikaitkan dengan metode KAB (Knowledge, Attitude dan Behaviour). Dari metode pengukuran dengan kuesioner dan prototipe didapatkan bahwa lima dari enam aspek memiliki rata-rata diatas 30 untuk hasil kuesioner. Adapun untuk hasil prototipe didapatkan hanya empat dari 12 responden yang memenuhi kreteria Level 3 pada Taksonomi Bloom. Kedua hasil tersebut menunjukan bahwa tingkat kesadaran individu terhadap keaman informasi masih rendah dan perlu untuk ditingkatkan.
Information protection is very important for organizations, governments, and individuals. The development of measures to combat illegal access to information is a matter of major concern today. There are quite a number of cyber attack techniques such as phishing, pretexting, baiting, etc. So it takes a high level of individual awareness in order to avoid these attacks. Based on this, this study proposes KAB (Knowledge, Attitude, Behavior) and Bloom's Taxonomy to determine an individual's level of awareness of cyber attacks. Several solutions have been made such as making an anti-phishing framework and creating a training. However, there are many drawbacks such as not all aspects have been validated in previous studies. Solutions made by measuring the level of information security awareness against cyber attacks with an approach based on Bloom's Taxonomy. In this study the use of Bloom's Taxonomy is associated with the KAB method (Knowledge, Attitude and Behavior). From the measurement method with questionnaires and prototypes, it was found that five of the six aspects had an average above 30 for the results of the questionnaire. As for the prototype results, only four of the 12 respondents met the Level 3 criteria in Bloom's Taxonomy. These two results indicate that the level of individual awareness of information security is still low and needs to be improved."
Depok: Fakultas Ilmu Komputer Universitas Indonesia, 2023
T-pdf
UI - Tesis Membership  Universitas Indonesia Library
cover
Diah Sulistyowati
Desain dan analisis kerangka kerja keamanan informasi berdasarkan kombinasi NIST CSF Versi 1.1, ISO/IEC 27002: 2013 dan COBIT 2019 sebagai instrumen pengukuran tingkat kematangan keamanan siber: (Studi kasus: Pusat Data dan Teknologi, Informasi Komunikasi, Badan XYZ) = Design and analysis of information security frameworks based on the combination of NIST CSF Version 1.1, ISO/IEC 27002: 2013 and COBIT 2019 as instruments for measuring cybersecurity maturity level: (Case study: Data and Technology Center, Information Communication of XYZ Agency).
"Tren digitalisasi yang semakin meningkat pada situasi pandemi Covid-19 saat ini telah mempengaruhi gaya hidup masyarakat baik individu maupun organisasi dan mengubah perilaku konvensional menjadi digital. Era digital menawarkan berbagai kemudahan, namun disisi lain terdapat tantangan berupa ancaman siber yang mempengaruhi keamanan siber suatu negara. Dalam rangka meningkatkan keamanan siber secara lebih efektif dan efisien pada salah satu Instansi Pemerintah di Indonesia, Pusat Data dan Teknologi Informasi Komunikasi (TIK) yang merupakan salah satu unsur pendukung di Badan XYZ menjadi obyek penelitian dalam rencana implementasi pengukuran kematangan keamanan siber. Berdasarkan kondisi saat ini, dapat diketahui bahwa implementasi pengelolaan keamanan TIK belum diterapkan secara optimal. Mengacu hal tersebut, maka dibutuhkan kerangka kerja keamanan secara komprehensif yang akan membantu dalam pengelolaan TIK secara lebih aman dalam mengantisipasi adanya ancaman siber yang semakin meningkat. Dalam penelitian ini, akan melakukan perancangan kerangka kerja kematangan keamanan siber dengan melakukan integrasi berdasarkan kerangka kerja, standar NIST CSF, ISO 27002 dan COBIT 2019. Hasil dari penelitian ini diantaranya: Kerangka kerja (framework) kematangan keamanan siber yang dihasilkan terdiri dari 201 aktivitas yang dapat diimplementasikan oleh organisasi, dan terbagi dalam 38 kategori pada framework kematangan keamanan siber. Selain itu, distribusi aktivitas dalam framework terdiri dari 21.56% berasal dari NIST CSF Model, 14.59% berasal dari ISO 27002, dan 63.85% berasal dari COBIT 2019 Model. Melalui konsep kerangka kerja kematangan keamanan siber yang dihasilkan diharapkan dapat menjadi masukan dalam penyusunan instrumen tingkat kematangan keamanan siber dan sandi secara organisasi.
The increasing trend of digitization in the current Covid-19 pandemic situation has affected the lifestyles of both individuals and organizations and changed conventional behavior to digital. The digital era offers various conveniences, but on the other hand, there are challenges in the form of cyber threats that affect the cybersecurity of a country. To improve cybersecurity more effectively and efficiently at one of the Government Agencies in Indonesia, the Center for Data and Information and Communication Technology (ICT), one of the XYZ Agency’s supporting elements, is the research object in implementing cybersecurity maturity. Based on current conditions, it can be seen that the implementation of ICT security management has not been implemented optimally. A comprehensive security framework is needed that will assist in managing ICT more securely in anticipating the increasing cyber threats. This research/ will design a cybersecurity maturity framework by integrating based on the framework, the NIST CSF standard, ISO 27002, and COBIT 2019. The results of this study include: The resulting cybersecurity maturity framework consists of 201 activities that can be implemented by the organization/ and is divided into 38 categories in the cybersecurity maturity framework. In addition, the distribution of activities in the frameworks consists of 21.56% derived from the NIST CSF Model, 14.59% comes from ISO 27002, and 63.85% comes from the COBIT 2019 Model. Through the concept of cybersecurity maturity framework produced, it is hoped that it becomes an input for preparing an organizational cybersecurity maturity level instrument."
Depok: Fakultas Teknik Universitas Indonesia, 2021
T-pdf
UI - Tesis Membership  Universitas Indonesia Library
cover
Achmad Eriza Aminanto
Pengembangan Model Pemolisian Berbasis Machine Learning untuk Pendeteksian Serangan Siber pada Jaringan Wi-Fi dan Internet of Things = The Development of Machine Learning-Based Policing Models for Detecting Cyber Attacks on Wi-Fi Networks and Internet of Things
"Pandemi COVID-19 sejak tahun 2020 menyebabkan transofrmasi digital secara masif yang terjadi, Tantangan keamanan yang perlu diatasi berasal dari sifat keterbukaan media nirkabel yang menjadi media komunikasi utama di IoT. Hal tersebut menyebabkan besarnya kerugian yang disebabkan kejahatan siber. Kepolisian Republik Indonesia lewat Direktorat Tindak Pidana Siber diharapkan memiliki peran pencegahan dalam melakukan giat pengawasan terhadap serangan-serangan ini, dimana Dittipidsiber belum memiliki fungsi pencegahan serangan siber. Sistem Pendeteksi Intrusi (Intrusion Detection System) atau lebih dikenal sebagai IDS, merupakan salah satu sistem yang dapat memantau serang siber ini, di mana memanfaatkan kecerdasan buatan untuk dapat memisahkan antara serangan siber dan bukan serangan. Pada penelitian ini, akan dihasilkan model pemolisian berbasis machine learning untuk pendeteksian serangan siber pada jaringan Wi-fi dan IoT. Model tersebut melakukan perekaman data jaringan, kemudian data tersebut dilakukan analisa IDS sehingga dapat ditampilkan di command room, yang kemudian ketika adanya indikasi serangan dapat dilakukan penindakan dengan cepat. Dilakukan simulasi dan analisis terhadap berbagai metode seleksi fitur dan model klasifikasi untuk menghasilkan IDS yang baik. Penelitian ini menggunakan dataset publik berisi serangan siber terhadap jaringan Wi-Fi. Dari hasil eksperimen, didapatkan bahwa metode terbaik untuk pengurangan fitur adalah mutual information dengan fitur berjumlah 20, dan metode untuk klasifikasi serangan adalah Neural Network, menghasilkan F-Score sebesar 94% dengan waktu yang dibuthkan 95 detik. Hasil ini menunjukkan IDS yang diusulkan memiliki kemampuan untuk mendeteksi serangan dengan cepat dan hasil deteksi yang sama bagus dengan penelitian sebelumnya.
Since 2020, the Covid-19 pandemic has caused massive digital transformation. Security challenges needed to be overcome is based on the nature of wireless media which is the main communication medium in IoT (Internet of Things). Such condition generates huge loss caused by cybercrime attacks. Indonesian National Police through Directorate of Cyber Crime (Dittipidsiber) is expected to have preventive roles in supervising these attacks, where Dittipidsiber has not had a cyber-attack prevention function. The Intrusion Detection System (IDS) is a system that can identify these cyber-attacks, utilizing artificial intelligence to be able to separate between cyber-attacks and non-attacks. In this study, a machine learning-based policing model will be generated for detecting cyber-attacks on Wi-Fi and IoT networks. The model records network data that will be analysed by IDS so that it can be displayed in the command room. After that, any indications of attacks can be identified quickly. The author performs the simulations and analyses various feature selection methods and classification models in order to produce a good IDS. The study employs a public dataset containing cyber-attacks against Wi-Fi networks. Based the experimental results, it is found that the best method for reducing features is mutual information using twenty features and the method for classifying attacks is Neural Network, resulting F-Score of 94% with a time required of 95 seconds. These results indicate that the proposed IDS have the ability to detect attacks quickly and the detection results are the same as previous studies."
Depok: Sekolah Kajian Stratejik dan Global Universitas Indonesia, 2022
T-pdf
UI - Tesis Membership  Universitas Indonesia Library
cover
Cyril Nugrahutama Kurnaman
Evaluasi dan strategi perbaikan kualitas keamanan infrastruktur teknologi informasi PT XYZ berbasis perluasan kerangka kerja cybersecurity capability maturity model (C2M2) = Evaluation and strategy to improve the security quality of PT XYZ's information technology infrastructure based on the framework’s expansion of the cybersecurity capability maturity M\model (C2M2)
"Indonesia merupakan negara dengan jumlah penduduk dan pengguna internet terbesar keempat di dunia membuat kemungkinan serangan siber semakin besar. Oleh karena itu, dalam mempertimbangkan banyak potensi serangan siber yang dapat terjadi, perusahaan harus memiliki pemahaman yang mendalam tentang kualitas keamanan infrastruktur teknologi informasi (TI) yang dimilikinya. Penelitian ini mengevaluasi kualitas keamanan infrastruktur TI yang dimiliki PT XYZ saat ini dan membandingkannya dengan kualitas keamanan infrastruktur TI yang diharapkan PT XYZ menggunakan perluasan model kematangan keamanan siber yaitu Cybersecurity Capability Maturity Model (C2M2). Peneliti mengadopsi 10 (sepuluh) domain C2M2 dan 2 (dua) domain lain yang bersumber dari Center for Internet Security (CIS) Controls sehingga jumlah domain yang diuji pada model konseptual adalah 12 domain. Perluasan model ini menyesuaikan dengan kondisi dalam masa pandemi COVID-19. Metode yang digunakan dalam penelitian ini adalah in-depth interview dan kuesioner self-evaluation assessment. Data kemudian diolah dan dianalisis menggunakan gap analysis dan importance-performance analysis. Berdasarkan hasil penelitian, 10 domain C2M2 dan 2 domain CIS yang diujikan terhadap PT XYZ memiliki gaps pada Maturity Indicator Level (MIL) di masing-masing domain. Hampir seluruh domain yang diujikan berada di kuadran A pada matriks importance-performance analysis dimana tingkat kinerja rendah namun tingkat kepentingan tinggi. Skala prioritas dibuat agar PT XYZ dapat fokus memperbaiki domain yang memiliki selisih gaps besar dan tingkat kepentingan tinggi. Prioritas I atau prioritas utama domain yang harus segera dibenahi oleh PT XYZ adalah asset, change, and configuration management (ACM); identity and access management (IAM); dan event and incident response, continuity of operations (IR). Kemudian, prioritas II yaitu domain threat and vulnerability management (TVM). Lalu, prioritas III yaitu domain risk management (RM) dan situational awareness (SA). Kemudian, prioritas IV yaitu domain workforce management (WM) dan data protection (PR). Lalu, prioritas V yaitu domain information sharing and communications (ISC) dan cybersecurity program management (CPM). Terakhir, prioritas VI yaitu domain supply chain and dependencies management (EDM). Hal ini menunjukkan bahwa secara keseluruhan kualitas keamanan infrastruktur TI di PT XYZ belum mampu mengatasi risiko keamanan yang ada sehingga membutuhkan banyak perbaikan dan perlu dievaluasi secara menyeluruh.
Indonesia is a country with the fourth largest population and internet users in the world, making the possibility of cyberattacks even greater. Therefore, in considering the many potential cyberattacks that can occur, companies must have a deep understanding of the security quality of their information technology (IT) infrastructure. This research evaluates the security quality of PT XYZ's current IT infrastructure and compares it with the quality of IT infrastructure security expected by PT XYZ using a framework’s expansion of Cybersecurity Capability Maturity Model (C2M2). The researcher adopted 10 (ten) C2M2 domains and 2 (two) other domains sourced from the Center for Internet Security (CIS) Controls so that the number of domains tested in the conceptual model is 12 domains. The expansion of this model adapts to conditions during the COVID-19 pandemic. The methods used in this research are in-depth interviews and self-evaluation assessment questionnaires. The data is then processed and analyzed using gap analysis and importance-performance analysis. Based on the research results, 10 C2M2 domains and 2 CIS domains tested against PT XYZ have gaps in the Maturity Indicator Level (MIL) in each domain. Almost all of the tested domains are in quadrant A in the importance-performance analysis matrix where the level of performance is low but the level of importance is high. The priority scale is made so that PT XYZ can focus on improving domains that have large gaps and high levels of importance. Priority I or the main priority domains that must be addressed by PT XYZ are asset, change, and configuration management (ACM); identity and access management (IAM); and event and incident response, continuity of operations (IR). Then, priority II is the threat and vulnerability management (TVM) domain. Then, priority III is the domain of risk management (RM) and situational awareness (SA). Then, priority IV is the domain of workforce management (WM) and data protection (PR). Then, priority V is the domain of information sharing and communications (ISC) and cybersecurity program management (CPM). Finally, priority VI is the supply chain and dependencies management (EDM) domain. This shows that the overall security quality of PT XYZ’s IT infrastructure has not been able to overcome the existing security risks so that it requires a lot of improvements and needs to be evaluated thoroughly."
Depok: Fakultas Teknik Universitas Indonesia, 2021
T-pdf
UI - Tesis Membership  Universitas Indonesia Library
cover
Miftahul Khausar
Analisis Strategi Cyber Security Uni Eropa : "Pembentukan The Cyber Diplomacy Toolbox Sebagai Tanggapan Diplomatik Bersama Uni Eropa Terhadap Aktivitas Serangan Siber" = Analysis of European Union Cyber Security Strategy : "Establishment of The Cyber Diplomacy Toolbox (CDT) as a Joint Diplomatic Response to the European Union Against the Threat of Cyber Attack activity"
"Pada Juni 2017, Uni Eropa meningkatkan kewaspadaannya terkait masalah serangan siber dengan mendukung pembentukan The Cyber Diplomacy Toolbox (CDT) sebagai tanggapan diplomatik bersama Uni Eropa terhadap aktivitas serangan siber. Keputusan Uni Eropa untuk mengadopsi CDT sebagai bagian dari strategi Cyber Security nya didasari oleh faktor internal dan faktor eksternal. Penelitian ini menjelaskan lebih dalam tentang faktor-faktor tersebut serta menjelaskan implementasi CDT sebagai bagian dari tindakan strategi keamanan siber Uni Eropa. Metode penelitian pada penelitian ini adalah metode Kualitatif dengan menggunakan sumber data primer dan data sekunder. Penelitian ini dianalisis menggunakan Teori Regional Security Complexs dan Konsep Cyber Diplomacy. Teori Regional Security Complexs digunakan untuk menganalisis potensi ancaman pada sektor keamanan siber yang ada di regional Uni Eropa dan menjelaskan upaya pencegahan serta penanggulangan aktivitas serangan siber terhadap negara-negara anggota Uni Eropa dan Konsep Cyber Diplomacy untuk menganalisa proses diplomasi dalam memperkuat strategi Cyber Security Uni Eropa. Penelitian ini menemukan bahwa Keputusan Uni Eropa untuk mengadopsi CDT didasari oleh Faktor Internal dan Faktor Eksternal, kerangka kerjasama CDT dinilai dapat menjadi solusi permasalahan siber dikawasan Uni Eropa dan negara anggotanya, CDT memungkinkan Uni Eropa dan negara anggotanya untuk memanfaatkan instrumen diplomatik mereka, termasuk tindakan pembatasan, untuk menjaga dunia maya tetap global, terbuka, stabil, dan aman.
.In June 2017, the European Union increased its vigilance on the issue of cyberattacks with the establishment of The Cyber Diplomacy Toolbox (CDT) as a joint EU response to cyberattack activity. The European Union's decision to adopt CDT as part of its Cyber Security strategy was based on internal and external factors. This study explains more about these factors and explains the implementation of CDT as part of the European Union's cybersecurity strategy. The research method used in this study is a qualitative method using primary data sources in the form of interviews and secondary data in the form of literature review. This study analyzes using Regional Security Complexs Theory and the Concept of Cyber Diplomacy. The Regional Security Complexs theory is used to analyze potential threats to the cybersecurity sector in the European Union region and explain efforts to prevent and counter cyberattack activities against member countries of the European Union and the concept of Cyber Diplomacy to analyze the diplomatic process in strengthening cyber strategies European Union Security. This study found that the European Union's decision to adopt CDT was based on Internal and External Factors, the CDT cooperation framework is considered to be a solution to cyber problems in the European Union and its member states, CDT allows the European Union and its member countries to take advantage of their diplomatic instruments, including restrictive measures. , to keep cyberspace global, open, stable and secure."
Jakarta: Sekolah Kajian Stratejik dan Global Universitas Indonesia, 2022
T-pdf
UI - Tesis Membership  Universitas Indonesia Library
cover
Adi Rio Arianto
Building Indonesia’s national cyber defense and security to face the global cyber threats through Indonesia security incident response team on internet infrastructure (id-sirtii)
"The establishment of the “Indonesia Security Incident Response Team on Internet Infrastructure (ID-SIRTII)” is a tactical step by the Indonesian Ministry of Information and Communication to ensure the stability of national information regarding cyber protection and all forms of threats. This study explores the urgency of ID-SIRTII to prevent global cyber threats. The study found that cyber threats in Indonesia are very complex, seeing the variations of actors, motives, and targets (civil or military purpose). This complexity can be explained through the following four aspects, namely : (1) by understanding of Geometripolitic studies in cyber, there are at least two domains that can be reached, namely “the using of cyber for high-politics purposes (military)”by formulating and activating of Cyberpower to face the Global Cyber War(PSG), Wold Geometri War (PGA), and the forming of “Siber State or Siber Government”; and “the use of cyber for low-politics purposes (civil)”by the protection of civil activities in cyberspace; (2) in order to prevent the spread of national cyber crime, the implementation of the ID-SIRTII policy is integrated with the national cyber institutions; (3) in order to prevent the Global Cyber Threat, the implementation of ID-SIRTII policies needs to be strengthened and well-integrated with the regional and global cyber institutions; and (4) considering of the two “functionalism of cyber” also to form a structuralism of Indonesian National Defense and Security system in the cyber sector, nowdays Indonesia needs to build a CyberForce as a complement to the Army, Navy, and Air Force."
Bogor: Indonesia Defense University, 2019
355 JDSD 9:1 (2019)
Artikel Jurnal  Universitas Indonesia Library
cover
Marsyanda Syifa Adiba
Dinamika Kebijakan ASEAN dalam Keamanan Siber sebagai Respons atas Ancaman Siber di Kawasan = The Dynamics of ASEAN Policy in Cyber Security in Response to Cyber Threats in the Region
Depok: Fakultas Ilmu Sosial dan Ilmu Politik Universitas Indonesia, 2019
S-Pdf
UI - Skripsi Membership  Universitas Indonesia Library
cover
Inna Madiyaningsih
Analisis It Maturity Level Dengan Menggunakan Framework Cobit 5 Untuk Meningkatkan Kualitas Pengelolaan Keamanan Siber (Studi Kasus Perusahaan Z Sector Ict) = It Maturity Level Analysis Using The Cobit 5 Framework To Improve The Quality Of Cyber Security Management (Case Study Of Company Z In The Information Technology Sector)
"PT Z merupakan pengelola dan pengembang IT PT ABC (sebuah perusahaan listrik yang dimiliki oleh pemerintah), dituntut untuk dapat memastikan keamanan siber yang tinggi dalam setiap layanan yang diberikan kepada PT ABC untuk mencegah kebocoran data, kerugian finansial yang dapat mencapai Rp. 300 Triliun, serta dampak non-finansial lainnya. Untuk itu perlu dilakukan evaluasi dan assessment IT Maturity Level untuk memastikan kehandalan manajemen keamanan siber PT Z. Penelitian ini bertujuan untuk melakukan analisis IT maturity keamanan siber pada PT Z menggunakan kerangka kerja COBIT 5 fokus pada domain proses Align, Plan, and Organize 13 (APO13) dan Deliver, Service, and Support 05 (DSS05). Metode yang digunakan dalam penelitian ini adalah in-depth interview dan self evaluation assessment dengan menggunakan kuisioner kepada 33 pegawai STI selaku penanggung jawab IT. Berdasarkan pengolahan data menggunakan gap analysis, maka diperoleh tingkat kapabilitas pencapaian  APO13 PT Z adalah 3,06 (level 3) dengan gap tertinggi pada activity :APO13.2.3 gap 1.27, APO13.1.2 gap 1.06, APO13.2.1 gap 1.06. Sedangkan pencapaian domain DSS05 PT Z adalah 3,21 (level 3) dengan gap tertinggi berada pada DSS05.4.2 gap 1.64, DSS05.2.3 gap 1.15, DSS05.5.1 gap 1.09. Hasil ini menunjukkan bahwa PT. Z perlu membangun security information yang terintegrasi dan membentuk strategi keamanan IT selaras dengan strategi bisnis perusahaan dengan mendefinisikannya kedalam inisiatif keamanan: teknologi, people, dan proses.
PT Z is the IT manager and developer of PT ABC, a government-owned electricity company. They are required to ensure high cybersecurity in every service provided to PT ABC to prevent data breaches, and potential financial losses of up to Rp. 300 Trillion, and other non-financial impacts. Therefore, an evaluation and assessment of IT Maturlevelsevel need to be conducted to ensure the reliability of PT Z's cybersecurity management. This research aims to analyze the IT maturity of cybersecurity in PT Z using the COBIT 5 framework, focusing on the Align, Plan, and Organize 13 (APO13) and Deliver, Service, and Support 05 (DSS05) process domains. The methods used in this research are in-depth interviews and self-evaluation assessments, conducted through questionnaires distributed to 33 STI employees responsible for IT. Based on data processing using gap analysis, the achievement level of APO13 in PT Z is 3.06 (level 3) with the highest gaps identified in the following activities: APO13.2.3 (gap 1.27), APO13.1.2 (gap 1.06), APO13.2.1 (gap 1.06). Meanwhile, the achievement level of the DSS05 domain in PT Z is 3.21 (level 3) with the highest gaps identified in DSS05.4.2 (gap 1.64), DSS05.2.3 (gap 1.15), DSS05.5.1 (gap 1.09). These results indicate that PT Z needs to establish an integrated security information system and develop an IT security strategy that aligns with the company's business strategy by defining security initiatives in terms of technology, people, and processes."
Jakarta: Fakultas Teknik Universitas Indonesia, 2023
T-pdf
UI - Tesis Membership  Universitas Indonesia Library
cover
Issues in maritime cyber security
Washington: DC Westphalia Press, an imprint of the Policy Studies Organization, 2017
003.5 ISS
Buku Teks SO  Universitas Indonesia Library
cover
Andri Tri Prasetyo
Pengembangan Kerangka Kerja Respon Insiden Keamananan Siber Pada Operational Technology (OT) = Development of a Cybersecurity Incident Response Framework in Operational Technology (OT)
"Meningkatnya serangan siber terhadap teknologi operasional (OT) pada infrastruktur kritis mengharuskan setiap pemilik aset atau infrastruktur menyiapkan metode yang sesuai untuk merespons dan menangani insiden keamanan siber. Untuk menghindari risiko dalam pengelolaan insiden keamanan siber di lingkungan OT, diperlukan kerangka kerja yang dapat membantu pemilik infrastruktur menyelesaikan insiden. Penelitian ini berfokus pada pengembangan kerangka respons insiden keamanan siber OT berdasarkan berbagai standar dan praktik terbaik untuk mengelola insiden keamanan siber di sektor OT. Beberapa standar tersebut dipetakan sehingga menghasilkan sejumlah fase utama yang di dalamnya terdapat aktivitas kerangka kerja dan poin-poin rekomendasi implementasi. Hasil penelitian ini berupa kerangka kerja yang terdiri dari 4 fase utama, 12 kegiatan, dan 38 rekomendasi implementasi. Untuk memvalidasi kerangka kerja yang diusulkan, dilakukan metode kuantitatif berdasarkan penilaian ahli (expert) untuk mengukur kepercayaan antar para ahli mengenai rekomendasi implementasi kerangka kerja menggunakan statistik Fleiss Kappa. Pengukuran tersebut menghasilkan nilai kappa sebesar 0,7597 dan dikategorikan kesepakatan substansial yang menunjukkan bahwa beberapa ahli telah menyepakati rekomendasi kerangka kerja.
The increase in cyberattacks against operational technology (OT) in critical infrastructure requires every asset or infrastructure owner to prepare suitable methods for responding to and handling cybersecurity incidents. To avoid risks in managing cybersecurity incidents in OT environments, a framework is needed that can help infrastructure owners resolve incidents. This research focuses on developing an OT cybersecurity incident response framework based on various standards and best practices for managing cybersecurity incidents in the OT sector. Some of these standards were mapped to produce a number of key phases in which the framework activities and points of implementation recommendations were included. The result of this research is a framework consisting of 4 main phases, 12 activities and 38 implementation recommendations. To validate the proposed framework, a quantitative method based on expert judgment was conducted to measure the trust between experts regarding the framework implementation recommendations using Fleiss Kappa statistics. The measurement resulted in a kappa value of 0.7597 and was categorized as substantial agreement, indicating that several experts had agreed on the framework recommendations."
Depok: Fakultas Teknik Universitas Indonesia, 2023
T-pdf
UI - Tesis Membership  Universitas Indonesia Library
<<   1 2 3 4 5 6 7 8 9 10   >>