ERP (Electronic Road Pricing) Dan ETLE (E- Traffic Law Enforcement)
Information Security @ ITBjatinangor.itb.ac.id/wp-content/uploads/sites/17/2016/10/studium... ·...
Transcript of Information Security @ ITBjatinangor.itb.ac.id/wp-content/uploads/sites/17/2016/10/studium... ·...
![Page 1: Information Security @ ITBjatinangor.itb.ac.id/wp-content/uploads/sites/17/2016/10/studium... · Badan Cyber Nasional Civil Defense Law Enforcement Intelligence Kominfo, Kemendagri,](https://reader031.fdokumen.com/reader031/viewer/2022021811/5c913b4b09d3f24f048d0b01/html5/thumbnails/1.jpg)
Information Security @ ITBYudi Satria Gondokaryono
Direktur ITB-Korea Cyber Security R&D Center
![Page 2: Information Security @ ITBjatinangor.itb.ac.id/wp-content/uploads/sites/17/2016/10/studium... · Badan Cyber Nasional Civil Defense Law Enforcement Intelligence Kominfo, Kemendagri,](https://reader031.fdokumen.com/reader031/viewer/2022021811/5c913b4b09d3f24f048d0b01/html5/thumbnails/2.jpg)
Intro: SecurityPengguna internet di seluruh dunia: lebih dari 2 Milyar*Hampir semua device terhubung ke internet
Kemudian muncul berbagai security threatsdengan tren yang meningkat tajam tiap tahunnya.
* sumber: http://www.thecultureist.com/2013/05/09/how-many-people-use-the-internet-more-than-2-billion-infographic/
630057
NEW UNIQUE
THREATS PER DAY
NEW UNIQUE THREATS PER HOUR
2006
2012
Spam Phising Malware Bad URL Identity Theft Ransomware Stuxnet ZeuS Shamoon Agent.A
![Page 3: Information Security @ ITBjatinangor.itb.ac.id/wp-content/uploads/sites/17/2016/10/studium... · Badan Cyber Nasional Civil Defense Law Enforcement Intelligence Kominfo, Kemendagri,](https://reader031.fdokumen.com/reader031/viewer/2022021811/5c913b4b09d3f24f048d0b01/html5/thumbnails/3.jpg)
Intro: Security
5503
11911
16843
29999
41776 42854
48562
0
10000
20000
30000
40000
50000
60000
2006 2007 2008 2009 2010 2011 2012
Fiscal Years
Sumber: http://www.govloop.com/profiles/blogs/infographic-cybersecurity-in-focus
Number of Security Incidents Reported to US-CERT Fiscal Years 2006-2012 From Federal
Agencies
37%
20%
18%
17%
7%
Under investigation
Improper Usage
Malicious Scale
Unauthorized Access
Scams, Probes, Attempted Access
![Page 4: Information Security @ ITBjatinangor.itb.ac.id/wp-content/uploads/sites/17/2016/10/studium... · Badan Cyber Nasional Civil Defense Law Enforcement Intelligence Kominfo, Kemendagri,](https://reader031.fdokumen.com/reader031/viewer/2022021811/5c913b4b09d3f24f048d0b01/html5/thumbnails/4.jpg)
Sumber: infographicarchieve.com
What do the attackers take?1. Payment card numbers/data2. Authentication credential3. Copyrighted material4. Medical records5. Classified information6. Bank account detauils7. Personal information8. System information9. Sensitive organizational data10. Trade secrets
Average cost to a small-bussiness from cyber attack is $ 188,242
![Page 5: Information Security @ ITBjatinangor.itb.ac.id/wp-content/uploads/sites/17/2016/10/studium... · Badan Cyber Nasional Civil Defense Law Enforcement Intelligence Kominfo, Kemendagri,](https://reader031.fdokumen.com/reader031/viewer/2022021811/5c913b4b09d3f24f048d0b01/html5/thumbnails/5.jpg)
Strategi Ketahanan Cyberspace Nasional
• Tujuan strategi nasional cyberspace“Menjamin ketahanan informasi dan sistem pendukungnyadalam rangka menyelesaikan permasalahan strategis bangsadan meningkatkan kualitas kehidupan bangsa Indonesia”
![Page 6: Information Security @ ITBjatinangor.itb.ac.id/wp-content/uploads/sites/17/2016/10/studium... · Badan Cyber Nasional Civil Defense Law Enforcement Intelligence Kominfo, Kemendagri,](https://reader031.fdokumen.com/reader031/viewer/2022021811/5c913b4b09d3f24f048d0b01/html5/thumbnails/6.jpg)
Prioritas 1 Prioritas 2 Prioritas 3 Prioritas 4 Prioritas 5 Prioritas 6
Pengguna alat
komunikasi personal
Pengguna komputer
rumahan / Industri
kecil dan menengah
Perusahaan besar
(termasuk
universitas,
korporasi, lembaga
pemerintahan)
Sektor atau
infrastruktur kritikal
Skala nasional
Internasional
Prioritas 1Membangun sistem yang menjamin ketersediaan informasi bagi bangsa dan negara
Prioritas 2Membangun organisasi dan tata kelola sistem penanganan keamanan cyberspace nasional
Prioritas 3Sistem untuk memperkecil kelemahan dan ancaman pada keamanan cyberspace nasional
Prioritas 4Program nasional pendidikan pelatihan tentang kesadaran keamanan cyberspace
Prioritas 5Program nasional pendidikan pelatihan tentang kesadaran keamanan cyberspace
Permasalahan Dunia Siber
Prioritas 6: Kerjasama internasional untuk meningkatkan keamanan sistem cyberspace
![Page 7: Information Security @ ITBjatinangor.itb.ac.id/wp-content/uploads/sites/17/2016/10/studium... · Badan Cyber Nasional Civil Defense Law Enforcement Intelligence Kominfo, Kemendagri,](https://reader031.fdokumen.com/reader031/viewer/2022021811/5c913b4b09d3f24f048d0b01/html5/thumbnails/7.jpg)
Badan Cyber Nasional
Civil Defense Law Enforcement Intelligence
Kominfo, Kemendagri, Service
Provider
Kemenko Polhukam, Polri
Kominfo, Kemendag, Service Provider, BI
Polri
Kominfo. Kemenkeu, BUMN
Polri, Kemenkumham
KEMENDIKBUD Kemenhan Kemenhukam
Kemenkes, Kemenhub, Kominfo
TNI, Kemenham BIN
KominfoKemenham,
Kemenlu
1
2
3
4
5
6
![Page 8: Information Security @ ITBjatinangor.itb.ac.id/wp-content/uploads/sites/17/2016/10/studium... · Badan Cyber Nasional Civil Defense Law Enforcement Intelligence Kominfo, Kemendagri,](https://reader031.fdokumen.com/reader031/viewer/2022021811/5c913b4b09d3f24f048d0b01/html5/thumbnails/8.jpg)
Critical Infrastructure
Kementrian Sektor
Kementrian Komunikasi dan Informatika Informasi dan Komunikasi (Komersial)
Kementrian Perhubungan, Kementrian
Pekerjaan Umum
Transportasi (penerbangan, kereta api,
infrastruktur jalan, dll)
Kementrian Kesehatan Kesehatan
Kementrian Pertanian Ketahanan Pangan
Kementrian Energi dan Sumber Daya
Mineral
Energi dan Sumber Daya Mineral
Kementrian Lingkungan Hidup Air bersih, Pengolahan limbah
Kementrian Pertahanan Industri pertahanan
Kementrian Keuangan Perbankan dan Keuangan
Kementrian BUMN Industri Strategis (PTDI, PT. PAL, dll)
![Page 9: Information Security @ ITBjatinangor.itb.ac.id/wp-content/uploads/sites/17/2016/10/studium... · Badan Cyber Nasional Civil Defense Law Enforcement Intelligence Kominfo, Kemendagri,](https://reader031.fdokumen.com/reader031/viewer/2022021811/5c913b4b09d3f24f048d0b01/html5/thumbnails/9.jpg)
PLN SmartGrid
![Page 10: Information Security @ ITBjatinangor.itb.ac.id/wp-content/uploads/sites/17/2016/10/studium... · Badan Cyber Nasional Civil Defense Law Enforcement Intelligence Kominfo, Kemendagri,](https://reader031.fdokumen.com/reader031/viewer/2022021811/5c913b4b09d3f24f048d0b01/html5/thumbnails/10.jpg)
ITB Vision on InfoSec
![Page 11: Information Security @ ITBjatinangor.itb.ac.id/wp-content/uploads/sites/17/2016/10/studium... · Badan Cyber Nasional Civil Defense Law Enforcement Intelligence Kominfo, Kemendagri,](https://reader031.fdokumen.com/reader031/viewer/2022021811/5c913b4b09d3f24f048d0b01/html5/thumbnails/11.jpg)
ITB Cyber Security Center
![Page 12: Information Security @ ITBjatinangor.itb.ac.id/wp-content/uploads/sites/17/2016/10/studium... · Badan Cyber Nasional Civil Defense Law Enforcement Intelligence Kominfo, Kemendagri,](https://reader031.fdokumen.com/reader031/viewer/2022021811/5c913b4b09d3f24f048d0b01/html5/thumbnails/12.jpg)
Organization
COUNT-PARTNER TEAM PMC TEAM
JOINT STEERING COMMITTEE
KOREAINDONSIA KOICAMOEC
Bilateral
Collaboration
Experts Group
• Masterplan Experts (1)
• Center Operation (1)
• Education Experts (1)
• Center Operation Experts (1)
• Technical Experts (3)
• H/W Experts (1)
Construction
• Architecture Design (1)
• CM & Auditing (1)
• Local Auditing (1)
Coordination
• Domestic Coordination (1)
• Local Coordination (1)
PM (1)
R&D Center
• Resource Management (1)
• Master Program (2)
• Construction (1)
R&D Program
• Leading Professor (3)
• Research & Development (6)
DEAN of ITB STEI
CSC Director
• Local Coordination (1)
![Page 13: Information Security @ ITBjatinangor.itb.ac.id/wp-content/uploads/sites/17/2016/10/studium... · Badan Cyber Nasional Civil Defense Law Enforcement Intelligence Kominfo, Kemendagri,](https://reader031.fdokumen.com/reader031/viewer/2022021811/5c913b4b09d3f24f048d0b01/html5/thumbnails/13.jpg)
ITB CSC Center ConstructionGround Breaking Ceremony (Jan. 30th 2013)
Construction Progress (10th Dec. 2013, Completed)
![Page 14: Information Security @ ITBjatinangor.itb.ac.id/wp-content/uploads/sites/17/2016/10/studium... · Badan Cyber Nasional Civil Defense Law Enforcement Intelligence Kominfo, Kemendagri,](https://reader031.fdokumen.com/reader031/viewer/2022021811/5c913b4b09d3f24f048d0b01/html5/thumbnails/14.jpg)
Masterplan
Education Unit R&D Unit Collaboration Unit
Security
Research
Product
Development
Collaboration
Consulting
Service
• Network Security• Document Security
• Mobile Security
• Gov/Mil/Biz• Technical Support
• Security Technology• Security Management
• Cyber Security Policy• Technical Support
• MS-ISST• ExecMS-ISG
Master
Program
Training Program
• General Training• Special Training
To provide the education and R&D
systems for ITB CSC
To provide operational strategy of ITB
CSC
• Organization, Curriculum, R&D Program, Recruiting faculty and Student, Facilities and Equipment
To provide core strategy for ITB CSC’s
sustainability
• Strategy for financially independent center
• Promoting and Collaboration• Long-term networking strategy
KOICA-ITB CSC SERVICE & PROGRAM - MASTERPLAN SETUPMASTERPLAN ACTIVITIES
![Page 15: Information Security @ ITBjatinangor.itb.ac.id/wp-content/uploads/sites/17/2016/10/studium... · Badan Cyber Nasional Civil Defense Law Enforcement Intelligence Kominfo, Kemendagri,](https://reader031.fdokumen.com/reader031/viewer/2022021811/5c913b4b09d3f24f048d0b01/html5/thumbnails/15.jpg)
Roadmap
![Page 16: Information Security @ ITBjatinangor.itb.ac.id/wp-content/uploads/sites/17/2016/10/studium... · Badan Cyber Nasional Civil Defense Law Enforcement Intelligence Kominfo, Kemendagri,](https://reader031.fdokumen.com/reader031/viewer/2022021811/5c913b4b09d3f24f048d0b01/html5/thumbnails/16.jpg)
Program peningkatan kapabilitas SDM dalam bidang keamanan siber dapat
dibagi ke dalam tiga komponen penting
Sumber Daya Manusia dan Awareness
• Meningkatkan kesadaran akan resiko beraktifitas di dunia cyber• Mempersiapkan sumber daya manusia yang capable dalam mendukung keamanan siber nasional• Mengembangkan dan memelihara cybersecurity workforce yang kompetitif dan mampu bersaing
secara global
Goal:
![Page 17: Information Security @ ITBjatinangor.itb.ac.id/wp-content/uploads/sites/17/2016/10/studium... · Badan Cyber Nasional Civil Defense Law Enforcement Intelligence Kominfo, Kemendagri,](https://reader031.fdokumen.com/reader031/viewer/2022021811/5c913b4b09d3f24f048d0b01/html5/thumbnails/17.jpg)
(Contoh) Kebutuhan Tenaga Kerja IT SecurityIndonesia
Berdasarkan asumsi minimal:• Kabupaten dan kota butuh 2 tenaga kerja• Provinsi butuh 5 tenaga kerja• Kementerian dan BUMN butuh 10 tenaga kerja
508 Kab dan
Kota
33 Prov.
140BUMN
34 Kemen-terian
2921
![Page 18: Information Security @ ITBjatinangor.itb.ac.id/wp-content/uploads/sites/17/2016/10/studium... · Badan Cyber Nasional Civil Defense Law Enforcement Intelligence Kominfo, Kemendagri,](https://reader031.fdokumen.com/reader031/viewer/2022021811/5c913b4b09d3f24f048d0b01/html5/thumbnails/18.jpg)
S3 : 300
S2 : 3,000 (10%)
S1 : 12,000 (25%)
S1 Teknik : 120,000 (10%)
SMA IPA : 360,000 (30%)
(Contoh) Kebutuhan Tenaga Kerja IT SecurityIndonesia
Pengembangan kapabilitas riset dan industrikeamanan:• Berbagai Negara ~ 3000 S3 per bidang• Indonesia ~ 10% == 300 S3 per bidang
Perkiraan siswa IPA 450,000 per tahunTidak mungkin 70% masuk ke satu bidangHarus menaikkan jumlah siswa IPA + jangka panjang
![Page 19: Information Security @ ITBjatinangor.itb.ac.id/wp-content/uploads/sites/17/2016/10/studium... · Badan Cyber Nasional Civil Defense Law Enforcement Intelligence Kominfo, Kemendagri,](https://reader031.fdokumen.com/reader031/viewer/2022021811/5c913b4b09d3f24f048d0b01/html5/thumbnails/19.jpg)
Grafik Beberapa Tahun Terakhir
0
50000
100000
150000
200000
250000
300000
350000
400000
450000
500000
2005 2006 2007 2008 2009
384121 398778 403841442281
488183
83049108560
159438135468 140501
Siswa IPA SMA Mahasiswa Teknik
![Page 20: Information Security @ ITBjatinangor.itb.ac.id/wp-content/uploads/sites/17/2016/10/studium... · Badan Cyber Nasional Civil Defense Law Enforcement Intelligence Kominfo, Kemendagri,](https://reader031.fdokumen.com/reader031/viewer/2022021811/5c913b4b09d3f24f048d0b01/html5/thumbnails/20.jpg)
Jumlah Mahasiswa Baru yang Berhubungandengan IT Security
0
200
400
600
800
1000
1200
1400
1600
1800
2000
2009 2010 2011
11601238 1258
602521
568
1165
1677
1988
16761747
1990
ITB
Unhas
Unibraw
ITS
![Page 21: Information Security @ ITBjatinangor.itb.ac.id/wp-content/uploads/sites/17/2016/10/studium... · Badan Cyber Nasional Civil Defense Law Enforcement Intelligence Kominfo, Kemendagri,](https://reader031.fdokumen.com/reader031/viewer/2022021811/5c913b4b09d3f24f048d0b01/html5/thumbnails/21.jpg)
Kompetensi SDM ?
Who is the Equation Group?
Kaspersky declined to outright name the United States National Security Agency (NSA) as the governing body behind the Equation Group, but there are a number of factors that point to the NSA as the responsible party.
Read more at http://observer.com/2015/02/equation-group/#ixzz3XM9qc2B5
![Page 22: Information Security @ ITBjatinangor.itb.ac.id/wp-content/uploads/sites/17/2016/10/studium... · Badan Cyber Nasional Civil Defense Law Enforcement Intelligence Kominfo, Kemendagri,](https://reader031.fdokumen.com/reader031/viewer/2022021811/5c913b4b09d3f24f048d0b01/html5/thumbnails/22.jpg)
![Page 23: Information Security @ ITBjatinangor.itb.ac.id/wp-content/uploads/sites/17/2016/10/studium... · Badan Cyber Nasional Civil Defense Law Enforcement Intelligence Kominfo, Kemendagri,](https://reader031.fdokumen.com/reader031/viewer/2022021811/5c913b4b09d3f24f048d0b01/html5/thumbnails/23.jpg)
Why are these hackers so frightening than others?
• The first is just how deep their work penetrates a computer system. Kaspersky uncovered Equation Group malware that infiltrates a system’s firmware, or the software that loads before your OS even has a chance to boot up.
Read more at http://observer.com/2015/02/equation-group/#ixzz3XMBk5T9D
![Page 24: Information Security @ ITBjatinangor.itb.ac.id/wp-content/uploads/sites/17/2016/10/studium... · Badan Cyber Nasional Civil Defense Law Enforcement Intelligence Kominfo, Kemendagri,](https://reader031.fdokumen.com/reader031/viewer/2022021811/5c913b4b09d3f24f048d0b01/html5/thumbnails/24.jpg)
Apa itu RMKI?
REKAYASA:
• KRIPTOGRAFI DAN APLIKASINYA
• SECURE SOFTWARE & OS SECURITY
• DIGITAL FORENSIC & COMPUTER CRIME, DSB...
MANAJEMEN:
• INFORMATION SECURITY MANAGEMENT
• INFORMATION SYSTEM ASSURANCE
• SECURITY ARCHITECTURE AND DESIGN
Meningkatkan Sumber Daya Manusia untukMenjamin Keamanan Sistem Informasi
Nasional Masa Depan
*Rekayasa dan Manajemen Keamanan Informasi
![Page 25: Information Security @ ITBjatinangor.itb.ac.id/wp-content/uploads/sites/17/2016/10/studium... · Badan Cyber Nasional Civil Defense Law Enforcement Intelligence Kominfo, Kemendagri,](https://reader031.fdokumen.com/reader031/viewer/2022021811/5c913b4b09d3f24f048d0b01/html5/thumbnails/25.jpg)
Output Program RMKI:
HACKERS
![Page 26: Information Security @ ITBjatinangor.itb.ac.id/wp-content/uploads/sites/17/2016/10/studium... · Badan Cyber Nasional Civil Defense Law Enforcement Intelligence Kominfo, Kemendagri,](https://reader031.fdokumen.com/reader031/viewer/2022021811/5c913b4b09d3f24f048d0b01/html5/thumbnails/26.jpg)
Output Program RMKI:
Hardware berbasis securitySoftware berbasis security
Manajemen berbasis security
![Page 27: Information Security @ ITBjatinangor.itb.ac.id/wp-content/uploads/sites/17/2016/10/studium... · Badan Cyber Nasional Civil Defense Law Enforcement Intelligence Kominfo, Kemendagri,](https://reader031.fdokumen.com/reader031/viewer/2022021811/5c913b4b09d3f24f048d0b01/html5/thumbnails/27.jpg)
Education ProgramBachelor, Masters, Doctoral, Training, Cont. Education
![Page 28: Information Security @ ITBjatinangor.itb.ac.id/wp-content/uploads/sites/17/2016/10/studium... · Badan Cyber Nasional Civil Defense Law Enforcement Intelligence Kominfo, Kemendagri,](https://reader031.fdokumen.com/reader031/viewer/2022021811/5c913b4b09d3f24f048d0b01/html5/thumbnails/28.jpg)
InformationSecurity
Engineering &
Governance
![Page 29: Information Security @ ITBjatinangor.itb.ac.id/wp-content/uploads/sites/17/2016/10/studium... · Badan Cyber Nasional Civil Defense Law Enforcement Intelligence Kominfo, Kemendagri,](https://reader031.fdokumen.com/reader031/viewer/2022021811/5c913b4b09d3f24f048d0b01/html5/thumbnails/29.jpg)
R&D Program & DevelopmentEnhancing technical capability in technology development
NetworkSecurity
Consulting DocumentSecurity
MobileSecurity
Government
Military
Bank
Telcom
Public SectorPrivate Sector
Primary R&D areas
for technology transfers and cooperative development
Action Plan Setup After Development Training Program
![Page 30: Information Security @ ITBjatinangor.itb.ac.id/wp-content/uploads/sites/17/2016/10/studium... · Badan Cyber Nasional Civil Defense Law Enforcement Intelligence Kominfo, Kemendagri,](https://reader031.fdokumen.com/reader031/viewer/2022021811/5c913b4b09d3f24f048d0b01/html5/thumbnails/30.jpg)
Doctoral Research on Mobile Security
![Page 31: Information Security @ ITBjatinangor.itb.ac.id/wp-content/uploads/sites/17/2016/10/studium... · Badan Cyber Nasional Civil Defense Law Enforcement Intelligence Kominfo, Kemendagri,](https://reader031.fdokumen.com/reader031/viewer/2022021811/5c913b4b09d3f24f048d0b01/html5/thumbnails/31.jpg)
International Research Collaboration
• Processor’s Secure Zone & Trusted Computing
• MDM-EISP (Mobile Device Management – Enterprise Internal Secure Platform)
• KOICA-KISA-KR-CERT ITB-INA-CERT
• Cyber Patrol Collaboration
• Asymmetric Persistent Threats
• Hacking and Anti-Hacking Technology
• Cyber Forensic
![Page 32: Information Security @ ITBjatinangor.itb.ac.id/wp-content/uploads/sites/17/2016/10/studium... · Badan Cyber Nasional Civil Defense Law Enforcement Intelligence Kominfo, Kemendagri,](https://reader031.fdokumen.com/reader031/viewer/2022021811/5c913b4b09d3f24f048d0b01/html5/thumbnails/32.jpg)
Equipment
![Page 33: Information Security @ ITBjatinangor.itb.ac.id/wp-content/uploads/sites/17/2016/10/studium... · Badan Cyber Nasional Civil Defense Law Enforcement Intelligence Kominfo, Kemendagri,](https://reader031.fdokumen.com/reader031/viewer/2022021811/5c913b4b09d3f24f048d0b01/html5/thumbnails/33.jpg)
Thank You