SlideShare ist ein Scribd-Unternehmen logo

01. Critical Information Infrastructure Protection

Directorate of Information Security | Ditjen Aptika
Directorate of Information Security | Ditjen Aptika

This presentation presentated by Gildas Deograt Lumy "Simulasi Scirital Information Infrastructure Protection (CIIP)" , Bandung, Indonesia 10th September 2013 on #IISF2013

TechnologieUnterhaltung & Humor
1 von 20
Downloaden Sie, um offline zu lesen
0101100001100101011001011000011001010110 0011011101010111001000110111010101110010 0110010101011001100101010110100110100110 1111011011100110010111110110111001100101 0101100001100101011001011000011001010110 0011011101010111001000110111010101110010 0110010101011010011001100101010110100110 1111011011100110010111110110111001100101XecureIT © PT IMAN Teknologi Informasi Indonesia Information Security Forum Bandung, 10 September 2013 Cyber SOSCyber SOS Critical Information Infrastructure ProtectionCritical Information Infrastructure Protection
© PT IMAN Teknologi Informasi XecureITCritical Information Infrastructure Protectionv1.0 - IISF 2013 R U Sure U R Secure?
Security is Like a Chain... as Strong as The Weakest link ` 90% cyber security implementation is inconsistent... :’(
© PT IMAN Teknologi Informasi XecureITCritical Information Infrastructure Protectionv1.0 - IISF 2013 Know Your Enemies  Threat Agent – People  Attacks carried out by unknown attacker (public)  Attacks carried out by known attacker, such as employees, contractors, partners or customers both consciously and as victims of social engineering  Attacks carried out by authorized users both consciously and as victims of social engineering  Threat Agent Resources  Low grade attacker: script kiddies, new born attacker, public tools, <USD1000.  Medium grade attacker: expert, public or custom tools, <USD100.000.  High grade attacker: advance custom tools, <USD 1 Million.  Government grade attacker.
© PT IMAN Teknologi Informasi XecureITCritical Information Infrastructure Protectionv1.0 - IISF 2013 Gildas Deograt Lumy, CISA, CISSP, ISO 27001 LA  Senior Information Security Consultant - XecureIT  Consultancy, Audit, Assessment, Penetration Testing, Research  Experiences  21 years in IT, 16 years direct experiences in Information Security  25 years as social worker to take care homeless people and street children  Community Founder and Leader  Komunitas Keamanan Informasi (KKI)  (ISC)2 Indonesia Chapter  Forum Keamanan Informasi (FORMASI)  Cyber Security Certified Professional (CSCP) Association  Trainer  CISSP Common Body of Knowledge  Hacking Techniques & Defense Strategy  ISO27001 Implementation
© PT IMAN Teknologi Informasi XecureITCritical Information Infrastructure Protectionv1.0 - IISF 2013 Do you know who are inside? 90% of Internal Network is “Public”
Complexity is the worst information security enemy Information Security is A Complex Issue Impossible to solve without strong management commitment supported by highly competent professionals.
© PT IMAN Teknologi Informasi XecureITCritical Information Infrastructure Protectionv1.0 - IISF 2013 Conventional Cyber Security Easy to compromise
© PT IMAN Teknologi Informasi XecureITCritical Information Infrastructure Protectionv1.0 - IISF 2013 End-to-End High Grade Security
© PT IMAN Teknologi Informasi XecureITCritical Information Infrastructure Protectionv1.0 - IISF 2013 End-to-End High Grade Security The Key Principles Balanced between preventive, detective and corrective controls in all information life cycle:  Holistic  High Integrity  White List Approach  Defense in Depth  Least Privilege  Separation of Duties  Effective Change Management  End-to-End Encryption  Good Performance  Full Redundancy  Integrated Monitoring
Standar Arsitektur Keamanan Tingkat Tinggi Informasi (SAKTTI) ` Konsisten, efektif dan efisien arsitektur untuk menangani ancaman serangan tingkat tinggi.
© PT IMAN Teknologi Informasi XecureITCritical Information Infrastructure Protectionv1.0 - IISF 2013 XecureIT Experiences CARES Facts  Consultancy High grade information security architecture is very difficult and expensive to implement and operate.  Assurance 99% security implementation can be compromised if similar conditions with real threat agent is created and allowed. The reasons why we create XecureZone as a high grade security solution.  Research & Development Our solutions has been used by highly sensitive systems.  Education 70% highly competent information security profesional went abroad.  Secure Hosting In house XecureZone has been used to protect our customers sensitive systems.
© PT IMAN Teknologi Informasi XecureITCritical Information Infrastructure Protectionv1.0 - IISF 2013 XecureZone Overview A Complete Integrated Solution Technology People XecureZone Physical Administrative
© PT IMAN Teknologi Informasi XecureITCritical Information Infrastructure Protectionv1.0 - IISF 2013 XecureZone Overview The Key Objectives: S.O.S  Secure Improve information security to the highest level through clear and balance end-to-end prevention and detection strategy.  Optimize Significantly reduce TCO through uniform strategy, hardware and licenses optimization, and pre-configured systems.  Simplify Simplify information security compliance and conformance, such as UU ITE, PP PSTE, PBI, ISO 27001 and PCI DSS.
© PT IMAN Teknologi Informasi XecureITCritical Information Infrastructure Protectionv1.0 - IISF 2013 XecureZone Overview The Key Benefits: T.R.U.S.T  Transparant by using open source solutions for the core components.  Reliable by using the best software and hardware components.  Uniform strategy and implementation to optimize the TCO.  Simplify complex processes, from design to maintainance.  Tough solution - strong but flexible.
© PT IMAN Teknologi Informasi XecureITCritical Information Infrastructure Protectionv1.0 - IISF 2013 XecureZone Technology Implementation
© PT IMAN Teknologi Informasi XecureITCritical Information Infrastructure Protectionv1.0 - IISF 2013 XecureZone Technology Key Feature: SAKTTI Implementation
© PT IMAN Teknologi Informasi XecureITCritical Information Infrastructure Protectionv1.0 - IISF 2013 XecureZone Overview The Biggest Challenge is To Change The Mindset “I feel convenience if... I use the good safety belt and helmet properly and the car has the effective breaking system to go fast !”
© PT IMAN Teknologi Informasi XecureITCritical Information Infrastructure Protectionv1.0 - IISF 2013 Summary  Conventional security strategy and implementation have failed.  SAKTTI answers the needs of high grade information security architecture.  XecureZone simplifies and optimizes SAKTTI implementation and operation.  XecureZone is built with 21 years experience on top of solid hardware and software components.  XecureZone can be easily customized to accomodate various needs. XecureZone Secure.Optimize.Simple
0101100001100101011001011000011001010110 0011011101010111001000110111010101110010 0110010101011001100101010110100110100110 1111011011100110010111110110111001100101 0101100001100101011001011000011001010110 0011011101010111001000110111010101110010 0110010101011010011001100101010110100110 1111011011100110010111110110111001100101XecureIT © PT IMAN Teknologi Informasi THANK YOU ! PT. IMAN Teknologi Informasi "Security CARE, Our PASSION" Consultancy.Assurance.Research.Education Certified ISO 27001:2005 #IS586350 https://www.xecureit.com XecureIT

Empfohlen

ZONeSEC: critical infrastructure protection in real practice
ZONeSEC: critical infrastructure protection in real practice ZONeSEC: critical infrastructure protection in real practice
ZONeSEC: critical infrastructure protection in real practice José Ramón Martínez Salio
 
Best sync practices and architecture strategies for secure, resilient PNT in ...
Best sync practices and architecture strategies for secure, resilient PNT in ...Best sync practices and architecture strategies for secure, resilient PNT in ...
Best sync practices and architecture strategies for secure, resilient PNT in ...ADVA
 
Thesis of-rajesh-gps
Thesis of-rajesh-gpsThesis of-rajesh-gps
Thesis of-rajesh-gpslakshmi610
 
DeepALM: Holistic optical network monitoring based on machine learning
DeepALM: Holistic optical network monitoring based on machine learningDeepALM: Holistic optical network monitoring based on machine learning
DeepALM: Holistic optical network monitoring based on machine learningADVA
 
ADVA’s telecommunications solutions for smart grids
ADVA’s telecommunications solutions for smart grids ADVA’s telecommunications solutions for smart grids
ADVA’s telecommunications solutions for smart grids ADVA
 
Introducing the CrossLink Programmable ASSP
Introducing the CrossLink Programmable ASSPIntroducing the CrossLink Programmable ASSP
Introducing the CrossLink Programmable ASSPLatticeSemiconductor
 
Introducing the most compact sync solution for energy and broadcast networks
Introducing the most compact sync solution for energy and broadcast networksIntroducing the most compact sync solution for energy and broadcast networks
Introducing the most compact sync solution for energy and broadcast networksADVA
 
Best practices for secure synchronization in smart grids
Best practices for secure synchronization in smart gridsBest practices for secure synchronization in smart grids
Best practices for secure synchronization in smart gridsADVA
 

Empfohlen

ZONeSEC: critical infrastructure protection in real practice
ZONeSEC: critical infrastructure protection in real practice ZONeSEC: critical infrastructure protection in real practice
ZONeSEC: critical infrastructure protection in real practice José Ramón Martínez Salio
 
Best sync practices and architecture strategies for secure, resilient PNT in ...
Best sync practices and architecture strategies for secure, resilient PNT in ...Best sync practices and architecture strategies for secure, resilient PNT in ...
Best sync practices and architecture strategies for secure, resilient PNT in ...ADVA
 
Thesis of-rajesh-gps
Thesis of-rajesh-gpsThesis of-rajesh-gps
Thesis of-rajesh-gpslakshmi610
 
DeepALM: Holistic optical network monitoring based on machine learning
DeepALM: Holistic optical network monitoring based on machine learningDeepALM: Holistic optical network monitoring based on machine learning
DeepALM: Holistic optical network monitoring based on machine learningADVA
 
ADVA’s telecommunications solutions for smart grids
ADVA’s telecommunications solutions for smart grids ADVA’s telecommunications solutions for smart grids
ADVA’s telecommunications solutions for smart grids ADVA
 
Introducing the CrossLink Programmable ASSP
Introducing the CrossLink Programmable ASSPIntroducing the CrossLink Programmable ASSP
Introducing the CrossLink Programmable ASSPLatticeSemiconductor
 
Introducing the most compact sync solution for energy and broadcast networks
Introducing the most compact sync solution for energy and broadcast networksIntroducing the most compact sync solution for energy and broadcast networks
Introducing the most compact sync solution for energy and broadcast networksADVA
 
Best practices for secure synchronization in smart grids
Best practices for secure synchronization in smart gridsBest practices for secure synchronization in smart grids
Best practices for secure synchronization in smart gridsADVA
 
ADVA launches new aPNT+™ platform to protect critical network infrastructure
ADVA launches new aPNT+™ platform to protect critical network infrastructureADVA launches new aPNT+™ platform to protect critical network infrastructure
ADVA launches new aPNT+™ platform to protect critical network infrastructureADVA
 
ADVA aPNT+™ security enhancements
ADVA aPNT+™ security enhancementsADVA aPNT+™ security enhancements
ADVA aPNT+™ security enhancementsADVA
 
Introducing the FSP 150-XG118Pro
Introducing the FSP 150-XG118ProIntroducing the FSP 150-XG118Pro
Introducing the FSP 150-XG118ProADVA
 
Submarine line termination equipment (SLTE) for open cables
Submarine line termination equipment (SLTE) for open cablesSubmarine line termination equipment (SLTE) for open cables
Submarine line termination equipment (SLTE) for open cablesADVA
 
Improving time accuracy at the network edge
Improving time accuracy at the network edgeImproving time accuracy at the network edge
Improving time accuracy at the network edgeADVA
 
Introducing G.metro
Introducing G.metroIntroducing G.metro
Introducing G.metroADVA
 
Introducing ConnectGuard™ Cloud
Introducing ConnectGuard™ Cloud Introducing ConnectGuard™ Cloud
Introducing ConnectGuard™ Cloud ADVA
 
Drive down latency and costs in the access network with the MicroMux™ Edge BiDi
Drive down latency and costs in the access network with the MicroMux™ Edge BiDiDrive down latency and costs in the access network with the MicroMux™ Edge BiDi
Drive down latency and costs in the access network with the MicroMux™ Edge BiDiADVA
 
Meet the industry's first pluggable module for precise synchronization
Meet the industry's first pluggable module for precise synchronizationMeet the industry's first pluggable module for precise synchronization
Meet the industry's first pluggable module for precise synchronizationADVA
 
Recent growth in timing
Recent growth in timingRecent growth in timing
Recent growth in timingADVA
 
ADVA Disaggregated NOS
ADVA Disaggregated NOSADVA Disaggregated NOS
ADVA Disaggregated NOSDan Dovolsky
 
OSA 5440 for scalable and fully redunandant multi-technology synchronization
OSA 5440 for scalable and fully redunandant multi-technology synchronizationOSA 5440 for scalable and fully redunandant multi-technology synchronization
OSA 5440 for scalable and fully redunandant multi-technology synchronizationADVA
 
Synchronisation and Time Distribution in Modern Telecommunications Networks
Synchronisation and Time Distribution in Modern Telecommunications NetworksSynchronisation and Time Distribution in Modern Telecommunications Networks
Synchronisation and Time Distribution in Modern Telecommunications Networks3G4G
 
A new benchmark for timing success - OSA 5412 and 5422 access grandmasters
A new benchmark for timing success - OSA 5412 and 5422 access grandmasters A new benchmark for timing success - OSA 5412 and 5422 access grandmasters
A new benchmark for timing success - OSA 5412 and 5422 access grandmasters ADVA
 
5G Security Briefing
5G Security Briefing5G Security Briefing
5G Security Briefing3G4G
 
OSA 5405-MB – precise edge timing for 5G and smart cities
OSA 5405-MB – precise edge timing for 5G and smart citiesOSA 5405-MB – precise edge timing for 5G and smart cities
OSA 5405-MB – precise edge timing for 5G and smart citiesADVA
 
The 400G transition
The 400G transitionThe 400G transition
The 400G transitionADVA
 
Building the foundations of Ultra-RELIABLE and Low-LATENCY Wireless Communica...
Building the foundations of Ultra-RELIABLE and Low-LATENCY Wireless Communica...Building the foundations of Ultra-RELIABLE and Low-LATENCY Wireless Communica...
Building the foundations of Ultra-RELIABLE and Low-LATENCY Wireless Communica...3G4G
 
Inject precise synchronization into open compute servers
Inject precise synchronization into open compute serversInject precise synchronization into open compute servers
Inject precise synchronization into open compute serversADVA
 
Orchestrated virtualized multivendor SD-WAN services
Orchestrated virtualized multivendor SD-WAN servicesOrchestrated virtualized multivendor SD-WAN services
Orchestrated virtualized multivendor SD-WAN servicesADVA
 
The Charter of Trust
The Charter of TrustThe Charter of Trust
The Charter of TrustDefCamp
 
Fortinet Solution Mapping with AWS Well-Architecture
Fortinet Solution Mapping with AWS Well-ArchitectureFortinet Solution Mapping with AWS Well-Architecture
Fortinet Solution Mapping with AWS Well-ArchitectureYitao Cen
 

Weitere ähnliche Inhalte

Was ist angesagt?

ADVA launches new aPNT+™ platform to protect critical network infrastructure
ADVA launches new aPNT+™ platform to protect critical network infrastructureADVA launches new aPNT+™ platform to protect critical network infrastructure
ADVA launches new aPNT+™ platform to protect critical network infrastructureADVA
 
ADVA aPNT+™ security enhancements
ADVA aPNT+™ security enhancementsADVA aPNT+™ security enhancements
ADVA aPNT+™ security enhancementsADVA
 
Introducing the FSP 150-XG118Pro
Introducing the FSP 150-XG118ProIntroducing the FSP 150-XG118Pro
Introducing the FSP 150-XG118ProADVA
 
Submarine line termination equipment (SLTE) for open cables
Submarine line termination equipment (SLTE) for open cablesSubmarine line termination equipment (SLTE) for open cables
Submarine line termination equipment (SLTE) for open cablesADVA
 
Improving time accuracy at the network edge
Improving time accuracy at the network edgeImproving time accuracy at the network edge
Improving time accuracy at the network edgeADVA
 
Introducing G.metro
Introducing G.metroIntroducing G.metro
Introducing G.metroADVA
 
Introducing ConnectGuard™ Cloud
Introducing ConnectGuard™ Cloud Introducing ConnectGuard™ Cloud
Introducing ConnectGuard™ Cloud ADVA
 
Drive down latency and costs in the access network with the MicroMux™ Edge BiDi
Drive down latency and costs in the access network with the MicroMux™ Edge BiDiDrive down latency and costs in the access network with the MicroMux™ Edge BiDi
Drive down latency and costs in the access network with the MicroMux™ Edge BiDiADVA
 
Meet the industry's first pluggable module for precise synchronization
Meet the industry's first pluggable module for precise synchronizationMeet the industry's first pluggable module for precise synchronization
Meet the industry's first pluggable module for precise synchronizationADVA
 
Recent growth in timing
Recent growth in timingRecent growth in timing
Recent growth in timingADVA
 
ADVA Disaggregated NOS
ADVA Disaggregated NOSADVA Disaggregated NOS
ADVA Disaggregated NOSDan Dovolsky
 
OSA 5440 for scalable and fully redunandant multi-technology synchronization
OSA 5440 for scalable and fully redunandant multi-technology synchronizationOSA 5440 for scalable and fully redunandant multi-technology synchronization
OSA 5440 for scalable and fully redunandant multi-technology synchronizationADVA
 
Synchronisation and Time Distribution in Modern Telecommunications Networks
Synchronisation and Time Distribution in Modern Telecommunications NetworksSynchronisation and Time Distribution in Modern Telecommunications Networks
Synchronisation and Time Distribution in Modern Telecommunications Networks3G4G
 
A new benchmark for timing success - OSA 5412 and 5422 access grandmasters
A new benchmark for timing success - OSA 5412 and 5422 access grandmasters A new benchmark for timing success - OSA 5412 and 5422 access grandmasters
A new benchmark for timing success - OSA 5412 and 5422 access grandmasters ADVA
 
5G Security Briefing
5G Security Briefing5G Security Briefing
5G Security Briefing3G4G
 
OSA 5405-MB – precise edge timing for 5G and smart cities
OSA 5405-MB – precise edge timing for 5G and smart citiesOSA 5405-MB – precise edge timing for 5G and smart cities
OSA 5405-MB – precise edge timing for 5G and smart citiesADVA
 
The 400G transition
The 400G transitionThe 400G transition
The 400G transitionADVA
 
Building the foundations of Ultra-RELIABLE and Low-LATENCY Wireless Communica...
Building the foundations of Ultra-RELIABLE and Low-LATENCY Wireless Communica...Building the foundations of Ultra-RELIABLE and Low-LATENCY Wireless Communica...
Building the foundations of Ultra-RELIABLE and Low-LATENCY Wireless Communica...3G4G
 
Inject precise synchronization into open compute servers
Inject precise synchronization into open compute serversInject precise synchronization into open compute servers
Inject precise synchronization into open compute serversADVA
 
Orchestrated virtualized multivendor SD-WAN services
Orchestrated virtualized multivendor SD-WAN servicesOrchestrated virtualized multivendor SD-WAN services
Orchestrated virtualized multivendor SD-WAN servicesADVA
 

Was ist angesagt? (20)

ADVA launches new aPNT+™ platform to protect critical network infrastructure
ADVA launches new aPNT+™ platform to protect critical network infrastructureADVA launches new aPNT+™ platform to protect critical network infrastructure
ADVA launches new aPNT+™ platform to protect critical network infrastructure
 
ADVA aPNT+™ security enhancements
ADVA aPNT+™ security enhancementsADVA aPNT+™ security enhancements
ADVA aPNT+™ security enhancements
 
Introducing the FSP 150-XG118Pro
Introducing the FSP 150-XG118ProIntroducing the FSP 150-XG118Pro
Introducing the FSP 150-XG118Pro
 
Submarine line termination equipment (SLTE) for open cables
Submarine line termination equipment (SLTE) for open cablesSubmarine line termination equipment (SLTE) for open cables
Submarine line termination equipment (SLTE) for open cables
 
Improving time accuracy at the network edge
Improving time accuracy at the network edgeImproving time accuracy at the network edge
Improving time accuracy at the network edge
 
Introducing G.metro
Introducing G.metroIntroducing G.metro
Introducing G.metro
 
Introducing ConnectGuard™ Cloud
Introducing ConnectGuard™ Cloud Introducing ConnectGuard™ Cloud
Introducing ConnectGuard™ Cloud
 
Drive down latency and costs in the access network with the MicroMux™ Edge BiDi
Drive down latency and costs in the access network with the MicroMux™ Edge BiDiDrive down latency and costs in the access network with the MicroMux™ Edge BiDi
Drive down latency and costs in the access network with the MicroMux™ Edge BiDi
 
Meet the industry's first pluggable module for precise synchronization
Meet the industry's first pluggable module for precise synchronizationMeet the industry's first pluggable module for precise synchronization
Meet the industry's first pluggable module for precise synchronization
 
Recent growth in timing
Recent growth in timingRecent growth in timing
Recent growth in timing
 
ADVA Disaggregated NOS
ADVA Disaggregated NOSADVA Disaggregated NOS
ADVA Disaggregated NOS
 
OSA 5440 for scalable and fully redunandant multi-technology synchronization
OSA 5440 for scalable and fully redunandant multi-technology synchronizationOSA 5440 for scalable and fully redunandant multi-technology synchronization
OSA 5440 for scalable and fully redunandant multi-technology synchronization
 
Synchronisation and Time Distribution in Modern Telecommunications Networks
Synchronisation and Time Distribution in Modern Telecommunications NetworksSynchronisation and Time Distribution in Modern Telecommunications Networks
Synchronisation and Time Distribution in Modern Telecommunications Networks
 
A new benchmark for timing success - OSA 5412 and 5422 access grandmasters
A new benchmark for timing success - OSA 5412 and 5422 access grandmasters A new benchmark for timing success - OSA 5412 and 5422 access grandmasters
A new benchmark for timing success - OSA 5412 and 5422 access grandmasters
 
5G Security Briefing
5G Security Briefing5G Security Briefing
5G Security Briefing
 
OSA 5405-MB – precise edge timing for 5G and smart cities
OSA 5405-MB – precise edge timing for 5G and smart citiesOSA 5405-MB – precise edge timing for 5G and smart cities
OSA 5405-MB – precise edge timing for 5G and smart cities
 
The 400G transition
The 400G transitionThe 400G transition
The 400G transition
 
Building the foundations of Ultra-RELIABLE and Low-LATENCY Wireless Communica...
Building the foundations of Ultra-RELIABLE and Low-LATENCY Wireless Communica...Building the foundations of Ultra-RELIABLE and Low-LATENCY Wireless Communica...
Building the foundations of Ultra-RELIABLE and Low-LATENCY Wireless Communica...
 
Inject precise synchronization into open compute servers
Inject precise synchronization into open compute serversInject precise synchronization into open compute servers
Inject precise synchronization into open compute servers
 
Orchestrated virtualized multivendor SD-WAN services
Orchestrated virtualized multivendor SD-WAN servicesOrchestrated virtualized multivendor SD-WAN services
Orchestrated virtualized multivendor SD-WAN services
 

Ähnlich wie 01. Critical Information Infrastructure Protection

The Charter of Trust
The Charter of TrustThe Charter of Trust
The Charter of TrustDefCamp
 
Fortinet Solution Mapping with AWS Well-Architecture
Fortinet Solution Mapping with AWS Well-ArchitectureFortinet Solution Mapping with AWS Well-Architecture
Fortinet Solution Mapping with AWS Well-ArchitectureYitao Cen
 
Mobile security data encryption - apcert yogyakarta 24 sept 2013
Mobile security data encryption - apcert yogyakarta 24 sept 2013Mobile security data encryption - apcert yogyakarta 24 sept 2013
Mobile security data encryption - apcert yogyakarta 24 sept 2013Dedy Hariyadi
 
All About Cyber Security Orientation Program (Foundational Level).pptx
All About Cyber Security Orientation Program (Foundational Level).pptxAll About Cyber Security Orientation Program (Foundational Level).pptx
All About Cyber Security Orientation Program (Foundational Level).pptxInfosectrain3
 
Cloud Security Issues and Challenge.pptx
Cloud Security Issues and Challenge.pptxCloud Security Issues and Challenge.pptx
Cloud Security Issues and Challenge.pptxInfosectrain3
 
All About Cyber Security Orientation Program (Foundational Level).pptx
All About Cyber Security Orientation Program (Foundational Level).pptxAll About Cyber Security Orientation Program (Foundational Level).pptx
All About Cyber Security Orientation Program (Foundational Level).pptxinfosec train
 
GE디지털 월드테크 브로셔(GE Digital Wurldtech)
GE디지털 월드테크 브로셔(GE Digital Wurldtech)GE디지털 월드테크 브로셔(GE Digital Wurldtech)
GE디지털 월드테크 브로셔(GE Digital Wurldtech)GE코리아
 
Securing Network System for an IIoT: Best Approaches and Steps
Securing Network System for an IIoT: Best Approaches and StepsSecuring Network System for an IIoT: Best Approaches and Steps
Securing Network System for an IIoT: Best Approaches and StepsInfyiot Solutions
 
corporate-brochure.pdf
corporate-brochure.pdfcorporate-brochure.pdf
corporate-brochure.pdfLolaHel
 
Smau Padova 2018 - Cisco
Smau Padova 2018 - CiscoSmau Padova 2018 - Cisco
Smau Padova 2018 - CiscoSMAU
 
Laser Pioneer Secures Network End-to-End to Protect Assets
Laser Pioneer Secures Network End-to-End to Protect AssetsLaser Pioneer Secures Network End-to-End to Protect Assets
Laser Pioneer Secures Network End-to-End to Protect AssetsCisco Security
 
IT SECURITY ASSESSMENT PROPOSAL
IT SECURITY ASSESSMENT PROPOSALIT SECURITY ASSESSMENT PROPOSAL
IT SECURITY ASSESSMENT PROPOSALCYBER SENSE
 
SecurityGen's IDS/IPS Solutions for Proactive Threat Management
SecurityGen's IDS/IPS Solutions for Proactive Threat ManagementSecurityGen's IDS/IPS Solutions for Proactive Threat Management
SecurityGen's IDS/IPS Solutions for Proactive Threat ManagementSecurityGen1
 
Unraveling the Web: Exploring Vulnerabilities in Network Security
Unraveling the Web: Exploring Vulnerabilities in Network SecurityUnraveling the Web: Exploring Vulnerabilities in Network Security
Unraveling the Web: Exploring Vulnerabilities in Network SecuritySecurityGen1
 
SecurityGen-IDS_case_study.pdf
SecurityGen-IDS_case_study.pdfSecurityGen-IDS_case_study.pdf
SecurityGen-IDS_case_study.pdfSecurity Gen
 
Beyond the Perimeter IDS, IPS, and Firewall Strategies Unveiled.pdf
Beyond the Perimeter IDS, IPS, and Firewall Strategies Unveiled.pdfBeyond the Perimeter IDS, IPS, and Firewall Strategies Unveiled.pdf
Beyond the Perimeter IDS, IPS, and Firewall Strategies Unveiled.pdfSecurityGen1
 
A Deep Dive into the Anatomy of a Network Incident.pdf
A Deep Dive into the Anatomy of a Network Incident.pdfA Deep Dive into the Anatomy of a Network Incident.pdf
A Deep Dive into the Anatomy of a Network Incident.pdfSecurityGen1
 
SecurityGen: Your Trusted Partner for Unrivaled Telecom Security
SecurityGen: Your Trusted Partner for Unrivaled Telecom SecuritySecurityGen: Your Trusted Partner for Unrivaled Telecom Security
SecurityGen: Your Trusted Partner for Unrivaled Telecom SecuritySecurity Gen
 

Ähnlich wie 01. Critical Information Infrastructure Protection (20)

The Charter of Trust
The Charter of TrustThe Charter of Trust
The Charter of Trust
 
Fortinet Solution Mapping with AWS Well-Architecture
Fortinet Solution Mapping with AWS Well-ArchitectureFortinet Solution Mapping with AWS Well-Architecture
Fortinet Solution Mapping with AWS Well-Architecture
 
Mobile security data encryption - apcert yogyakarta 24 sept 2013
Mobile security data encryption - apcert yogyakarta 24 sept 2013Mobile security data encryption - apcert yogyakarta 24 sept 2013
Mobile security data encryption - apcert yogyakarta 24 sept 2013
 
All About Cyber Security Orientation Program (Foundational Level).pptx
All About Cyber Security Orientation Program (Foundational Level).pptxAll About Cyber Security Orientation Program (Foundational Level).pptx
All About Cyber Security Orientation Program (Foundational Level).pptx
 
Cloud Security Issues and Challenge.pptx
Cloud Security Issues and Challenge.pptxCloud Security Issues and Challenge.pptx
Cloud Security Issues and Challenge.pptx
 
All About Cyber Security Orientation Program (Foundational Level).pptx
All About Cyber Security Orientation Program (Foundational Level).pptxAll About Cyber Security Orientation Program (Foundational Level).pptx
All About Cyber Security Orientation Program (Foundational Level).pptx
 
GE디지털 월드테크 브로셔(GE Digital Wurldtech)
GE디지털 월드테크 브로셔(GE Digital Wurldtech)GE디지털 월드테크 브로셔(GE Digital Wurldtech)
GE디지털 월드테크 브로셔(GE Digital Wurldtech)
 
Securing Network System for an IIoT: Best Approaches and Steps
Securing Network System for an IIoT: Best Approaches and StepsSecuring Network System for an IIoT: Best Approaches and Steps
Securing Network System for an IIoT: Best Approaches and Steps
 
Cyber Security.pptx
Cyber Security.pptxCyber Security.pptx
Cyber Security.pptx
 
corporate-brochure.pdf
corporate-brochure.pdfcorporate-brochure.pdf
corporate-brochure.pdf
 
Smau Padova 2018 - Cisco
Smau Padova 2018 - CiscoSmau Padova 2018 - Cisco
Smau Padova 2018 - Cisco
 
Laser Pioneer Secures Network End-to-End to Protect Assets
Laser Pioneer Secures Network End-to-End to Protect AssetsLaser Pioneer Secures Network End-to-End to Protect Assets
Laser Pioneer Secures Network End-to-End to Protect Assets
 
IT SECURITY ASSESSMENT PROPOSAL
IT SECURITY ASSESSMENT PROPOSALIT SECURITY ASSESSMENT PROPOSAL
IT SECURITY ASSESSMENT PROPOSAL
 
SecurityGen's IDS/IPS Solutions for Proactive Threat Management
SecurityGen's IDS/IPS Solutions for Proactive Threat ManagementSecurityGen's IDS/IPS Solutions for Proactive Threat Management
SecurityGen's IDS/IPS Solutions for Proactive Threat Management
 
Unraveling the Web: Exploring Vulnerabilities in Network Security
Unraveling the Web: Exploring Vulnerabilities in Network SecurityUnraveling the Web: Exploring Vulnerabilities in Network Security
Unraveling the Web: Exploring Vulnerabilities in Network Security
 
SecurityGen-IDS_case_study.pdf
SecurityGen-IDS_case_study.pdfSecurityGen-IDS_case_study.pdf
SecurityGen-IDS_case_study.pdf
 
Beyond the Perimeter IDS, IPS, and Firewall Strategies Unveiled.pdf
Beyond the Perimeter IDS, IPS, and Firewall Strategies Unveiled.pdfBeyond the Perimeter IDS, IPS, and Firewall Strategies Unveiled.pdf
Beyond the Perimeter IDS, IPS, and Firewall Strategies Unveiled.pdf
 
A Deep Dive into the Anatomy of a Network Incident.pdf
A Deep Dive into the Anatomy of a Network Incident.pdfA Deep Dive into the Anatomy of a Network Incident.pdf
A Deep Dive into the Anatomy of a Network Incident.pdf
 
SecurityGen: Your Trusted Partner for Unrivaled Telecom Security
SecurityGen: Your Trusted Partner for Unrivaled Telecom SecuritySecurityGen: Your Trusted Partner for Unrivaled Telecom Security
SecurityGen: Your Trusted Partner for Unrivaled Telecom Security
 
Aensis Advanced Cybersecurity Solutions
Aensis Advanced Cybersecurity SolutionsAensis Advanced Cybersecurity Solutions
Aensis Advanced Cybersecurity Solutions
 

Mehr von Directorate of Information Security | Ditjen Aptika

Mehr von Directorate of Information Security | Ditjen Aptika (20)

Sosialisasi Keamanan Informasi_Sektor Kesehatan
Sosialisasi Keamanan Informasi_Sektor KesehatanSosialisasi Keamanan Informasi_Sektor Kesehatan
Sosialisasi Keamanan Informasi_Sektor Kesehatan
 
Sosialisasi Keamanan Informasi_Penyelenggaraan Telekomunikasi
Sosialisasi Keamanan Informasi_Penyelenggaraan TelekomunikasiSosialisasi Keamanan Informasi_Penyelenggaraan Telekomunikasi
Sosialisasi Keamanan Informasi_Penyelenggaraan Telekomunikasi
 
Sosialisasi Keamanan Informasi_Sektor Tranportasi
Sosialisasi Keamanan Informasi_Sektor TranportasiSosialisasi Keamanan Informasi_Sektor Tranportasi
Sosialisasi Keamanan Informasi_Sektor Tranportasi
 
Sosialisasi Keamanan Informasi_Bidang Perhubungan Udara
Sosialisasi Keamanan Informasi_Bidang Perhubungan UdaraSosialisasi Keamanan Informasi_Bidang Perhubungan Udara
Sosialisasi Keamanan Informasi_Bidang Perhubungan Udara
 
Sosialisasi Keamanan Informasi_Bidang Mineral dan Batubara
Sosialisasi Keamanan Informasi_Bidang Mineral dan BatubaraSosialisasi Keamanan Informasi_Bidang Mineral dan Batubara
Sosialisasi Keamanan Informasi_Bidang Mineral dan Batubara
 
Sosialisasi Keamanan Informasi_Bidang Ketenagalistrikan
Sosialisasi Keamanan Informasi_Bidang KetenagalistrikanSosialisasi Keamanan Informasi_Bidang Ketenagalistrikan
Sosialisasi Keamanan Informasi_Bidang Ketenagalistrikan
 
Sosialisasi Keamanan Informasi_Bidang Energi Baru, Terbarukan dan Konservasi ...
Sosialisasi Keamanan Informasi_Bidang Energi Baru, Terbarukan dan Konservasi ...Sosialisasi Keamanan Informasi_Bidang Energi Baru, Terbarukan dan Konservasi ...
Sosialisasi Keamanan Informasi_Bidang Energi Baru, Terbarukan dan Konservasi ...
 
Fetri Miftach_Uji publik rpm tata kelola
Fetri Miftach_Uji publik rpm tata kelolaFetri Miftach_Uji publik rpm tata kelola
Fetri Miftach_Uji publik rpm tata kelola
 
Hasyim Gautama_Tata kelola tik 20151118
Hasyim Gautama_Tata kelola tik 20151118Hasyim Gautama_Tata kelola tik 20151118
Hasyim Gautama_Tata kelola tik 20151118
 
Standar rujukan keamanan informasi sub sektor perangkat telekomunikasi
Standar rujukan keamanan informasi sub sektor perangkat telekomunikasiStandar rujukan keamanan informasi sub sektor perangkat telekomunikasi
Standar rujukan keamanan informasi sub sektor perangkat telekomunikasi
 
Diskusi Publik RPM Perangkat Lunak Sistem Elektronik_I Made Wiryawan
Diskusi Publik RPM Perangkat Lunak Sistem Elektronik_I Made WiryawanDiskusi Publik RPM Perangkat Lunak Sistem Elektronik_I Made Wiryawan
Diskusi Publik RPM Perangkat Lunak Sistem Elektronik_I Made Wiryawan
 
Diskusi Publik RPM Perangkat Lunak Sistem Elektronik_Junior Lazuardi
Diskusi Publik RPM Perangkat Lunak Sistem Elektronik_Junior LazuardiDiskusi Publik RPM Perangkat Lunak Sistem Elektronik_Junior Lazuardi
Diskusi Publik RPM Perangkat Lunak Sistem Elektronik_Junior Lazuardi
 
Diskusi Publik RPM Perangkat Lunak Sistem Elektronik_DR Hasyim Gautama
Diskusi Publik RPM Perangkat Lunak Sistem Elektronik_DR Hasyim GautamaDiskusi Publik RPM Perangkat Lunak Sistem Elektronik_DR Hasyim Gautama
Diskusi Publik RPM Perangkat Lunak Sistem Elektronik_DR Hasyim Gautama
 
Teguh arifiyadi ls skse
Teguh arifiyadi ls skseTeguh arifiyadi ls skse
Teguh arifiyadi ls skse
 
Konny sagala skema kelaikan se
Konny sagala skema kelaikan seKonny sagala skema kelaikan se
Konny sagala skema kelaikan se
 
Intan rahayu tata cara sertifikasi kelaikan sistem elektronik
Intan rahayu tata cara sertifikasi kelaikan sistem elektronikIntan rahayu tata cara sertifikasi kelaikan sistem elektronik
Intan rahayu tata cara sertifikasi kelaikan sistem elektronik
 
Uji Publik RPM SMPI Fetri Miftah
Uji Publik RPM SMPI Fetri MiftahUji Publik RPM SMPI Fetri Miftah
Uji Publik RPM SMPI Fetri Miftah
 
RPM SMPI 20150805 Hasim Gautama
RPM SMPI 20150805 Hasim GautamaRPM SMPI 20150805 Hasim Gautama
RPM SMPI 20150805 Hasim Gautama
 
SNI ISO 27001 Anwar Siregar
SNI ISO 27001 Anwar SiregarSNI ISO 27001 Anwar Siregar
SNI ISO 27001 Anwar Siregar
 
RPM SMPI
RPM SMPIRPM SMPI
RPM SMPI
 

Kürzlich hochgeladen

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfhans926745
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 

Kürzlich hochgeladen (20)

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 

01. Critical Information Infrastructure Protection

  • 2. © PT IMAN Teknologi Informasi XecureITCritical Information Infrastructure Protectionv1.0 - IISF 2013 R U Sure U R Secure?
  • 3. Security is Like a Chain... as Strong as The Weakest link ` 90% cyber security implementation is inconsistent... :’(
  • 4. © PT IMAN Teknologi Informasi XecureITCritical Information Infrastructure Protectionv1.0 - IISF 2013 Know Your Enemies  Threat Agent – People  Attacks carried out by unknown attacker (public)  Attacks carried out by known attacker, such as employees, contractors, partners or customers both consciously and as victims of social engineering  Attacks carried out by authorized users both consciously and as victims of social engineering  Threat Agent Resources  Low grade attacker: script kiddies, new born attacker, public tools, <USD1000.  Medium grade attacker: expert, public or custom tools, <USD100.000.  High grade attacker: advance custom tools, <USD 1 Million.  Government grade attacker.
  • 5. © PT IMAN Teknologi Informasi XecureITCritical Information Infrastructure Protectionv1.0 - IISF 2013 Gildas Deograt Lumy, CISA, CISSP, ISO 27001 LA  Senior Information Security Consultant - XecureIT  Consultancy, Audit, Assessment, Penetration Testing, Research  Experiences  21 years in IT, 16 years direct experiences in Information Security  25 years as social worker to take care homeless people and street children  Community Founder and Leader  Komunitas Keamanan Informasi (KKI)  (ISC)2 Indonesia Chapter  Forum Keamanan Informasi (FORMASI)  Cyber Security Certified Professional (CSCP) Association  Trainer  CISSP Common Body of Knowledge  Hacking Techniques & Defense Strategy  ISO27001 Implementation
  • 6. © PT IMAN Teknologi Informasi XecureITCritical Information Infrastructure Protectionv1.0 - IISF 2013 Do you know who are inside? 90% of Internal Network is “Public”
  • 7. Complexity is the worst information security enemy Information Security is A Complex Issue Impossible to solve without strong management commitment supported by highly competent professionals.
  • 8. © PT IMAN Teknologi Informasi XecureITCritical Information Infrastructure Protectionv1.0 - IISF 2013 Conventional Cyber Security Easy to compromise
  • 9. © PT IMAN Teknologi Informasi XecureITCritical Information Infrastructure Protectionv1.0 - IISF 2013 End-to-End High Grade Security
  • 10. © PT IMAN Teknologi Informasi XecureITCritical Information Infrastructure Protectionv1.0 - IISF 2013 End-to-End High Grade Security The Key Principles Balanced between preventive, detective and corrective controls in all information life cycle:  Holistic  High Integrity  White List Approach  Defense in Depth  Least Privilege  Separation of Duties  Effective Change Management  End-to-End Encryption  Good Performance  Full Redundancy  Integrated Monitoring
  • 11. Standar Arsitektur Keamanan Tingkat Tinggi Informasi (SAKTTI) ` Konsisten, efektif dan efisien arsitektur untuk menangani ancaman serangan tingkat tinggi.
  • 12. © PT IMAN Teknologi Informasi XecureITCritical Information Infrastructure Protectionv1.0 - IISF 2013 XecureIT Experiences CARES Facts  Consultancy High grade information security architecture is very difficult and expensive to implement and operate.  Assurance 99% security implementation can be compromised if similar conditions with real threat agent is created and allowed. The reasons why we create XecureZone as a high grade security solution.  Research & Development Our solutions has been used by highly sensitive systems.  Education 70% highly competent information security profesional went abroad.  Secure Hosting In house XecureZone has been used to protect our customers sensitive systems.
  • 13. © PT IMAN Teknologi Informasi XecureITCritical Information Infrastructure Protectionv1.0 - IISF 2013 XecureZone Overview A Complete Integrated Solution Technology People XecureZone Physical Administrative
  • 14. © PT IMAN Teknologi Informasi XecureITCritical Information Infrastructure Protectionv1.0 - IISF 2013 XecureZone Overview The Key Objectives: S.O.S  Secure Improve information security to the highest level through clear and balance end-to-end prevention and detection strategy.  Optimize Significantly reduce TCO through uniform strategy, hardware and licenses optimization, and pre-configured systems.  Simplify Simplify information security compliance and conformance, such as UU ITE, PP PSTE, PBI, ISO 27001 and PCI DSS.
  • 15. © PT IMAN Teknologi Informasi XecureITCritical Information Infrastructure Protectionv1.0 - IISF 2013 XecureZone Overview The Key Benefits: T.R.U.S.T  Transparant by using open source solutions for the core components.  Reliable by using the best software and hardware components.  Uniform strategy and implementation to optimize the TCO.  Simplify complex processes, from design to maintainance.  Tough solution - strong but flexible.
  • 16. © PT IMAN Teknologi Informasi XecureITCritical Information Infrastructure Protectionv1.0 - IISF 2013 XecureZone Technology Implementation
  • 17. © PT IMAN Teknologi Informasi XecureITCritical Information Infrastructure Protectionv1.0 - IISF 2013 XecureZone Technology Key Feature: SAKTTI Implementation
  • 18. © PT IMAN Teknologi Informasi XecureITCritical Information Infrastructure Protectionv1.0 - IISF 2013 XecureZone Overview The Biggest Challenge is To Change The Mindset “I feel convenience if... I use the good safety belt and helmet properly and the car has the effective breaking system to go fast !”
  • 19. © PT IMAN Teknologi Informasi XecureITCritical Information Infrastructure Protectionv1.0 - IISF 2013 Summary  Conventional security strategy and implementation have failed.  SAKTTI answers the needs of high grade information security architecture.  XecureZone simplifies and optimizes SAKTTI implementation and operation.  XecureZone is built with 21 years experience on top of solid hardware and software components.  XecureZone can be easily customized to accomodate various needs. XecureZone Secure.Optimize.Simple