Documente Academic
Documente Profesional
Documente Cultură
Peresmian SNI-ISO 20000 & 27001 Kominfo & BSN, Oktober 2009
Manfaat vs Risiko
Multi Fungsi Fleksibel Mudah digunakan
Database Application Web Application Client Server Networking Integration Cloud Computing
Manfaat
Kerahasiaan Integritas Ketersediaan Otentisitas Nir Sangkal
Risiko
Identity Theft Information Theft Industrial/State Espionage Distributed Denial of Service Sabotage, Cyber Weapon Cyber War
10
Cyber Attack
(Affecting Individual, Corporation & Country)
Malicious Ware (Virus, Worm, Key logger, Spyware, Trojan, BotNet, etc) DOS, DDOS Account Hijack Misuse of IT Resources Web Defaced Spam, Phishing, Typosite Identity Theft Data Leakage/Information Theft Web Transaction Attack Cyber Espionage Attack Control System Cyber Weapon / Cyber War Country/National Security
22
11
R I
Bussiness Process
S K
Information Assets
SAFE
P R O T E C T I O N
23
Technology
Hardware, Software, Networking, Telecommunication
12
13
14
Peran Manajemen
Adalah sangat penting bagi manajemen untuk memastikan bahwa sumber daya (Organisasi, SDM, Budget & Waktu) yang memadai dialokasikan untuk mendukung strategi keamanan informasi secara menyeluruh.
15
16
17
39 Control Objectives
Organizational Security
133 Controls
Access Control
Compliance
Personnel Security
18
Database Server
Host
19
LinkedIn confirms hack, over 60% of stolen passwords already cracked (6 june 2012) All but two of the Conficker passwords were used by someone in the 6.5 million user password dump. The two passwords that weren't found were 'mypc123' and 'ihavenopass'
Conficker passwords
(Note: First Conficker variant appear in Nov 2008 )
http://nakedsecurity.sophos.com/2012/06/06/linkedin-confirms-hack-over-60-of-stolen-passwords-already-cracked/
20
http://www.cl.cam.ac.uk/~jcb82/doc/B12-IEEESP-analyzing_70M_anonymized_passwords-slides.pdf
Experiment run May 2325, 2011 Around 70 million passwords from yahoo users Too many users were using words found in the typical dictionary Indonesians were the worst offenders in relying on common dictionary words. Bonneau found he could find the correct password for 15 per cent of Indonesian users, after 1,000 attempts at each one using the most common words in the dictionary.
21
22
http://nasional.kompas.com/read/2012/06/04/17545317/Soal.Password..Indonesia.Negara.Terlemah
Password Tips
Minimum 8 digit Alpha Numeric Huruf BESAR dan kecil Special Karakter
23
24
Matrix 9 x 9
25
26
http://www.iso27001certificates.com
http://sisni.bsn.go.id/index.php/sni_main/sni/detail_sni/10233
27
28