-
CYBERSECURITY, RISK AND CONTROL
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM
Cybersecurity Nexus Liaison
ISACA, Indonesia
Simposium Nasional CyberSecurity (SNCS) 2015 Jakarta, 3-4 Juni
2015
-
2
Current: Cybersecurity Nexus Liaison, ISACA Indonesia Chapter
ISACA Academic Advocate at ITB SME for Informa@on Security Standard
for ISO at ISACA HQ Associate Professor at School of Electrical
Engineering and Informa@cs, Ins@tut Teknologi Bandung Ketua WG
Layanan dan Tata Kelola TI, anggota WG Keamanan Informasi serta
Anggota Pani@a Teknis 35-01 Program
Nasional Penetapan Standar bidang Teknologi Informasi, BSN
Kominfo. Past: Ketua Kelompok Kerja Evaluasi TIK Nasional, Dewan
TIK Nasional (2007-2008) Plt Direktur Operasi Sistem PPATK
(Indonesia Financial Transac@on Reports and Analysis Center,
INTRAC), April 2009
May 2011 Professional Cer0ca0on: Professional Engineering (PE),
the Principles and Prac@ce of Electrical Engineering, College of
Engineering, the University
of Texas at Aus@n. 2000 IRCA Informa@on Security Management
System Lead Auditor Course, 2004 ISACA Cer@ed Informa@on System
Auditor (CISA). CISA Number: 0540859, 2005 Brainbench Computer
Forensic, 2006 (ISC)2 Cer@ed Informa@on Systems Security
Professional (CISSP), No: 118113, 2007 ISACA Cer@ed Informa@on
Security Manager (CISM). CISM Number: 0707414, 2007 Award: (ISC)2
Asia Pacic Informa0on Security Leadership Achievements (ISLA) 2011
award in category Senior Informa0on
Security Professional. hbp://isc2.org/ISLA
2
Sarwono Su0kno, Dr.Eng.,CISA,CISSP,CISM
-
SARAN UNTUK BADAN CYBER NASIONAL
Strategis dan Kebijakan Kaji manfaat dan risiko cyber Sumber
daya manusia diutamakan Kaji risiko dan manfaat perangkat
teknologi, manusia, process dan organisasi
-
4
-
NETWORK IS COMPROMISED
-
APT LIFE CYCLE
-
HOW FAST
-
THREAT
-
PIRT
-
The CSX Liaison reports to the chapter president.
-
Presentation: KamInfo.ID 13
IMPLEMENTING FRAMEWORKS TO POPULATE BMIS
ISO 27031
COBIT 5 Enabling Process
-
RISK-BASED CATEGORIZATION CONTROL
-
COBIT 5 SNI ISO 38500
Internal Control Framework COSO
HUBUNGAN ANTAR KERANGKA
PP60/2008 Sistem Pengendalian Intern
Pemerintah
Tata
Kel
ola
Tata
Kel
ola
TI
Man
ajem
en T
I
Panduan Umum Tata Kelola TIK Nas +
Kuesioner Evaluasi Pengendalian Intern TIK
SNI ISO 27001 SNI ISO 20000 SNI ISO 15408
-
SARAN UNTUK BADAN CYBER NASIONAL
Strategis dan Kebijakan Kaji manfaat dan risiko cyber Sumber
daya manusia diutamakan Kaji risiko dan manfaat perangkat
teknologi, manusia, process dan organisasi
-
Q&A isaca.org/cyber ISACA Cybersecurity Teaching
Materials
