Article Per Year (5 Year)
p-Index From 2021 - 2026
2.42
P-Index
This Author published in this journals
All Journal Jurnal Teknologi Informasi dan Ilmu Komputer MATRIK : Jurnal Manajemen, Teknik Informatika, dan Rekayasa Komputer Jurnal Vokasi Indonesia Jurnal Telematika Indonesian Journal of Applied Informatics GERVASI: Jurnal Pengabdian kepada Masyarakat EDUMATIC: Jurnal Pendidikan Informatika Jurnal Statistika dan Matematika (Statmat) Teknika Mathematics and Applications (MAp) Journal Unnes Journal of Mathematics Journal of Fundamental Mathematics and Applications (JFMA) Info Kripto Jurnal Pelita Pengabdian Jurnal Vokasi Indonesia
Ira Rosianal Hikmah
Politeknik Siber Dan Sandi Negara
Religion Aerospace Engineering Agriculture, Biological Sciences & Forestry Arts Humanities Astronomy Civil Engineering, Building, Construction & Architecture Computer Science & IT Control & Systems Engineering Decision Sciences, Operations Research & Management Economics, Econometrics & Finance Education Electrical & Electronics Engineering Engineering Health Professions Languange, Linguistic, Communication & Media Mathematics Public Health Social Sciences Other

Published : 18 Documents Claim Missing Document
Claim Missing Document
Check
Articles

Found 2 Documents
Search
Journal : Info Kripto

 1 
Cyber-Risk Management Menggunakan NIST Cyber Security Framework (CSF) dan Cobit 2019 pada Instansi XYZ Julianto, Andhika Sigit; Hikmah, Ira Rosianal; Yasa, Ray Novita
Info Kripto Vol 18 No 2 (2024)
Publisher : Politeknik Siber dan Sandi Negara

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.56706/ik.v18i2.99

Abstract

Current technological developments trigger companies or organizations to use Information Technology (IT) as a service base and optimize business processes. IT can provide opportunities in the government sector to develop state apparatus through implementing the Electronic-Based Government System (SPBE). Central and Local Government Agencies have implemented SPBE and contributed to the efficiency and effectiveness of government administration. Ensuring the sustainability of SPBE and reducing the impact of risk is the goal of risk management, with a process of identification, analysis, control, monitoring, and evaluation of risks based on risk management determined by the government. XYZ Agency is an agency that operates in the fields of communication and information, coding and statistics. XYZ Agency also implemented an Electronic Based Government System (SPBE). In this study, Cyber-risk management was designed using NIST CSF and COBIT 2019. In designing cyber-risk management, using 6 stages, namely Prioritized and Scope, Orient, Create a Current Profile, Conduct Risk Assessment, Create a Target Profile, and Determine, Analyze, and Prioritize Gaps. In this study, there are 28 assets, 17 threats, 13 vulnerabilities, and 12 controls implemented. With these results obtained 111 risks, there are 35 risks in the high category, 63 risks in the medium category, and 13 risks in the low category. The final result of this research is the preparation preparation of a cyber-risk management design by grouping the recommended actions based on Work Products (WP) and Generic Work Products (GWP) which become a work program for XYZ Agency.
Perancangan Kriteria CSA Sektor Industri Energi berdasarkan CIS Control dan Peraturan Menteri BUMN Andriawan, Melandy; Hikmah, Ira Rosianal; Yulita, Tiyas
Info Kripto Vol 19 No 2 (2025)
Publisher : Politeknik Siber dan Sandi Negara

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.56706/ik.v19i2.126

Abstract

Perkembangan teknologi digital di Indonesia tumbuh sangat pesat dan telah mendorong lonjakan pemanfaatan ruang siber. Dengan kemudahan akses serta fleksibilitasnya, ruang siber kini menjadi tulang punggung utama aktivitas di era modern. Tidak hanya digunakan masyarakat luas, ruang siber juga menopang berbagai sektor strategis nasional yang tergolong sebagai Infrastruktur Informasi Vital Nasional (IIVN), termasuk sektor industri energi. Namun, di balik peluang besar tersebut, ruang siber menyimpan berbagai kerentanan yang berpotensi menjadi celah serangan siber. Untuk menjawab tantangan ini, organisasi perlu menerapkan Cyber Security Audit (CSA) sebagai upaya evaluasi menyeluruh atas tingkat keamanan sistem yang mereka kelola. CSA dapat mengacu pada standar internasional, seperti NIST Cybersecurity Framework (CSF), CIS Controls, maupun COBIT. Dalam penelitian ini, NIST CSF dan CIS Controls dipilih karena memiliki struktur hierarkis yang jelas, terukur, serta mudah diimplementasikan. Lebih jauh, kedua standar tersebut diselaraskan dengan Peraturan Menteri BUMN Nomor PER-02/MBU/02/2018 dan PER-03/MBU/02/2018 sebagai landasan hukum pelaksanaan audit. Hasil dari proses harmonisasi ini melahirkan seperangkat 160 pertanyaan audit, yang dikelompokkan ke dalam empat domain utama: Identify (23 pertanyaan), Protect (90 pertanyaan), Detect (35 pertanyaan), dan Respond (12 pertanyaan).
Co-Authors Aditama, Whisnu Yudha Amiruddin Amiruddin Amiruddin Andriawan, Melandy ARIZAL Clarissa, Putri Rumondang Dimas Febriyan Priambodo Jeckson Sidabutar Julianto, Andhika Sigit Muhammad Yusuf Ray Novita Yasa Sunaringtyas, Septia Ulfa Tiyas Yulita Tri Hesti Damayanti Whisnu Yudha Aditama Yulial Hikmah Yusuf, Muhammad Firdaus