Penilaian risiko keamanan siber kampus menggunakan framework cybersecurity NIST 1.1

Cyber campus safety risk assessment using NIST cybersecurity framework 1.1

  • Eko Handoyo Universitas Muhammadiyah Lamongan
  • Izza Eka Nigrum Universitas Muhammdiyah Lamongan
https://doi.org/10.37859/coscitech.v4i3.5628

Abstract

The Industrial Revolution 4.0 forced institutions and companies to start improving the implementation of information technology to be able to compete well.The campus is one of the most massive sectors in the development and implementation of information technology.Because there are so many services and business processes that exist in the campus system.Campus business systems that are complex and have a lot of data in the information certainly pose a threat in the information technology security sector.Technological security must of course guarantee its confidentiality, integrity and availability. Countermeasures related to cybersecurity threats can be carried out by conducting a cyber security risk assessment.Standards for conducting cyber security assessments include COBIT 5, NIST, and ISO 20071. Each standard has audit modules that aim to make the institution a good government.NIST Cybersecurity Framework 1.1 is a standard used to direct organizations to cybersecurity activities and consider cybersecurity risks as part of their management process. The purpose of this study is to produce an assessment of campus cybersecurity risks using the NIST cybersecurity framework 1.1 as a standard reference.The overall result of the research, which is to produce, is the ranking of campus cyber risk assessments.The assessment of campus cyber security risks resulted in a value of 1.20, placing the campus institution in a "Partially Implemented" cybersecurity condition.Where campuses only carry out control on the framework as necessary and have not been documented, and so it needs to be improved regarding proper control and documentation to improve better cyber security.

Downloads

Download data is not yet available.

References

[1] R. Umar, I. Riadi, and E. Handoyo, “Analisis Keamanan Sistem Informasi Berdasarkan Framework COBIT 5 Menggunakan Capability Maturity Model Integration (CMMI),” JURNAL SISTEM INFORMASI BISNIS, vol. 9, no. 1, p. 47, May 2019, doi: 10.21456/vol9iss1pp47-54.
[2] I. Riadi, S. Sunardi, and E. Handoyo, “Security Analysis of Grr Rapid Response Network using COBIT 5 Framework,” Lontar Komputer : Jurnal Ilmiah Teknologi Informasi, p. 29, May 2019, doi: 10.24843/lkjiti.2019.v10.i01.p04.
[3] R. Umar, I. Riadi, and E. Handoyo, “Analysis Security of SIA Based DSS05 on COBIT 5 Using Capability Maturity Model Integration (CMMI),” Scientific Journal of Informatics, vol. 6, no. 2, pp. 2407–7658, 2019, [Online]. Available: http://journal.unnes.ac.id/nju/index.php/sji
[4] M. Ghazouani, S. Faris, and H. Medromi, “Information Security Risk Assessment-A Practical Approach with a Mathematical Formulation of Risk,” 2014. [Online]. Available: http://www.risicare.fr
[5] E. Handoyo, “Analisis Tingkat Keamanan Informasi: Studi Komparasi Framework Cobit 5 Subdomain Manage Security Services (DSS05) dan NIST Sp 800 – 55,” Jurnal CoSciTech (Computer Science and Information Technology), vol. 1, no. 2, pp. 76–83, Oct. 2020, doi: 10.37859/coscitech.v1i2.2199.
[6] V. I. Sugara, H. Syahrial, and M. Syafrullah, “Sistem Pemeriksa Keamanan Informasi Menggunakan National Institute Of Standards And Technology (Nist) Cybersecurity Framework,” Jurnal Ilmiah Ilmu Komputer dan Matematika), vol. 16, no. 1, pp. 203–212, 2019, [Online]. Available: https://journal.unpak.ac.id/index.php/komputasi
[7] I. Riadi, I. T. Riyadi Yanto, and E. Handoyo, “Cyber Security Analysis of Academic Services based on Domain Delivery Services and Support using Indonesian E-Government Ratings (PEGI),” Kinetik: Game Technology, Information System, Computer Network, Computing, Electronics, and Control, pp. 263–270, Nov. 2020, doi: 10.22219/kinetik.v5i4.1083.
[8] T. Tan and B. Soewito, “Manajemen Risiko Serangan Siber Menggunakan Framework Nist Cybersecurity Di Universitas Zxc,” Journal of Information System, Applied, Management, Accounting and Research, vol. 6, no. 2, pp. 411–422, 2022, doi: 10.52362/jisamar.v6i2.781.
[9] R. Anggraini, “ANALISIS KEAMANAN PRIVATE CLOUD BERBASIS FRAMEWORK NISTCY DI PT XYZ,” Jurnal Teknologi dan Manajemen, vol. 19, no. 1, pp. 41–46, Apr. 2021, doi: 10.52330/jtm.v19i1.11.
[10] T. S. Putri, N. Mutiah, and D. Prawira, “Analisis Manajemen Risiko Keamananinformasi Menggunakan Nistcybersecurity Framework Dan ISO/IEC27001:2013(Studi Kasus: Badan Pusat Statistik Kalimantan Barat),” Coding : Jurnal Komputer dan Aplikasi , vol. 10, no. 02, pp. 237–248, 2022.
[11] B. P. Zen, A. Zafia, I. Nofi, and Y. Putro, “JURNAL RESTI Network Security Analysis Simulation at the GCS in the UCAV to support the Indonesian Defense Area,” vol. 5, no. 158, pp. 824–831, 2022.
[12] H. Ernita, Y. Ruldeviyani, D. N. Maftuhah, and R. Mulyadi, “Strategy to Improve Employee Security Awareness at Information,” vol. 5, no. 158, pp. 577–584, 2022.
Published
2024-01-01
How to Cite
Handoyo, E., & Izza Eka Nigrum. (2024). Penilaian risiko keamanan siber kampus menggunakan framework cybersecurity NIST 1.1 . Jurnal CoSciTech (Computer Science and Information Technology), 4(3), 677-685. https://doi.org/10.37859/coscitech.v4i3.5628
Issue
Vol 4 No 3 (2023): Jurnal Computer Science and Information Technology (CoSciTech)
Section
Articles
Abstract views: 57 , pdf (Bahasa Indonesia) downloads: 53