Improving Cyber Security Incident Response Maturity of XYZ Organization Using TMPI

  • Rachmat Budijanto Swiss German University, Indonesia
Keywords: TMPI, Incident Response, CSIR, BSSN, Maturity Level, Resilience, CRR, IPA

Abstract

This thesis proposes to analyze how an organization can determine the condition of its incident handling capability and how an organization can plan activities for improvement and its relation to increasing resilience of an organization. The method to answer this question, the researcher measures the existing and expected capabilities of handling organizational incidents by using TMPI. The GAP obtained can be made recommendations based on the TMPI with reference to the specified Targets or Expectations. GAP is also analyzed with IPA (Imprortant Performance Analysis) to determine priority scale. In this research, the recommendation from TMPI is tested on the CRR (Cyber Resilience Review) to see if there is an improvement on the resilience side. The evaluation and validation process is carried out using the Interview and FGD method with SME (Subject Matter Experts). The results of the research show that TMPI can measure the current condition of an organization's incident handling ability so that a work plan recommendation can be prepared to improve its ability to refer to TMPI according to the desired target. With IPA it can be described Mapping of the priority areas for improvement, namely Post Incident Review, Lesson Learn, Maturity assessment, Threat analysis, Trend Analysis, The Recovery. The results also reveal that from the recommendations for increasing TMPI when measured by CRR, there is an increase in resilience in the Situational Awareness area was an increase of 66%, Incident Management 52%, External Dependency Management 23%, Training and Awareness 17% and the last is Service Continuity Management 8%. However, this thesis has not discussed in the Reality area in resilience. Such as how to apply Protection, Sustainability and Detection to protected assets in accordance with the Organization in cases faced by the organization in improving resilience operations. From the perspective of operational resilience, this study needs to be complemented by Resilience in the Realibility area, This is important because the organization cannot secure everything but the important thing is how the operational organization is running well and security can still be controlled.

Downloads

Download data is not yet available.

References

Ardiyanti, H. (2014). Cyber-Security dan Tantangan Pengembangannya di Indonesia. Politica, 95–110.

Balan, S, Otto, J, Minasian, E & Aryal, A. (2017). Data analysis of cybercrimes in businesses’, Information Technology and Management Science. 20(1), 64–68.

Bodeau, D. J., & Graubart, R. (2011). Cyber Resiliency Engineering Framework.

Cloppert, M. (2009). Security Intelligence: Attacking the Kill Chain. SANS Computer Forensics and Incident Response Blog. Http://Computer-Forensics.sans.Org/Blog/2009/10/14/Security-Intelligence-Attacking-the-Kill- Chain/.

Creasey, J. (2013). Cyber Security Incident Response Guide Version 1 2 Cyber Security Incident Response Guide DTP notes A Good Tip A Timely Warning An insightful Project Finding.

Daniri, M. A. (2008). Standarisasi tanggung jawab sosial perusahaan. Indonesia: Kadin Indonesia, 2(1), 1–36.

Department for Digital, Culture, M. and S. L. (2019). Cyber Security Breaches Survey.

DR Windriya, H Tanuwijaya, E. S. (2014). Audit Keamanan Sistem Informasi pada Instalasi Sistem Informasi Manajemen RSUD Bangil Berdasarkan ISO 27002. JSIKA.

Ferdinand, J. (2015). Building organisational cyber resilience: a strategic knowledge-based view of cyber security management. Journal of Business Continuity & Emergency Planning, 9(2), 185–195.

Herdiana, Y., Munawar, Z., & Putri, N. I. (2021). Mitigasi Ancaman Resiko Keamanan Siber di Masa Pandemi Covid-19. Jurnal ICT: Information Communication & Technology, 20(1), 42–52.

Indarta, Y., Ranuharja, F., Ashari, I. F., Sihotang, J. I., Simarmata, J., Harmayani, H., Algifari, M. H., Muslihi, M. T., Mahmudi, A. A., & Fatkhudin, A. (2022). Keamanan Siber: Tantangan di Era Revolusi Industri 4.0. Yayasan Kita Menulis.

Leech, N. L., & Onwuegbuzie, A. J. (2007). array of qualitative data analysis tools: A call for data analysis triangulation. School Psychology Quarterly.

Lendong, L. G. N. (2020). Kerugian Akibat Cybercrime di 2021 Diprediksi Akan Tembus 6 Triliun USD - Tribunnews.com.

O.Nyumba, T., Wilson, K., Derrick, C. J., & Mukherjee, N. (2018). The use of focus group discussion methodology: Insights from two decades of application in conservation. Methods in Ecology and Evolution,. 9, 20–32. https://doi.org/https://doi.org/10.1111/2041-210X.12860.

Permana, A. (2021). Indonesia’s Cyber Defense Strategy In Mitigating The Risk of Cyber Warfare Threats (Vol. 3, Issue 1).

Potteiger, B., Martins, G., & Koutsoukos, X. (2016). Software and attack centric integrated threat modeling for quantitative risk assessment. 99–108. https://doi.org/10.1145/2898375.2898390.

Pratama, E. A. (2013). Optimalisasi Cyberlaw untuk Penanganan Cybercrime pada E-commerce. Jurnal Bianglala Informatika.

Setiawan, M. B., & Nugroho, A. (2016). Penerapan Konsep Continuous Auditing: Studi Kasus Audit Kepatuhan Terhadap PTK 007 di SKK Migas. Info Artha, 5(1), 107–126.

Tri Aryadi. (2018). Indonesia’s survival in age of cyber warfare - Opinion - The Jakarta Post.

Windiani, R. (2017). Peran Indonesia dalam memerangi terorisme. Jurnal Ilmu Sosial, 16(2), 135–152. https://doi.org/10.14710/jis.16.2.2017.135-152.
Published
2023-01-14