Standar Keamanan Informasi - It.maranatha.edu
Standar Keamanan InformasiAnwar SiregarSenior ManagerBusiness Development19 May 2016
Information Security - Creating trust in digital WORLD Cybersecurity is a top global concern. 82% of enterprises expect toexperience a cyber incident in 2015 More than 35% are unable to fill open cybersecurity positions 69% say certification is required for cybersecurity jobs 33% say qualified candidates have hands-on experience 46% say technical skills are needed There is a cybersecurity skills crisis: 1 million unfilled jobs (source:Cisco) The research is clear. Cybersecurity has evolved from critical topic into a publicsafety issueSource: ISACA2
Information Security – Creating trust in digital WORLDTOP PRIORITIES for INFORMATION SECURITYSource: EY’s3
Information Security – DriversDIGITAL WORDRegulatory & Standard UU ITE No. 11 Tahun 2008 UU HAKI No 28 Tahun 2014 UUKependuduka No 24Mobile devicesSocial mediaCloud servicesSecurity as a serviceCommunity awarenessNon StandardTahun 2013 Peraturan Menteri KominfoNo 4 Tahun 2016 ISO 27001 Other Regulation4
TOP 3 CYBER THREATS52%15 %pertumbuhan88,1JutaUsersSocialEngineeringInterner vs TV39%PersistentThreatsAktif di mediasosial40%InsiderThreatsSource: ISACASource: Liputan 65
TOP 6 Country – Internet UsersSource: kominfo.go.id6
ISO 27001 – By CountryTOTAL CERTIFIED in the WORLD : 22293ISO/IEC 27001 - East Asiaand PacificYearCountryAustraliaCambodiaChinaHong Kong, ChinaMacau, ChinaTaipei, ChineseFijiIndonesiaJapanKorea, Democratic People's RepublicKorea, Republic ofMalaysiaMongoliaMyanmarNew ZealandPhilippinesSingaporeThailandViet 127384125391107711241792427361677
03ISO 270018
Information?Information assetKnowledge or data that has value tothe organisation Printed or written on paper Stored electronically Transmitted by post or usingelectronic means Shown on corporate videos Verbal - spoken in conversations ‘ Whatever form the information takes, or means by whichit is shared or stored, it should always be appropriatelyprotected.’ (ISO 27002)9
ISO 27001 – A Management SystemInformation Security Management SystemPart of the overall management system,based on a business risk approach, toestablish, implement, operate, monitor,review, maintain and improveinformation securityISO 27001 – “IS ALL ABOUT RISK”10
What is information security?ISO 27001:2013 defines Information Security asIntegrityPreservation of Confidentiality: information isConfidentialityAvailabilitynot made available or disclosed to unauthorizedindividuals, entities, or processes Integrity: safeguarding the accuracy and completenessof assets Availability: being accessible and usable upon demand by anauthorized entity of informationNote: In addition, other properties such as authenticity,accountability, non-repudiation and reliability can also be involved11
Annex A14 security clause headings35 security categories114 controls12
Benefits of ISO 27001 & CertificationSystemic and Holistic approachBenefit from best practice as captured in the standardIncrease confidence of the organisation in its information securityprocessesNeutral internationally recognised system—helps overcome ‘not inventedhere’ syndromeEases challenges of bringing systems together—in different parts of anorganisation, interoperability, etcHelps avoid a
The ISO 27001 family of standards ISO 27000 –Overview and vocabulary ISO 27001 –Audit Requirements ISO 27002 –Code of Practice (was ISO 17799:2005) ISO 27003 –Implementation Guidance ISO 27004 –Measurement ISO 27005 –Risk Management ISO 27006 –Requirements for Bodies
umum bab vi ketentuan penutup standar kompetensi lulusan standar isi standar proses standar penilaian standar dosen & tenaga kependi standar sarana & prasarana standar pengelolaan standar pendanaan & pembiayaan standar hasil .
ISO/IEC 27002:2013, dan sekitar 90% implementasi kontrol keamanan informasi belum sesuai. Kemudian Perusahaan XYZ perlu meningkatkan SMKI sesuai dengan rekomendasi yang diberikan untuk mencapai kesesuaian maksimal. Kata Kunci: Evaluasi, Keamanan Informasi, Kontrol, ISO/
itu, untuk melakukan eksplanasi terhadap capaian output suatu satuan pendidikan perlu dilakukan pemantauan/pemetaan sekolah dalam pemenuhan 8 standar nasional pendidikan, yang mencakup: standar isi, standar proses, standar kompetensi lulusan, standar pendidik dan tenaga kependidikan, standar sarana
Keamanan pangan mempunyai keterkaitan yang penting dengan ketahanan pagan, gizi , kesehatan keamanan pangan komponen penting dari ketahanan pangan Deklarasi Alma Ata (1978): keamanan pangan merupakan komponen esensial dari Primary Health Care. Komponen penting kesehatan dan mempuny
Sukoharjo dan menggambarkan penanaman karakter disiplin melalui kegiatan Patroli Keamanan Sekolah di SMK Negeri 3 Sukoharjo. 2. METODE Subjek dalam penelitian ini adalah guru dan siswa yang mengikuti kegiatan Patroli Keamanan Sekolah (PKS). Objek penelitian ini adalah penanaman karakter disiplin melalui kegiatan Patroli Keamanan Sekolah (PKS).
A.10 Manajemen komunikasi dan informasi A10.1 Prosedur operasional dan tanggung jawab A10.2 Manajemen pelayanan jasa pihak ketiga A10.3 Perencanaan dan keberterimaan sistem A10.4 Perlindungan terhadap malicious dan mobile code A10.5 Back-up A10.6 Manajemen keamanan j
1. Konsep Dasar Sistem Informasi 6-7 2. Komponen Sistem Informasi 7-9 3. Elemen Sistem Informasi 9-11 4. Klasifikasi Sistem Informasi 11-13 5. Pengelola Sistem Informasi 13-14 6. Pengembangan Sistem Informasi 14-15 7.
Sumber informasi adalah data. Data seringkali disebut sabagai bahan mentah informasi. Melalui suatu proses transformasi, data dibuat menjadi lebih bermakna. (Abdul Kadir, 2003) 2.2 Konsep Dasar Sistem Informasi 2.2.1 Pengertian Sistem Informasi Sistem informasi yang dapat didefinisikan