Article Per Year (5 Year)
p-Index From 2021 - 2026
2.9
P-Index
This Author published in this journals
All Journal International Journal of Electrical and Computer Engineering Jurnal Ilmu Komputer dan Informasi Jurnal Ilmiah Teknik Elektro Komputer dan Informatika (JITEKI) Journal of Information Systems Engineering and Business Intelligence JTET (Jurnal Teknik Elektro Terapan) JOIV : International Journal on Informatics Visualization Jurnal RESTI (Rekayasa Sistem dan Teknologi Informasi) International Journal of Artificial Intelligence Research JRSI (Jurnal Rekayasa Sistem dan Industri) Syntax Literate: Jurnal Ilmiah Indonesia JUTIM (Jurnal Teknik Informatika Musirawas) Jurnal Informatika Ekonomi Bisnis Cyber Security dan Forensik Digital (CSFD) International Journal of Advances in Data and Information Systems Jurnal Teknik Informatika (JUTIF) Jurnal Restikom : Riset Teknik Informatika dan Komputer Jurnal Informatika Ekonomi Bisnis Jurnal Sistem Informasi The Indonesian Journal of Computer Science Scientific Journal of Informatics
Setiadi Yazid, Setiadi
Universitas Indonesia
Humanities Computer Science & IT Control & Systems Engineering Decision Sciences, Operations Research & Management Economics, Econometrics & Finance Education Electrical & Electronics Engineering Engineering Environmental Science Industrial & Manufacturing Engineering Law, Crime, Criminology & Criminal Justice Library & Information Science Social Sciences Other

Published : 24 Documents Claim Missing Document
Claim Missing Document
Check
Articles

Found 24 Documents
Search

 1   2   3 
Measurement of Employee Information Security Awareness: A Case Study of National Civil Service Agency Fadhil, Ahmad; Yazid, Setiadi
The Indonesian Journal of Computer Science Vol. 12 No. 6 (2023): The Indonesian Journal of Computer Science (IJCS)
Publisher : AI Society & STMIK Indonesia

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.33022/ijcs.v12i6.3640

Abstract

National Civil Service Agency is a State institution tasked with the role and function of overseeing and implementing national civil servant management using information technology. There are 4.2 million civil servant data distributed throughout Indonesia that must be safeguarded by BKN. As the utilization of information systems grows, it also leads to an increase in information security risks. Based on the reports from Id-SIRTII/CC and BKN's internal report, there has been an increase in cyber attacks targeting BKN. In addition, there are other types of attacks that occur, such as online defacement, phishing, DDOS, and employee data theft, as well as the presence of employees who are still indifferent to information security. Based on this, the objective of this research is to measure the level of information security awareness among BKN employees and identify the factors that influence it. The Human Aspects of Information Security Questionnaire (HAIS-Q) using the Knowledge, Attitude, and Behavior (KAB) model was selected for measurement, with an additional focus on the Management of Information Systems/Technology Assets, consisting of a total of 75 statements. The quantitative measurements conducted yielded a result of 88.80% for the level of information security awareness among BKN employees, categorized as good. Furthermore, there is a significant influence on information security awareness from the dimensions of knowledge towards attitude, attitude towards behavior, and knowledge towards behavior.
Penilaian Risiko Keamanan Informasi Pusat Data pada Instansi XYZ Artie, Helsha Zania; Hilman, Muhammad; Yazid, Setiadi
Jurnal Informatika Ekonomi Bisnis Vol. 7, No. 2 (June 2025)
Publisher : SAFE-Network

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.37034/infeb.v7i2.1160

Abstract

Information security is a critical aspect of protecting an organization's essential assets, including data centers that store and process sensitive information. The XYZ Agency, responsible for managing public finances, places a high priority on maintaining data confidentiality, integrity, and availability. Therefore, improving information security needs to be done through a risk assessment of assets located in the XYZ Agency Data Center. This research aims to evaluate information security risks at the XYZ Agency Data Center using the ISO 27005:2018 and NIST SP 800-30 frameworks. The assessment was performed through qualitative analysis involving interviews, internal document review, and observation. The findings revealed 111 identified risks, categorized as 48 very low risks, 50 low risks, 9 medium risks, and 4 high risks. Among these, 13 risks 4 high risks and 9 medium risks require mitigation. Mitigation efforts should prioritize seven data center assets with medium and high risks, namely application server assets, database servers, virtual host servers, agency service applications, agency service data, virtual server staffing applications, and staffing applications.
Penilaian Risiko Keamanan Informasi Pusat Data pada Instansi XYZ Artie, Helsha Zania; Hilman, Muhammad; Yazid, Setiadi
Jurnal Informatika Ekonomi Bisnis Vol. 7, No. 2 (June 2025)
Publisher : SAFE-Network

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.37034/infeb.v7i2.1160

Abstract

Information security is a critical aspect of protecting an organization's essential assets, including data centers that store and process sensitive information. The XYZ Agency, responsible for managing public finances, places a high priority on maintaining data confidentiality, integrity, and availability. Therefore, improving information security needs to be done through a risk assessment of assets located in the XYZ Agency Data Center. This research aims to evaluate information security risks at the XYZ Agency Data Center using the ISO 27005:2018 and NIST SP 800-30 frameworks. The assessment was performed through qualitative analysis involving interviews, internal document review, and observation. The findings revealed 111 identified risks, categorized as 48 very low risks, 50 low risks, 9 medium risks, and 4 high risks. Among these, 13 risks 4 high risks and 9 medium risks require mitigation. Mitigation efforts should prioritize seven data center assets with medium and high risks, namely application server assets, database servers, virtual host servers, agency service applications, agency service data, virtual server staffing applications, and staffing applications.
A Novel Framework for Information Security During the SDLC Implementation Stage: A Systematic Literature Review Mikael Octavinus Chan; Setiadi Yazid
Jurnal RESTI (Rekayasa Sistem dan Teknologi Informasi) Vol 8 No 1 (2024): February 2024
Publisher : Ikatan Ahli Informatika Indonesia (IAII)

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.29207/resti.v8i1.5403

Abstract

This research delves into the critical aspects of information security during the implementation stage of the Software Development Life Cycle (SDLC). Using a systematic review of the literature, the study synthesizes the findings of various digital repositories, including IEEE Xplore, ACM Digital Library, Scopus, and ScienceDirect, to outline a comprehensive framework that addresses the unique security challenges of the implementation stage. This research contributes to the field by proposing a novel assurance model for software development vendors, focusing on improving information security measures during the implementation stage. The study's findings reveal 12 key steps organizations can adopt to mitigate security risks and improve information security measures during this critical phase. These steps provide actionable insights and strategies designed to support security protocols effectively. The paper concludes that by incorporating these steps, organizations can significantly improve their security posture, ensuring the integrity and reliability of the software development process, particularly during the implementation stage. This approach not only addresses immediate security concerns but also sets a precedent for future research and practice in secure software development, particularly in the critical implementation stage of the SDLC.
Strategic Approach to Enhance Information Security Awareness at ABC Agency Hakim, Fandy Husaenul; Hilman, Muhammad Hafizhuddin; Yazid, Setiadi
Jurnal RESTI (Rekayasa Sistem dan Teknologi Informasi) Vol 9 No 2 (2025): April 2025
Publisher : Ikatan Ahli Informatika Indonesia (IAII)

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.29207/resti.v9i2.6218

Abstract

Information security awareness (ISA) is crucial to an organization's cybersecurity strategy, particularly since employees are often the last defense against cyberattacks. Despite regular communication on cybersecurity threats, the ABC Agency has not evaluated the level of ISA among its employees, leaving a gap in understanding the effectiveness of its awareness programs. This is critical, as the agency handles highly confidential data that could be at risk of accidental or intentional leaks. The Kruger Approach and the Human Aspect of Information Security Questionnaire (HAIS-Q) were used in this study to measure the ISA levels of employees at the ABC Agency. We employed the Analytic Hierarchy Process (AHP) method to analyze data collected from 86 respondents. The findings indicate that ABC Agency employees demonstrate satisfactory ISA overall. However, the "Internet Use" dimension received a medium rating, underscoring the necessity for focused enhancements in this domain. These results underscore the importance of tailoring information security awareness programs to address specific weaknesses. We provide strategic recommendations to enhance the agency's cybersecurity posture. Furthermore, this study opens avenues for future research on ISA measurement across various public and private organizations.
DESAIN DAN PENGEMBANGAN SECURE INTEGRATION MODEL PADA INTEGRASI LAYANAN MELALUI MINI PROGRAM: STUDI KASUS MOBILE BANKING PT XYZ Khols, Ghiant Masua; Setiadi Yazid
The Indonesian Journal of Computer Science Vol. 14 No. 2 (2025): The Indonesian Journal of Computer Science
Publisher : AI Society & STMIK Indonesia

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.33022/ijcs.v14i2.4843

Abstract

This research develops a Secure Integration Model based on OAuth 2.0, AES-256 encryption, and Unique Code tokenization to provide a secure integration between PT XYZ's mobile banking and its partners through the Mini Program. The primary objective of this study is to enable seamless login and customer order payments using virtual accounts with a high level of security. The model is designed to ensure that only authorized entities can access sensitive data through robust authentication and authorization mechanisms. The development of this model serves as an essential solution to provide a secure service integration for accessing customer data and processing payments through virtual accounts, which is a critical requirement in the integration between PT XYZ and its partners. Additionally, this model addresses security challenges related to customer data protection and mitigates the risks of cyberattacks such as data theft, transaction manipulation, and credential misuse. Greybox penetration testing is applied to identify potential vulnerabilities in the API Gateway, token authentication, and inter-system communication. The testing results demonstrate that the integration using this model has low vulnerability and meets established security standards. Its implementation is expected to improve the security, efficiency, and scalability of PT XYZ's digital services.
Apakah Pendidikan TI Penting? Studi Tentang Kesadaran dan Perilaku Kebersihan Siber di Indonesia Almadina, Nazela Ulhaqy; Sucahyo, Yudho Giri; Yazid, Setiadi
Syntax Literate Jurnal Ilmiah Indonesia
Publisher : Syntax Corporation

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.36418/syntax-literate.v10i10.62249

Abstract

Latar belakang penelitian ini didasarkan pada meningkatnya ancaman keamanan siber di Indonesia yang menempati posisi teratas sebagai target serangan siber global pada tahun 2024. Penelitian ini bertujuan untuk mengevaluasi perbedaan kesadaran dan perilaku kebersihan siber antara individu dengan latar belakang pendidikan Teknologi Informasi (TI) dan non-TI. Dengan menggunakan kerangka kerja Cyber Hygiene Inventory (CHI), 402 data responden dianalisis melalui uji Mann-Whitney U dan uji Korelasi Pearson. Hasil menunjukkan bahwa terdapat perbedaan signifikan pada kesadaran dan perilaku kebersihan siber antara kelompok yang dengan latar belakang pendidikan bidang TI dan bidang non-TI. Sementara itu, analisis terhadap hubungan antara latar belakang pendidikan TI dan non-TI dengan kebersihan siber menunjukkan bahwa kedua hal tersebut memiliki hubungan namun dengan tingkat yang lemah. Dapat dikatakan bahwa kegiatan kerja sehari hari lebih besar pengaruhnya dibandingkan latar belakang Pendidikan. Implikasi penelitian ini memberikan dasar bagi organisasi, institusi pendidikan, dan lembaga pelatihan untuk mengembangkan program peningkatan kesadaran keamanan siber yang disesuaikan dengan latar belakang pendidikan peserta, serta mendorong pengembangan kebijakan keamanan siber yang lebih efektif di Indonesia.
Assessment of Body-worn Cameras Implementation Potential in Indonesia: A Systematic Literature Review Putra, Mirza Triyuna; Yazid, Setiadi
International Journal of Artificial Intelligence Research Vol 6, No 1 (2022): June 2022
Publisher : Universitas Dharma Wacana

Show Abstract | Download Original | Original Source | Check in Google Scholar | Full PDF (386.646 KB) | DOI: 10.29099/ijair.v6i1.382

Abstract

Many studies have researched the application of BWCs or Body-Worn Cameras in various countries that have implemented the use of BWCs on law enforcement officers. Previous research has measured how effective the implementation of body cameras is in helping law enforcement accountability and transparency, what problems may arise, and how the public perceives the use of BWCs by law enforcement. This study conducts a methodological literature review on previous research sources that have discussed the implementation of BWCs in various countries with varied research methods, resulting in various conclusions. The main study of this study aims to determine the challenges and solutions for implementing BWCs by police officers and the public awareness of BWCs. The approach used is an updated guideline on PRISMA statement 2020 by compiling 13 main studies from 276 search results, starting from 2017 to 2022, that include problems and solutions for implementing BWCs and measuring people’s perceptions of BWCs usage. It was found in this study that some of the challenges in implementing BWCs by law enforcers are trust, racism, privacy concerns, cost, and IT capacity. Meanwhile, public perception is divided into two groups: those who support and do not support it. Several supporting factors to consider are that BWCs influence police behavior, accountability, legitimacy, transparency, and procedural justice.
Review of Peer-to-Peer (P2P) Lending Based on Blockchain Victory, Timotius; Yazid, Setiadi
Jurnal Ilmiah Teknik Elektro Komputer dan Informatika Vol. 9 No. 4 (2023): December
Publisher : Universitas Ahmad Dahlan

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.26555/jiteki.v9i4.27671

Abstract

Peer-to-Peer (P2P) lending is a financing business model that has gained popularity in recent years due to the ease of loan application, disbursement, and repayment processes. The volume of Peer-to-Peer (P2P) Lending transactions have a significant growth. One of the reasons for the popularity of Peer-to-Peer (P2P) lending is its utilization of technology in both the application and loan repayment processes. One such technology gaining traction in Peer-to-Peer (P2P) lending is blockchain technology. The popularity of blockchain technology lies in its ability to enhance the transparency of the transaction process. This literature study aims to address three main questions: What are the characteristics of blockchain suitable for Peer-to-Peer (P2P) lending , the benefits of implementing blockchain technology in Peer-to-Peer (P2P) lending and the challenges of Peer-to-Peer (P2P) lending based on blockchain. The findings reveal that there are characteristics of blockchain that can be applied to Peer-to-Peer (P2P) lending, bringing numerous benefits to the overall Peer-to-Peer (P2P) lending process. However, challenges persist in the implementation of blockchain technology in Peer-to-Peer (P2P) lending. The insights gained from this literature review are intended to guide researchers interested in studying the application of blockchain technology in the context of Peer-to-Peer (P2P) lending.
Evaluating ISO Standards for Indonesian PDP Law Compliance: A Regulatory Mapping and Literature Review Aristianto, Egriano; Hafizhuddin Hilman, Muhammad; Yazid, Setiadi
Scientific Journal of Informatics Vol. 12 No. 1: February 2025
Publisher : Universitas Negeri Semarang

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.15294/sji.v12i1.21538

Abstract

Purpose: This paper aims to demonstrate how ISO standards such as ISO/IEC 27001:2022, ISO/IEC 27002:2022, and ISO/IEC 27701:2019 can assist Indonesian organizations in facilitating compliance with the Personal Data Protection (PDP) Law. It highlights the challenge organizations face due to the lack of clear guidance in the law, then shows how these ISO standards can guide them to achieve the compliance. The study also maps the regulation’s requirements and how that requirements can be fulfilled by certain approaches provided by the standards and offers a clearer path toward full compliance. Methods: This research employs a qualitative approach, combining a literature review, document analysis, and comparative assessment. It provides systematic Indonesian PDP Law-ISO/IEC 27001, ISO/IEC 27002, and ISO/IEC 27701 mapping, an analysis of their alignment, a gap analysis, and how these standards able to demonstrate compliance to Indonesian PDP Law. Result: This study shows that from 14 mandatory requirement topics of Indonesian PDP Law that have been mapped, The ISO/IEC 27001:2022 only able to cover 1 topic, while ISO/IEC 27002:2022 able to provide controls to accommodating 8 topics and ISO/IEC 27701:2019 able to provide controls to accommodating 13 topics. But by combining these standards, then all of mandatory requirements of Indonesian PDP Law can be satisfied. Novelty: This study shows how international standards like ISO/IEC 27001, ISO/IEC 27002, and ISO/IEC 27701 would help organize compliance to the Indonesian PDP Law while also strengthening data protection practices in Indonesia.
Co-Authors Agung Firmansyah Sampe Ahmad Fadhil, Ahmad Ahmad Sabiq Ahmad Sanmorino Almadina, Nazela Ulhaqy Aristianto, Egriano Artie, Helsha Zania Canny Siska Georgina Ermawan, Geri Yesa Farroh Sakinah Febrianty, Devi Hafizhuddin Hilman, Muhammad Hakim, Fandy Husaenul Handayani, Putu Wuri Heru Suhartanto Hilman, Muhammad Hilman, Muhammad Hafizhuddin Juraida, Erni Khols, Ghiant Masua Kurniawan, M.T. Kurniawati, Monica Vivi M. Ryan Fadholi Mikael Octavinus Chan Putra, Mirza Triyuna Rifqi Azis Rizal Fathoni Aji Stéphane Bressan Sucahyo, Yudho Giri Susianto, Isyrofi Timotius Witono van tony, farel Victory, Timotius Wenni Syafitri Zulmy, Mohamad Faisal