Cyber Security Audit using CIS CSC, NIST CSF and COBIT 2019 Framework
نویسندگان
چکیده
Tingginya penggunaan teknologi dan informasi saat ini mengakibatkan peningkatan risiko ancaman keamanan data informasi. Dinas Komunikasi Informatika Kota Pontianak, dinas pemerintahan yang memanfaatkan menggunakan banyak Untuk mengetahui sejauh mana kemampuan Pontianak dalam mengelola siber, maka diperlukan audit siber. Audit dapat dilakukan dengan menggabungkan framework CIS CSC (Center for Internet Security Critical Controls) untuk membatasi focus area siber aset TI serta NIST CSF (National Institute of Standards and Technology Cybersecurity Framework) COBIT 2019 (Control Objective Information Technologies) melakukan perhitungan level kapabilitas. Perhitungan kapabilitas metode CPM (COBIT Performance Model). Hasil pada Identify (ID) mencapai 3.9, Protect (PR) 3.4, Detect (DE) 2.5, Respond (RS) 4. Terdapat 19 rekomendasi aktivitas agar diinginkan, kemudian pemetaan ke action priority matrix, 10 masuk kuadran Quick Wins, 9 Major Projects. The frequent use technology information today impacts the increased risk threats to security. Department Communications is department that utilizes uses a lot technology. To find out how far City Communication Informatics Office capable managing cyber security, security needed. Audits can be conducted by combining define cybersecurity areas IT assets using calculate capability level. Capability calculation Model) method. results calculating Service Identification reaches There are activity recommendations carried in order achieve desired cybersecurity, then capture recommendation activities into included Wins quadrant, entered Projects quadrant.
منابع مشابه
Modalities for Cyber Security and Privacy Resilience: The NIST Approach
Cybersecurity was a major topic of discussion at the 2015 World Economic Forum in Davos the Sony attack; huge data breaches at Target and Adobe; a 91% increase in targeted cyber-attacks; annual losses of over $400 billion; the exposure of 904 million personal data records; cyber-attacks on a Finnish bank, a South Korean credit bureau, a German factory’s industrial controls, and the Ukrainian go...
متن کاملA Predictive Framework for Cyber Security Analytics using Attack Graphs
Security metrics serve as a powerful tool for organizations to understand the effectiveness of protecting computer networks. However majority of these measurement techniques don’t adequately help corporations to make informed risk management decisions. In this paper we present a stochastic security framework for obtaining quantitative measures of security by taking into account the dynamic attr...
متن کاملA Framework for Cyber Security in Africa
This paper deals with at least four major cyber safety concerns in Africa discussed in recent literature. These cyber concerns include aspects such as policies, procedure, awareness, research and the provision of technical security measures. Each concern is examined, the main focus areas are highlighted and a solution is proposed. This paper concludes by combining all relevant solutions into a ...
متن کاملA holistic cyber security implementation framework
Purpose – The purpose of this paper is to propose a holistic cyber security implementation framework (HCS-IF) that lays out the ground for a conceptual, coherent, systematic, overarching and consolidated approach to implement cyber security strategies (CSSs). Design/methodology/approach – The HCS-IF is conceptually proposed to address the actual needs that are extracted from literature review. ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: CESS (Journal of Computer Engineering, System and Science)
سال: 2023
ISSN: ['2502-714X', '2502-7131']
DOI: https://doi.org/10.24114/cess.v8i2.43257