![Page 1: ID IGF 2016 - Infrastruktur 3 - Towards National Cyber Security Framework](https://reader031.vdocuments.site/reader031/viewer/2022020213/587c872d1a28ab93568b669d/html5/thumbnails/1.jpg)
Towards National Cyber Security Framework“a brief overview”M.S. MANGGALANNY – DEPUTY NETWORK OPERATION AND SECURITY
![Page 2: ID IGF 2016 - Infrastruktur 3 - Towards National Cyber Security Framework](https://reader031.vdocuments.site/reader031/viewer/2022020213/587c872d1a28ab93568b669d/html5/thumbnails/2.jpg)
CHAPTER #1
16/11/2016 ID-SIRTII/CC 1
![Page 3: ID IGF 2016 - Infrastruktur 3 - Towards National Cyber Security Framework](https://reader031.vdocuments.site/reader031/viewer/2022020213/587c872d1a28ab93568b669d/html5/thumbnails/3.jpg)
Dilemmas• Data Protection vs. Information Sharing
• Freedom of Expression vs. Political Stability
• Private Sector vs. Public Sector (empowerment)
• Stimulate the Economy vs. Improve National Security
• Infrastructure Modernization vs. Critical Infrastructure Protection
16/11/2016 ID-SIRTII/CC 2
![Page 4: ID IGF 2016 - Infrastruktur 3 - Towards National Cyber Security Framework](https://reader031.vdocuments.site/reader031/viewer/2022020213/587c872d1a28ab93568b669d/html5/thumbnails/4.jpg)
Cyber Security Agenda
• National
• Per Sector
• Critical (CIP)
Policy
• National
• Per Sector
• Critical (CIP)
Framework• National
• Per Sector
• Critical (CIP)
Strategy
16/11/2016 ID-SIRTII/CC 3
![Page 5: ID IGF 2016 - Infrastruktur 3 - Towards National Cyber Security Framework](https://reader031.vdocuments.site/reader031/viewer/2022020213/587c872d1a28ab93568b669d/html5/thumbnails/5.jpg)
CHAPTER #2
16/11/2016 ID-SIRTII/CC 4
![Page 6: ID IGF 2016 - Infrastruktur 3 - Towards National Cyber Security Framework](https://reader031.vdocuments.site/reader031/viewer/2022020213/587c872d1a28ab93568b669d/html5/thumbnails/6.jpg)
Cyber Security Policy• Presidential Decree and/or Executive Decree
• Executive mission, objectives and direction
• Legal basis for budgeting plan and operation
•Mandatory supervision, reward and punishment
• Definition, Criteria and Key Performance Indicator (KPI)
• Preemptive, preparation, escalation, criticality, contingency
• Determine Framework, Strategy and (limited) Road Map if needed
16/11/2016 ID-SIRTII/CC 5
![Page 7: ID IGF 2016 - Infrastruktur 3 - Towards National Cyber Security Framework](https://reader031.vdocuments.site/reader031/viewer/2022020213/587c872d1a28ab93568b669d/html5/thumbnails/7.jpg)
Logical Model Elements
• Legal
• Stake Holders
•Resources
•Budget
Inputs
•New Legislation
•Mapping
• Spending Reviews
Activities•Mid Terms
• Framework
• Strategy
•Best Practices
Output
• Long Terms
• Improvement
• Transparencies
•Governance
Outcomes•Cost Efficient
•Maturity
•Readiness
•Resilience
Impacts
16/11/2016 ID-SIRTII/CC 6
![Page 8: ID IGF 2016 - Infrastruktur 3 - Towards National Cyber Security Framework](https://reader031.vdocuments.site/reader031/viewer/2022020213/587c872d1a28ab93568b669d/html5/thumbnails/8.jpg)
CHAPTER #3
16/11/2016 ID-SIRTII/CC 7
![Page 9: ID IGF 2016 - Infrastruktur 3 - Towards National Cyber Security Framework](https://reader031.vdocuments.site/reader031/viewer/2022020213/587c872d1a28ab93568b669d/html5/thumbnails/9.jpg)
Cyber Security Framework• Presidential Decree and/or Executive Decree
• Executive Cyber Security Implementation design
• Executive Cyber Security Operation standard reference
• Control, evaluation and improvement process guidance
•NATO CCDCOE (2012), NIST (2014), ENISA (2012, 2014)
16/11/2016 ID-SIRTII/CC 8
![Page 10: ID IGF 2016 - Infrastruktur 3 - Towards National Cyber Security Framework](https://reader031.vdocuments.site/reader031/viewer/2022020213/587c872d1a28ab93568b669d/html5/thumbnails/10.jpg)
Framework Activity
•Asset Management
•Business Environment
•Governance
•Risk Assessment
•Risk Management Strategy
Identification
•Access Control
•Awareness and Training
•Data Security
•Information Protection Process and Procedures
•Maintenance
Protection•Anomalies and Events
•Security Continuous Monitoring
•Detection Processes
Detection
•Response Planning
•Communication
•Analysis
•Mitigation
•Improvements
Respond•Recovery Planning
•Improvements
•Communications
Recovery
16/11/2016 ID-SIRTII/CC 9
![Page 11: ID IGF 2016 - Infrastruktur 3 - Towards National Cyber Security Framework](https://reader031.vdocuments.site/reader031/viewer/2022020213/587c872d1a28ab93568b669d/html5/thumbnails/11.jpg)
CHAPTER #4
16/11/2016 ID-SIRTII/CC 10
![Page 12: ID IGF 2016 - Infrastruktur 3 - Towards National Cyber Security Framework](https://reader031.vdocuments.site/reader031/viewer/2022020213/587c872d1a28ab93568b669d/html5/thumbnails/12.jpg)
Cyber Security Strategy• Presidential Decree and/or Executive Decree
• Per Sector Policy and/or Executive Order
• Risk management, analysis and handling
• Capacity building, awareness, collaboration
• Developing maturity, readiness and resilience
16/11/2016 ID-SIRTII/CC 11
![Page 13: ID IGF 2016 - Infrastruktur 3 - Towards National Cyber Security Framework](https://reader031.vdocuments.site/reader031/viewer/2022020213/587c872d1a28ab93568b669d/html5/thumbnails/13.jpg)
Strategy Life Cycle
• Development
• Planning and Education
Phase 1
• Execution
• Operation Collaboration
Phase 2• Evaluation
• Periodically Assessment
Phase 3
• Maintaining
• Continuous Improvement
Phase 4
16/11/2016 ID-SIRTII/CC 12
![Page 14: ID IGF 2016 - Infrastruktur 3 - Towards National Cyber Security Framework](https://reader031.vdocuments.site/reader031/viewer/2022020213/587c872d1a28ab93568b669d/html5/thumbnails/14.jpg)
Thank You!•ID-SIRTII/CC• RAVINDO Tower 17th Floor
• KEBON SIRIH RAYA 75
• Central Jakarta, 10340
• Phone +62 21 3192 5551
• Facsimile +62 21 3193 5556
• [email protected] ; www.idsirtii.or.id
1316/11/2016 ID-SIRTII/CC