<![CDATA[Local government websites are increasingly important for distributing information, providing e-services, and facilitating public engagement. However, digitalization brings cybersecurity challenges that jeopardize the integrity, confidentiality, and availability of information. Cybersecurity incidents pose a serious threat, with risks of data breaches, unauthorized access, and system downtimes affecting the reliability and trustworthiness of public services. To address this problem, this study employs the NIST SP 800-30 framework for information security risk management, focusing on detecting, handling, and preventing cybersecurity incidents. The study involved assessing the maturity level of information security controls to identify any gaps and areas of vulnerability. To enhance the implementation of information security policies, the study also utilized tools such as RM Studio, Kali Linux, and Acunetix Web Vulnerability Scanner, which help in identifying and mitigating potential threats more effectively. The results showed that the maturity level of current information security controls is still below the desired target, revealing a significant gap that needs attention. This indicates that while the method provides a structured approach to identifying and addressing security issues, there are still areas for improvement. By emphasizing systematic improvement and focusing on vulnerable points, the study concludes that adopting a combination of the NIST SP 800-30 framework and ISO 27002 standards, along with clear, documented policies, can enhance cybersecurity resilience, reduce risk, and ultimately protect public services. This approach effectively raises the maturity level of information security controls, although continued efforts are needed to fully meet the targeted security standards.]]>
Copyrights © 2024
