The presentation will emphasize that cybersecurity is not merely an IT issue but a fundamental business concern that requires a holistic approach. It will gain a comprehensive understanding of how technology serves as the cornerstone of effective cybersecurity and risk management strategies in an increasingly digital world.
Through this presentation, organizations and individuals will be better equipped to navigate the complex cybersecurity landscape and harness technology to protect their digital assets, preserve their reputation, and safeguard sensitive information from evolving threats.
1. CYBER SECURITY AND
RISK MANAGEMENT
TECHNOLOGY
NIM:
23222026 Bene Genhaq Suseno
23222048 Pray Putra Hasianro Nadeak
23523015 Galuh Dipa Bharata
23523042 Mohammad Febri Ramadlan
2. The Face and
Future of
Cyberthreats
Cyberattack
Targets and
Consequences
Cyber Risk
Management
Defending Agains
Fraud
Frameworks,
Standards, and
Models
01 02 03
04 05
TABLE OF CONTENTS
3. The Face and Future of
Cyber Threats
01.
Introducing several types of Cyber Threat and their
characteristics
4.
5. Apa itu Cyber Threats?
Siber (id ; KBBI) : Sistem komputer
dan atau teknologi informasi
yang berkaitan dengan dunia
maya, atau sistem yang
terhubung jejaring internet
Cyber (en) Cyber Threats
Merujuk pada kondisi atau situasi
maupun kemungkinan
memunculkan gangguan /
serangan yang merusak atau
merugikan yang mengancam
kerahasiaan, integritas,
ketersediaan sistem dan
informasi, maupun kegiatan
melanggar norma dan hukum [2]
6. Vulnerability Data Incident & Breach
Kerentanan (in Cyber) : adalah
sebuah gap antara IT Security sys
(network, system, atau aplikasi
ļ¬sik) yang memungkinkan untuk
menerima Cyber Threads
sehingga meningkatkan
kemungkinan resiko terhadap
sistem.
Kerentanan dapat menimbulkan
kondisi dimana percobaan
(berhasil atau tidak) unauthorized
access ke dalam sistem siber atau
disebut Data Incident atau
bahkan kemungkinan terjadinya
pengambilan data atau informasi
sensitif oleh individu, grup,
ataupun oleh sistem - Data
Breach.
Istilah General dalam Siber
7. Kategori Kerentanan
Conļ¬dentiality Integrity Availability
Data terahasia Data utuh dan tidak berubah Kesediaan sistem
Akses data yang tersimpan
dalam sistem diakses oleh
entitas yang sesuai.
Data harus tetap dengan
hanya perubahan yang
diperbolehkan.
Data dan sistem tetap dapat
diakses ketika dibutuhkan.
Kebocoran data, unauthorized
access, brute force access, etc.
Serangan malware, unknown
editor, data manipulate, etc
DoS (over traffic), DDoS
8. Major Cyber Threats
Crimeware
Malware dan
ransomware
Phishing
General dari Unauthorized
access dengan berbagai
tujuan atau ancaman
Human-target,
mendorong perilaku
DDoS
Mengganggu trafļ¬c ke
suatu target hingga over
Hacking
Intentional
Insider & Privilege
Misuse
Penyalahgunaan level
akses yang diberikan
pada suatu entitas
Physical theft
Pencurian aset-aset
siber
9. Major Cyber Threats (2)
Environment
Bencana, kondisi
lingkungan, dan
sebagainya
Human Error
Kehilangan, kerusakan, dan
sebagainya
Kesalahan data, desain
hardware/software, bad
management data, etc
Computer Failure
Kualitas buruk, poor
maintenance, logical
problem, dan sebagainya
Physical Loss
Unintentional
10. HACKING
Istilah yang adalah istilah umum dalam
banyak serangan siber. Istilah ini pada
dasarnya merujuk ke sebuah tindakan
dalam mengeksploitasi kerentanan dalam
suatu sistem IT
White Hat
Gray Hat
dsadadadsa Mercury is the closest planet to the Sun
and the Earth is the third planet from the
Sun and the only one that harbors life in
the Solar System
Black Hat
Mercury is the closest planet to the Sun
and the Earth is the third planet from the
Sun and the only one that harbors life in
the Solar System
11. Phishing Spear Phishing
CYBER SOCIAL ENGINEERING THREATS
Menyebarkan suatu instruksi
secara random tanpa target
tertentu
Mengirimkan secara spesiļ¬k
suatu instruksi baik pada
individu atau kelompok
berdasarkan kecocokan
tertentu.
Hacker memanfaatkan implementasi social engineering (persuasif, trust, helpful,
kindness, free/easy-way, etc) untuk memanipulasi seseorang mengikuti keinginan
hacker. Hal ini menjadi gap besar karena sistem sulit melindungi kerentanan melalui
user.
12. Spyware
Malware Ransomware
Tracking software - didesain untuk
memata-matai seperti pengawasan, atau
bahkan data-data penting logs targetnya
Software embedded ads - hanya
menampilkkan iklan - biasanya untuk users
yang tidak membayar software tertentu
Program yang digunakan untuk mengganggu
kinerja komputer, mengumpulkan informasi
sensitif, atau memanipulasi akses ke data
Malware yang dirancang untuk membatasi
akses ke komputer target dengan tujuan
meminta bayaran/tebusan
CYBER SOCIAL ENGINEERING THREATS (2)
CRIMEWARE
Berbagai program yang disebarkan atau dibuat oleh hacker dan dimanfaatkan dalam
tujuan tertentu.
Adware
13. TDoS PDoS
Denial-of-Service (DoS)
Distributed Denial-of-Service :
membanjiri traffic dengan banyak
sumber request
Telephony Denial-of-Service :
membanjiri dengan panggilan atau
menahan panggilan dalam waktu
tertentu
Permanent Denial-of-Service :
sedikit berbeda, serangan ini
berfokus untuk menimbulkan
kerusakan dari suatu target hingga
ke tahap sistem harus di reset
ataupun installasi ulang
DDoS
Serangan dengan tujuan membuat layanan siber menjadi tidak tersedia dengan cara
membanjiri request pada trafļ¬c jaringan sehingga sistem mengalami overload.
14. CREDITS: This presentation template was created by Slidesgo, and
includes icons by Flaticon and infographics & images by Freepik
Insider & Privilege Misuse
Aspek ini menjadi yang paling sulit ditanggulangi karena
dilakukan dari dalam, dan pencegahannya akan berbeda
dengan serangan luar.
Salah satu contoh adalah perubahan, penghapusan, atau
pengambilan data yang dilakukan oleh Insider bias disebut
Data Tampering.
15. Miscellaneous Errors
Publishing Error
Penyebaran informasi yang
salah tujuan atau bahkan
kesalahan informasi
Misconļ¬guration
Kesalahan pengiriman
informasi (to person/individu)
Membangun pengaturan
sistem yang salah (access,
ļ¬rewall, dsb)
Disposal Error
Pembersihan perangkat
tak terpakai tidak clear
Misdelivery
Intentional
Data Entry Error
Data yang dimasukkan tidak
benar, duplicate, corrupt, dsb
Programming Error
Kesalahan logic atau sistematis
sitem di level pemrograman
Omission
Data or document is not sent
17. 6 Points of Cyberattack Targets and Concequences
1 3 5
"High-proļ¬le" and
"under-the-radar"
attacks
Theft of Intellectual
Property Bring Your Own Device (BYOD)
2 4
Identity Theft
Critical
Infrastructure
Attacks
6
Social Media Attacks
18. āHigh-Proļ¬leā and āUnder-The-Radarā Attacks
High-profile attacks are those that target well-known organizations or individuals, often for
political, financial, or ideological reasons. These attacks can lead to significant reputational
damage, financial losses, and legal consequences.
Under-the-radar attacks are less publicized but can be just as damaging. They often target
smaller businesses, individuals, or non-profit organizations. These attacks may go unnoticed
for extended periods, causing financial and personal harm.
Key points :
- Continue steal data
- Persistent
- Profit Oriented
- Anonymous
20. Theft of Intellectual Property
Key points :
- Cyberattacks frequently target
intellectual property, including
patents, trade secrets, and
proprietary data. When
stolen, this information can be
sold or used to gain a
competitive advantage.
- The consequences include
financial losses, loss of
market share, and damage to
a company's innovation and
competitiveness.
21. Identity Theft
ā Cybercriminals can steal personal information, such as Social Security numbers, credit card
details, and login credentials. This stolen data can be used for financial fraud, identity theft,
and other illegal activities.
ā The consequences for individuals can be devastating, including financial ruin and
reputational damage. Organizations may also suffer legal and financial penalties if they fail to
protect customer data.
22. Bring Your Own Device
ā The trend of employees using their personal devices for work purposes
introduces security risks. If these devices are not properly secured, they
can become targets for cyberattacks.
ā Consequences of BYOD-related attacks can include data breaches, loss of
sensitive information, and compromised corporate networks.
23. Social Media Attacks
ā Cybercriminals often target social media platforms to spread malware,
steal personal information, or launch phishing attacks.
ā The consequences of social media attacks can include compromised
accounts, identity theft, reputation damage, and the spread of
misinformation
25. 5 Key Leading to Cyberattacks
1 3 5
Interconnected, interdependent,
wirelessly networked business
environment
Decreasing skills necessary to be
a computer hacker Lack of management support
2 4
International organized crime
taking over cybercrime
Smaller, faster, cheaper
computers and storage devices
27. IDS IPS
3 Essential Defenses
Antimalware tools are designed to
detect malicious codes and prevent
users from downloading them
IDS scans for unusual or
suspicious traffic such as DOS
attack
IPS is designed to take immediate
action such as blocking speciļ¬c IP
addresses whenever a traffic-ļ¬ow
anomaly is detected
Antivirus Software
28. Biometric Control
Mobile Kill Switch or Remote Wipe Capability
Remote and wipe the in the event of loss or theft of a device
Do-Not-Carry Rules
Employee/ members can bring only ācleanā devices and are forbidden from connecting to the organisationās network
while abroad.
Minimum Security Defenses for Mobiles
Automated method of verifying the identity of a person, based on physical or behavioral characteristics such as fingerprint, voice print,
retinal scan, signature, etc
Rogue App Monitoring
Monitor and detect major app stores and shut down rogue applications 24/7
Zero Trust
Security framework requiring all users, to be authenticated, authorized, and continuously validated for security configuration and posture
before being granted or keeping access to applications and data
30. Characteristics of an Effective Cybersecurity Program
1 Make data and documents available and accessible 24/7 while simultaneously restricting
access.
2 Implement and enforce procedures and AUPs for data, networks, hardware, and software
that are company or employee owned, as discussed in the opening case.
3 Promote secure and legal sharing of information among authorized persons and partners.
4 Ensure compliance with government regulations and laws.
5 Prevent attacks by having network intrusion defenses in place.
6 Detect, diagnose, and respond to incidents and attacks in real time.
7 Maintain internal controls to prevent unauthorized alteration of data/records.
8 Recover from business disasters and disruptions quickly.
34. Type of Frauds
Type Financial
Impact
Typical Characteristics
Operation Management
Corruption
No Occurs off the books. Median loss due to corruption is 6X median
loss due to misappropriation
Conļ¬ict of Interest No Breach of conļ¬dentiality, such as revealing competitor bids. Often
occurs coincident with bribery
Bribery No Uses positional power or money to inļ¬uence others
Embezzlement or
āmisappropriationā
Yes Employee theft. Employee access to company property creates the
opportunity for embezzlement
Senior management
ļ¬nancial reporting fraud
Yes Involves massive breach of trust and leveraging of
positional power
Accounting Cycle fraud Yes Also called āearnings managementā or āearnings engineering.ā
Violates generally accepted accounting principles (GAAP) and other
all other accounting principles
35. Occupational Fraud Prevention and Detection
Corporate Governance Intelligent Analysis and
Anomaly Detections
ā An enterprise-wide approach
that combines risk, security,
compliance, and IT specialists
ā Perform regular audit,
employee training, and jobs
rotation.
ā Most detection activity can be
handled by intelligent analysis
engines using advanced data
warehousing and analytics
techniques
ā Detect anomalous patterns,
such as work hours, copying
huge amounts of data, unusual
transactions, etc
36. Internal Controls Objective
Compliance with laws,
regulations, and
policies
Reliability of ļ¬nancial
reporting, to protect
investors
Operational efļ¬ciency
Safeguarding of assets
The work atmosphere that a company sets for its employees.
37. General Controls
Physical Access Administrative
Preventive Fences, Gates,
Locks
Firewall, IPS, MFA,
Antivirus
Hiring & termination, Separation
of duties
Detective CCTV IDS, Honey pots Review access, audit logs,
unauthorized changes
Corrective Repair physical
damage, Re-issue
access cards
Patching, Quarantine Implement BCP, Have an
incident response plan
39. Auditing Information System
An audit is an important part as an additional layer of controls or safeguards
to criminal actions, especially for insiders.
Sample of questions
ā Are the controls implemented properly?
ā Which areas are not covered by controls?
ā Is there a clear separation of duties of employees?
ā Are there procedures to ensure compliance with the controls?
40. WARMING UP
1. Explain the concepts of intelligence analysis and
anomaly detection.
2. Name the major categories of general controls
3. Explain authentication and name two methods of
authentication
42. Dalam konteks Cybersecurity and Risk Management Technology:
ā FRAMEWORK merujuk pada suatu kerangka kerja atau struktur yang digunakan untuk mengorganisasi,
mengelola, dan mengintegrasikan pendekatan keamanan siber dan manajemen risiko dalam suatu
organisasi.
ā STANDARD merujuk pada dokumen formal yang menguraikan aturan, pedoman, dan persyaratan yang
harus dipatuhi oleh organisasi atau entitas untuk mencapai tingkat keamanan dan manajemen risiko
yang diterima.
ā MODEL merujuk pada representasi atau abstraksi sistem, proses, atau konsep keamanan siber dan
manajemen risiko yang digunakan untuk menganalisis, merencanakan, atau memahami aspek-aspek
tertentu dari keamanan dan manajemen risiko.
Mari Kita Sepakati Terlebih Dahuluā¦
44. Jenis Model
Threat Models Risk Models
Security Architecture
Models
Attack Models Maturity Models Behavioral Models
Security
Management Models
45. COBIT
(Control Objectives for Information and Related Technologies)
Four Domains of COBIT:
ā¢Align, Plan and Organize (APO)
ā¢Build, Acquire and Implement (BAI)
ā¢Deliver, Service and Support (DSS)
ā¢Monitor, Evaluate and Assess (MEA)
58. CREDITS: This presentation template was created by Slidesgo, and
includes icons by Flaticon and infographics & images by Freepik
DO YOU HAVE ANY QUESTIONS?
THANKS