logo a. budi setiawan information security governance readiness in government institution the center...
TRANSCRIPT
![Page 1: LOGO A. BUDI SETIAWAN INFORMATION SECURITY GOVERNANCE READINESS IN GOVERNMENT INSTITUTION The Center of Research and Development of Informatic Application](https://reader035.vdocuments.site/reader035/viewer/2022062308/56649ee65503460f94bf5c6c/html5/thumbnails/1.jpg)
LOGO
A. BUDI SETIAWAN
INFORMATION SECURITY GOVERNANCE READINESS IN GOVERNMENT INSTITUTION
The Center of Research and Development of Informatic Application. Agency of Human Resource Research and Development,Ministry of ICT Indonesia
Delivered at codeBALI International Conference 2015September, 21-23, 2015 in Denpasar-Bali, Indonesia
![Page 2: LOGO A. BUDI SETIAWAN INFORMATION SECURITY GOVERNANCE READINESS IN GOVERNMENT INSTITUTION The Center of Research and Development of Informatic Application](https://reader035.vdocuments.site/reader035/viewer/2022062308/56649ee65503460f94bf5c6c/html5/thumbnails/2.jpg)
INTRODUCTION
• Internet usage is increasingInternet usage is increasing
• ICT is enablerICT is enabler
• The use of ICT in the public sectorThe use of ICT in the public sector
• Presidential Instruction No. 3/2003 about Policy & National Presidential Instruction No. 3/2003 about Policy & National Strategy on the Development of e-GovernmentStrategy on the Development of e-Government
• Vulnerability on ICT system…Vulnerability on ICT system…
![Page 3: LOGO A. BUDI SETIAWAN INFORMATION SECURITY GOVERNANCE READINESS IN GOVERNMENT INSTITUTION The Center of Research and Development of Informatic Application](https://reader035.vdocuments.site/reader035/viewer/2022062308/56649ee65503460f94bf5c6c/html5/thumbnails/3.jpg)
Indonesia’s Statistics Internet users: 71,190,000 Internet users as of June.30, 2014, and 28.1% penetration.
(source : http://www.internetworldstats.com/asia.htm#id) The mobile broadband explosion has subscriber numbers at around 65 million (26%
penetration) by end-2014 -- Around 60% of fixed internet subscribers had broadband access
![Page 4: LOGO A. BUDI SETIAWAN INFORMATION SECURITY GOVERNANCE READINESS IN GOVERNMENT INSTITUTION The Center of Research and Development of Informatic Application](https://reader035.vdocuments.site/reader035/viewer/2022062308/56649ee65503460f94bf5c6c/html5/thumbnails/4.jpg)
Increasing IT Risk in Indonesia
• Real incident reported such as phishing, identity theft, data (information resources) stealing, critical information resources hostages, information leakage, insider attack (i.e. virus spread)
• Cases: cyber war, fraud, web deface, hoax, etc
• Malicious code, common vulnerabilities/zero day attack -pirate software are widely used (not updated)
(source: Id-SIRTII/CC, 2012)
![Page 5: LOGO A. BUDI SETIAWAN INFORMATION SECURITY GOVERNANCE READINESS IN GOVERNMENT INSTITUTION The Center of Research and Development of Informatic Application](https://reader035.vdocuments.site/reader035/viewer/2022062308/56649ee65503460f94bf5c6c/html5/thumbnails/5.jpg)
Recent Risk Report in Indonesia
Distributed Denial of Service attack on the system of Domain Name Service (DNS) ccTLD-ID that indicates the attack on the domain "go.id" is the most
(source: Zone-h, 2012)
(source: Id-SIRTII, 2012)
Number of attacks to domain “id” website on October 2012
THREAT
![Page 6: LOGO A. BUDI SETIAWAN INFORMATION SECURITY GOVERNANCE READINESS IN GOVERNMENT INSTITUTION The Center of Research and Development of Informatic Application](https://reader035.vdocuments.site/reader035/viewer/2022062308/56649ee65503460f94bf5c6c/html5/thumbnails/6.jpg)
• Observe the readiness of Information Security Governance implementation in government agencies
• Analysis was performed by using index of e-Government Rank (PeGI) and Information Security Index (Index KAMI
The Study of IT Security Readiness in Government
![Page 7: LOGO A. BUDI SETIAWAN INFORMATION SECURITY GOVERNANCE READINESS IN GOVERNMENT INSTITUTION The Center of Research and Development of Informatic Application](https://reader035.vdocuments.site/reader035/viewer/2022062308/56649ee65503460f94bf5c6c/html5/thumbnails/7.jpg)
Cyber Security Legal Framework in Indonesia
![Page 8: LOGO A. BUDI SETIAWAN INFORMATION SECURITY GOVERNANCE READINESS IN GOVERNMENT INSTITUTION The Center of Research and Development of Informatic Application](https://reader035.vdocuments.site/reader035/viewer/2022062308/56649ee65503460f94bf5c6c/html5/thumbnails/8.jpg)
National Policy and Law on Internet Security
Indonesia’s Act
“Indonesia’s Telecommunication Act”
(UU Telekomunikasi)
“Information & Electronic Transaction Act”
(UU ITE)
No. 29/PER/M.KOMINFO/10 /2010 about Securing Telecommunication
Network Utilization based on Internet Protocol
Number: 133/KEP/M/KOMINFO/04/2010
Number: 01/SE/M.KOMINFO/02/2011
Regulation of Minister of CIT
Decree of Minister of CIT
Circular of Minister of CIT
![Page 9: LOGO A. BUDI SETIAWAN INFORMATION SECURITY GOVERNANCE READINESS IN GOVERNMENT INSTITUTION The Center of Research and Development of Informatic Application](https://reader035.vdocuments.site/reader035/viewer/2022062308/56649ee65503460f94bf5c6c/html5/thumbnails/9.jpg)
The Index of Indonesian e-Government Rank
No. Dimensions
1 Policy
2 Institutional
3 Infrastructure
4 Application
5 Planning
5 Dimensions of Indonesian e-Government Rank:
• Provides a reference for the development and utilization of ICT in public sector
• Provide impetus for the development of ICT in the government through the evaluation of a large, balanced, and objective
• Provides map of the environment conditions of the use of ICT in the national government
Goals:
![Page 10: LOGO A. BUDI SETIAWAN INFORMATION SECURITY GOVERNANCE READINESS IN GOVERNMENT INSTITUTION The Center of Research and Development of Informatic Application](https://reader035.vdocuments.site/reader035/viewer/2022062308/56649ee65503460f94bf5c6c/html5/thumbnails/10.jpg)
Information Security Index
![Page 11: LOGO A. BUDI SETIAWAN INFORMATION SECURITY GOVERNANCE READINESS IN GOVERNMENT INSTITUTION The Center of Research and Development of Informatic Application](https://reader035.vdocuments.site/reader035/viewer/2022062308/56649ee65503460f94bf5c6c/html5/thumbnails/11.jpg)
Analysis of Indonesian e-Government Rank
Ministries
![Page 12: LOGO A. BUDI SETIAWAN INFORMATION SECURITY GOVERNANCE READINESS IN GOVERNMENT INSTITUTION The Center of Research and Development of Informatic Application](https://reader035.vdocuments.site/reader035/viewer/2022062308/56649ee65503460f94bf5c6c/html5/thumbnails/12.jpg)
Analysis of Indonesian e-Government Rank
Local Government (Provinces)
![Page 13: LOGO A. BUDI SETIAWAN INFORMATION SECURITY GOVERNANCE READINESS IN GOVERNMENT INSTITUTION The Center of Research and Development of Informatic Application](https://reader035.vdocuments.site/reader035/viewer/2022062308/56649ee65503460f94bf5c6c/html5/thumbnails/13.jpg)
Source: Directorate of Information Security
Information Security Index 2011
![Page 14: LOGO A. BUDI SETIAWAN INFORMATION SECURITY GOVERNANCE READINESS IN GOVERNMENT INSTITUTION The Center of Research and Development of Informatic Application](https://reader035.vdocuments.site/reader035/viewer/2022062308/56649ee65503460f94bf5c6c/html5/thumbnails/14.jpg)
Source: Directorate of Information Security
Information Security Index 2012
![Page 15: LOGO A. BUDI SETIAWAN INFORMATION SECURITY GOVERNANCE READINESS IN GOVERNMENT INSTITUTION The Center of Research and Development of Informatic Application](https://reader035.vdocuments.site/reader035/viewer/2022062308/56649ee65503460f94bf5c6c/html5/thumbnails/15.jpg)
Source: Directorate of Information Security
Information Security Index 2013
![Page 16: LOGO A. BUDI SETIAWAN INFORMATION SECURITY GOVERNANCE READINESS IN GOVERNMENT INSTITUTION The Center of Research and Development of Informatic Application](https://reader035.vdocuments.site/reader035/viewer/2022062308/56649ee65503460f94bf5c6c/html5/thumbnails/16.jpg)
Source: Directorate of Information Security
Average Value of Information Security Index Area
![Page 17: LOGO A. BUDI SETIAWAN INFORMATION SECURITY GOVERNANCE READINESS IN GOVERNMENT INSTITUTION The Center of Research and Development of Informatic Application](https://reader035.vdocuments.site/reader035/viewer/2022062308/56649ee65503460f94bf5c6c/html5/thumbnails/17.jpg)
1. In most agencies, both central and local governments are already implementing ICT Governance, but with different capacities and in accordance with the conditions of the available human resources and leadership support
2. A common obstacle in the application of ICT governance and information security governance within the government are: Human Resources, Leadership Commitment and funding.
3. In term of ICT security governance in Indonesia, It cause by coordination between government agencies is still weak in terms of cyber security
Cyber Security Readiness in Government
![Page 18: LOGO A. BUDI SETIAWAN INFORMATION SECURITY GOVERNANCE READINESS IN GOVERNMENT INSTITUTION The Center of Research and Development of Informatic Application](https://reader035.vdocuments.site/reader035/viewer/2022062308/56649ee65503460f94bf5c6c/html5/thumbnails/18.jpg)
1. In applying the information security governance need strong commitment from all level management in government institution related to implement IT Security governance
2. It also need particular policy from the highest level government management which is mandate for all government institution to implement IT Security governance
3. Need particular policy from the highest level government management which is mandate for all government institution to implement IT Security governance
4. Information security should become the spirit for all ICT regulation and policy
Cyber Security Readiness in Government
![Page 19: LOGO A. BUDI SETIAWAN INFORMATION SECURITY GOVERNANCE READINESS IN GOVERNMENT INSTITUTION The Center of Research and Development of Informatic Application](https://reader035.vdocuments.site/reader035/viewer/2022062308/56649ee65503460f94bf5c6c/html5/thumbnails/19.jpg)
THANK YOU
A. BUDI SETIAWANICT Researcher at Center of R&D of Informatic ApplicationHuman Resource R&D Agency, Ministry of ICT [email protected]