Article Per Year (5 Year)
p-Index From 2020 - 2025
2.255
P-Index
This Author published in this journals
All Journal JSI: Jurnal Sistem Informasi (E-Journal) Jurnal Informatika Jurnal Informatika ICON-CSE Annual Research Seminar CESS (Journal of Computer Engineering, System and Science) Sistemasi: Jurnal Sistem Informasi Sinkron : Jurnal dan Penelitian Teknik Informatika JOURNAL OF APPLIED INFORMATICS AND COMPUTING Jurnal Sisfokom (Sistem Informasi dan Komputer) Jurnal Teknologi Informasi dan Pendidikan TEKNOKOM : Jurnal Teknologi dan Rekayasa Sistem Komputer Jurnal Tekinkom (Teknik Informasi dan Komputer) Jurnal Generic INOVTEK Polbeng - Seri Informatika
Mgs Afriyan Firdaus
Universitas Sriwijaya
Computer Science & IT Control & Systems Engineering Decision Sciences, Operations Research & Management Education Electrical & Electronics Engineering Engineering Library & Information Science Other

Published : 22 Documents Claim Missing Document
Claim Missing Document
Check
Articles

Found 1 Documents
Search
Journal : INOVTEK Polbeng - Seri Informatika

 1 
Information Technology Risk Management Using ISO 31000 Based on the ISSAF Penetration Testing Framework Mgs Afriyan Firdaus; Muhammad Egi Perdianza; Dwi Rosa Indah
INOVTEK Polbeng - Seri Informatika Vol. 9 No. 2 (2024): November
Publisher : P3M Politeknik Negeri Bengkalis

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.35314/1tq72v53

Abstract

Information security is critical for higher education institutions, which manage large amounts of sensitive data in the digital age. Data breach incidents in Indonesia's academic sector reached 2,217 in 2021. A university website with 36 web-based information system services was found to have been defaced.  SQL injection and XSS attacks, which can lead to data breaches, system manipulation, and disruption of academic services, are also common. These attacks underscore the importance of strong security measures to protect data and preserve the reputation of education. This research assesses the security risk of the XYZ University website using the ISSAF and ISO 31000. ISSAF was applied in four stages: information gathering, network mapping, vulnerability identification, and penetration testing with customization for university web systems. ISO 31000 was used to assess risk severity, resulting in classifications of two high, six medium, and twelve low risks. Security recommendations were developed to address the key risks and can be applied to other universities facing similar threats. The findings provide great insight for educational institutions to strengthen their cybersecurity. Implementing appropriate measures not only improves privacy, but also builds trust and reputation. Proactive information security is becoming a critical asset for the sustainability and credibility of higher education institutions in this vulnerable digital age    
Co-Authors Akrom, Akrom Ali Ibrahim Andhika Setiadi Apriansyah Putra Arwin Permata Putra Choirunnisa Qonitah Dea Fitri Sabrina Dhilarofii Russandwi, Saras Dwi Rosa Indah Endang Lestari Ruskan Ermatita - Errissya Rasywir Fauza Adelma Syafrizal Firman Wijaya Ghita Athalina Gumay, Naretha Kawadha Pasema Harlili Harlili Jaidan Jauhari Ken Dhita Tania Lovinta Happy Atrinawati Lufiah, Fara Megah Mulya Monterico Adrian Muhammad Egi Perdianza Mutia Farahdilla Naretha Kawadha Pasema Gumay Pacu Putra Pratama, Muhammad Fandra Eka Purwita Sari, Purwita Putra, Julian Putri Eka Sevtiyuni Putri Ratna Sari Putri, Indah Arsita Rahmat Izwan Heroza Rusdi Rivaldo Samsuryadi Samsuryadi Saputra, Danny Matthew Saras Dhilarofii Russandwi Syahnel, Ahmad Hidayat Wijaya, Firman Yadi Utama Yudha Pratomo Yunita Yunita Zahirah, Nabilah