Didiet Kusumadihardja - Cybersecurity Consultant Portfolio. Qualification, affiliation, list of services offered and related experience. Language: English.
2. About Me
2
Didiet Kusumadihardja have more than 16 years of experience in the field of
Information Technology (IT), 5 years in Cybersecurity, especially in computer networks
and system infrastructure with various kinds of IT products ranging from middle to
lower class products to upper middle class products, from proprietary to open-source.
Didiet has experience in various fields ranging from Wireless Internet Service
Providers (WISP), startups (e-commerce), manage services, IT due diligence, IT
audits, IT security, penetration testing, IT consulting services and training services.
Qualifications and Professional Affiliates:
ïš Bachelor of Engineering, Electrical engineering major, UNIKA Atma Jaya
ïš Graduated from Cisco Cybersecurity Scholarship 2017
ïš External examiner Uji Kompetensi Kejuruan nasional Teknik Komputer & Jaringan
(UKK TKJ) at SMK Bina Informatika Bintaro year 2017 & 2018
ïš Registered as Indonesia Honeynet Project (IHP) member and OWASP-ID member
ïš Qualified with multiple IT Security certifications: Certified Ethical Hacker (CEH),
Certified Network Defender (CND), CCNA Cyber Ops, CPISI, and CSCU
ïš Also have several IT Professional certifications like Mikrotik Certified Trainer,
Ubiquiti Certified Trainer, JNCIA, VCA-DCV, MTCIPv6E, MTCTCE, MTCINE,
MTCWE, MTCRE, MTCUME, MTCNA, UBWA, UEWA, UBRSA, USRS & HE IPv6
Certification
Mobile/WA: +62 813 1115 0054 | Email: didiet@arch.web.id
3. Services Offered
3
With a broad knowledge base in the field of IT, Didiet have a
professional career in cyber security area.
IT governance capabilities in formulating processes that must
be carried out by the IT division to ensure effective and
efficient use of IT, which enables the organization to achieve
its objectives.
Some of the main services that can be
offered by him are as follows:
1. Computer Network Services
2. IT Security Services
3. Governance, Risk & Compliance
(GRC) Services
4. IT Training Services
Equipped with extensive and
deep technical capabilities in the
area of information technology,
especially computer networks
and cyber security.
Didiet continues to hone his skills
by taking various international
certifications and likes to share
information technology
knowledge.
5. Network Assessment
5
Challenges: Very complex network conditions, diverse business
needs, lack of confidence in the defense configuration, not sure how
to optimally invest in infrastructure, and difficulties in aligning
business needs with infrastructure needs.
Solution: Ensure that the existing network matches your business
needs. Provides scalability, security, and allows for future growth.
Have investment protection along with business growth.
Including priority analysis which is the biggest problem for users,
and review of the performance and capacity of IT infrastructure.
Outcome: Executive summary of infrastructure conditions and their
impact on the company's business. Technical recommendations that
are detailed in each finding.
Provide recommendations efficiently and effectively by optimizing
the design and configuration of the IT infrastructure that is owned.
And reduce business risks by implementing strategically placed
defenses.
6. Computer Network
6
Implementation of Hierarchical Internetworking Model
Challenges: The implementation of hierarchical (core, distribution,
access) networks with 3 different device brands by adjusting network
protocols that can be accepted by the three brands.
Interconnection VoIP System and Analog PABX
Challenge: Interconnect between analog PABX with all its
limitations with a more advanced Voice over IP (VoIP) digital
system.
Design Wireless Mesh Infrastructure in Mining Open Pit
Challenges: Wireless infrastructure design must be able to
handle harsh mining conditions and a constantly changing
landscape while ensuring the principles of availability,
redundancy and reliability. Design includes project
management to ensure implementation runs according to
plan.
Design Interconnection 2 VoIP System
Challenges: VoIP systems from 2 different
companies must be able to connect
without causing problems to each other.
7. Load Balance 3 ISP using PCC
7
Project Description:
Load Balance Multiple ISP using MikroTik Per-Connection Classifier (PCC). Configure VLANs, Virtual SSID, Firewall
filters, Bandwidth management, Block Youtube and Facebook.
Device use: MikroTik hEX lite as router, TP-Link TL-SG108E as manageable switch, TP-Link TL-WA801ND as access
point.
8. Multi-brand Network
8
Project Description:
Design and implement multi-brand enterprise network. DHCP, VLANs, Traffic shaper, Content Filter, VPN PPTP, and
Virtual SSID.
Device use: Fortinet (Fortigate-60D) as router, Cisco (SG200-08) as switch and Unifi (UAP-AC-LR) as access point.
9. VPN SSTP and Telegram Alert
9
Project Description:
Challenge: Client wants to access his apps from the Internet using VPN. But he does not have Public IP address and
also want to have alert system if his server are down.
Solution: Implement VPN Server using Mikrotik Cloud Hosted Router (CHR) and hosted it on VPS Vultr. Alert system
using Netwatch and Telegram Bot.
11. Vulnerability Assessment &
Penetration Testing (VAPT)
11
Planning Discovery Attack
Reporting
Additional Discovery
Challenge: Every day there is always a vulnerability found by individuals or researchers in various software.
System components, processes and software must be tested frequently to ensure security is maintained over
time.
Information system security control testing is very important to be carried out in any environmental changes
such as the presence of new software or configuration changes to the system.
Solution: Test and assess
information system security
technically, analyze findings, and
make mitigation strategies.
Vulnerability assessment are
conducted to identify ways to exploit
vulnerability to avoid or defeat the
security of a system.
Results: The result report will describe identified vulnerabilities, present
risk ratings, and provide guidance / recommendations on how to
mitigate weaknesses found.
Mitigation recommendations include the results of the root cause
analysis for each finding. Recommendations can be in the form of
technical recommendations (applying certain patches) and non-technical
recommendations (updating the patch management process).
Pentester
12. 12
Penetration Testing Core Finance Application
Challenge: Penetration test in financial institution with
various techniques such as review techniques, target and
analysis identification techniques, and security gap validation
techniques.
Vulnerability Management Data Center
Challenges: Perform vulnerability management on all
servers and network devices contained in the data center
and provide priority levels of mitigation remediation based on
the identified function and level of risk.
Penetration Testing Grade Control System
Challenges: Penetration tests on the communication lines of the grade
control system installed in the Dozer are a quite special challenge,
testers are required to study information technology devices that are
rarely used in the enterprise area.
This is one example of penetration testing in the area of the Internet of
Things.
VAPT Experience
13. SIEM Migration
13
Challenge: To comply with PCI-DSS requirement, effective daily log
monitoring all access to system components and cardholder data is a must,
and we need to have a comprehensive SIEM solution.
The existing SIEM solution are using AlienVault OSSIM a feature-rich, open-
source security information and event management (SIEM), but lack of file
integrity monitoring capability that required by PCI-DSS.
Solution: Security Onion could fulfill that requirement by using Host Visibility
capability, monitor changes to critical files and notify when such changes are
identified.
14. Breach & Attack Simulation
14
Attack Phase Activity
Reconnaissance [1] Port Scan,
[2] Unencrypted Password File
Weaponization
Delivery
[3] Remote Access,
[4] Remote Access Trojan (RAT)
Exploitation
Installation
Command & Control
Actions on Objectives
[5] Internal Data Transfer
[6] Large Data Volume Outbound
Challenge: To provide Proof of Value (PoV) of existing process
and technology in organization, we need to simulate attack to
make sure our technology could identify such threats and our
people could follow the process to response the incidents.
Solution: We simulate adversary attack tactics and techniques by
using Cyber Kill Chain methodology, and categorize using
MITRE ATT&CK, so our customer could detect and mitigate such
threat in the future.
17. IT General Control Audit
17
Challenges: The use of significant / dominant IT in business processes and
financial transactions in a company makes the company must be able to
understand and respond to risks arising from the use of IT.
Various IT audit drivers must be carried out by an entity, namely the rules /
regulations of the government, operational effectiveness and governance,
process improvement and to meet the certification standards.
âą UU ITE No 11 Tahun 2008
âą POJK 38/POJK.03/2016
âą SEOJK 21/SEOJK.03/2017
âą PBI 16/8/PBI/2014
â PCI DSS
â ISO 27001
Solution: Testing of general IT controls includes policies, procedures and their application that
meet the principles: confidentiality, confidentiality, integrity, availability, authentication, and non-
repudiation.
Aspects of General IT Control
IT Auditor
Outcome: Identify the main problem / risk in various aspects of general IT control
and assess the effectiveness of general IT controls owned by the company.
Describe the consequences that can be generated and provide recommendations
for improvement / mitigation on each identified problem.
Finalization of the IT audit report in the form of a management letter containing
information on conditions, risks, recommendations and management responses.
18. IT Due Diligence
18
Challenges: Companies can destroy themselves by buying other companies
without fully understanding what they are getting and not making assimilation
plans.
The ability of both companies to embrace each other and to take advantage of
the strengths of each company in a merger is an important ingredient towards
success.
Solution: IT due diligence will evaluate the company's dependence on information technology and measure
risk, exposure, financial requirements to continue the use of IT products and services. This IT due diligence will
also identify opportunities for increased assimilation related to IT initiatives.
Determine what the IT division needs to support the company's future business.
Results: Understanding the needs and problems of the IT division by
presenting the capabilities and capacity of the IT division. This understanding
will be expressed in the form of reports that include information on the
company's IT conditions (organization, clients, infrastructure, business
applications, IT processes, level of automation), risks, opportunities that can be
generated, key persons, IT operating budget, IT capital expenditure needs, and
IT transition plan.
The findings of IT due diligence are the result of identification of company
information technology problems related to stability, service support, scalability
and costs.
Experience: IT Due Diligence at the Transportation Sector System Integration
Company
Company
A
Company
B
+
New
Company
Company Merger
1 + 1 = 3
20. Training Service
20
Challenge: One of the risks that is owned by every company in
running its business is not always on the technology factor but
in the human resource factor. The absence of adequate
awareness and understanding, poorly designed architecture
and lack of personnel with technical expertise to operate IT
systems that are owned can have a detrimental effect on the
sustainability of the company's business.
Solution: Training services in the field of IT, especially computer networks and information security, by
providing an understanding theory with direct practice of IT device configuration.
Some training materials that have been given include: Basic Computer Network, MikroTik Introduction, Ubiquiti
Enterprise Wireless Admin, Ubiquiti Wireless Outdoor, Cyber Security Awareness, Network Security, and
Introduction to Penetration Testing.
Results: Reducing business risks to the inability of
personnel in operating the company's IT system.
Increase the effectiveness of human resources and
accelerate problem solving that can occur at any
time in the company's IT system.
Personnel who take part in the training can also get
international standard professional certification.
21. Training as Trainer Experience
21
Introduction to Penetration Testing
Training Materials: Understanding the needs and drivers of
penetration testing, best practices and some technical examples of
ways to conduct penetration testing.
Computer Network Defense
Training Materials: Basic computer networks; Network Defense-in-
Depth; Secure network design; Security threats; Vulnerabilities and
Attacks on computer networks.
Outdoor WiFi Fundamentals
Training Materials: Training for professionals in the service provider
industry how to design, manage and solve wireless infrastructure
problems in an Internet Service Provider (ISP) network.
Ubiquiti Enterprise Wireless Admin
Training Materials: A 2 (two) day training course teaches the concept
of corporate networks with a primary focus on wireless networks. This
training emphasizes on how to design, build, and manage WLAN
using Ubiquiti devices.
23. Past Projects (1/2)
23
Year Project Name
2023 Nov Manage Security Operating Center Consultant
2023 Oct Voice over IP and Network Troubleshoot
2022 Feb Cloud Security Consultant [Full-Remote]
2021 Nov Penetration Testing using OWASP Methodology [Full-Remote]
2021 Oct IT Audit General Control and Vulnerability Assessment [Bandung]
2021 Apr Load Balance 2 ISP using MikroTik RouterOS [Full-Remote]
2021 Mar VPN configuration using Cloud Hosted Router at VPS Cloud Hosting
2021 Mar Ubiquiti Network Troubleshoot [Full-Remote]
2021 Feb Wireless Captive Portal Implementation & Facebook Login Integration
2021 Jan Network Troubleshoot and Improve Scalability [Ambon, Maluku]
2021 Jan Network Configuration for 8 Clinic Branch
2020 Dec Cyber Security Market Advisor
2019 Jan Training MikroTik Certified Network Associate
2019 May Network Configuration (Fortinet, Cisco, Ubiquiti)
2019 May Wireless Design Consultation for Warehouse Area