SlideShare a Scribd company logo

Hogan Kusnadi - Information Security

•
•
D
donnyreza

This document discusses information security trends, knowledge, and career opportunities. It provides an overview of the speaker's qualifications and certifications in information security. It also outlines some common information security risks and incidents seen in Indonesia, such as malware, spam, identity theft, and website defacement. The document promotes training in information security standards like ISO 27001 to help mitigate risks. It argues that information security is a growing field with promising career prospects, especially for those with international certifications.

Education
1 of 97
Download to read offline
Information Security Trend, Knowledge and Promising Career Medan, 12 Juni 2010 Delivering Quality and Competence 1 TRAINING, HIRING & INCREASE CAREER
By: Ir. Hogan Kusnadi, MSc, CISSP-ISSAP, CISA (Certified Information Systems Security Professional) (Information Systems Security Architecture Professional) (Certified Information Systems Auditor) Certified Consultant for ISO 27001/27002 Founder and Director PT. UniPro Nuansa Indonesia E-mail: hogan@unipro.co.id www.unipro.co.id blog.unipro.co.id •
Kegiatan dan Keanggotaan Terkait Keamanan Informasi • Ketua Sub Panitia Teknis Kementrian Kominfo dan BSN, untuk Keamanan Informasi, mengadopsi ISO 27001, ISO 27002 seri lain dari ISO 27000. • MASPI (Masyarakat Sandi dan Keamanan Informasi). Anggota Pendiri dan Ketua Bidang Pengembangan Kompetensi (2006). • (ISC)2 International Information Systems Security Certification Consortium • ISACA (Information Systems Audit and Control Association), Member. • Mantan anggota Menkominfo “Task Force Pengamanan dan Perlindungan Infrastruktur Strategis Berbasis Teknologi Informasi” (2004) • Mantan Anggota Pokja EVATIK DETIKNAS (2007)
Klien UniPro
Holistic Information Security People – Process - Technology
Piagam Penghargaan MURI
Partner UniPro Training Partner Service Partner Technology Partner 7
Kegiatan Seminar 8
Kegiatan Seminar 9
Kegiatan Seminar 10
Kegiatan Seminar 11
Digital Lifestyle & Workstyle
Akses dan Transaksi • Dimana saja • Kapan Saja • Siapa Saja
Dua Sisi Teknologi
Manfaat vs Risiko Multi Fungsi Database Application Web Application Fleksibel Client Server Mudah digunakan Networking Integration Manfaat Cloud Computing Kerahasiaan Integritas Risiko Identity Theft Information Theft Ketersediaan Information Theft Otentisitas Industrial/State Espionage Distributed Denial of Service Nir Sangkal
Fastest Malware Outbreak
INFORMATION SECURITY RISK R P R O I T Bussiness Process E C S Information Assets T I K O SAFE N 18
Information Security Attack / Incident
Serangan Keamanan Informasi di Indonesia • Malicious Ware (Virus, Worm, Spyware, Keylogger, DOS, DDOS, etc) • Spam, Phising • Pencurian Identitas * • Data Leakage/Theft • Web Defaced • Web Transaction Attack • Misuse of IT Resources * Pencurian via ATM (Jan 2010)
Serangan Terhadap Website Indonesia Domain .id 1998 – 2009 792 .go.id 2138 846 .co.id .or.id 1463 .ac.id Source: www.zone-h.org
Serangan Terhadap Website Government Domain 1998 - 2009 17 711 .go.id .gov.my .gov.sg 2138 Source: www.zone-h.org
CISSP 2002 - 2010 1200 1000 800 3-Oct-02 30-Mar-10 600 400 200 0 Indonesia Malaysia Singapore
Competency vs Incident (Government Website 2010) 2500 2000 1500 Number of CISSP Number of Incident 1000 500 0 Indonesia Malaysia Singapore 26
As of Aug 2009 Number of (ISC)² Members in Various Asian Economies 2500 2000 1500 1000 500 0 Ho Ph Si Ind Au Ma Th Vi Ch Ko Ind ng etn ilip ng ail str on lay re ina ia ap an pin a am ali es Ko sia or d a ia es ng e
CISSP In the World 1000+ United States Canada United Kingdom Hong Kong Korea, South Singapore Australia Japan India 500+ Switzerland France Netherlands Germany Mexico Brazil Denmark China South Africa Belgium Malaysia 200+ Ireland Finland Spain Sweden Taiwan United Arab Emirates 100+ Poland Russia Saudi Arabia Italy Israel New Zealand Thailand
Facts about IT Security
Pencurian Data WORLD RECORD 140,000,000 2009 Heartland Payment 120,000,000 System 2008 T-Mobile, Deutche 100,000,000 Telecom 80,000,000 2007 TJX Companies Inc 2006 US Dept of Veteran Affairs 60,000,000 2005 CardSystem 40,000,000 2004 American Online 20,000,000 - 2003 2004 2005 2006 2007 2008 2009 2010 INDONESIA World 2008 Total Incident Reported Indonesia 32
Largest Incidents
CardSystems - Hacking Incident • Hackers had stolen 263,000 customer credit card numbers and exposed 40 million more. • In September 2004, hackers dropped a malicious script on the CardSystems application platform, injecting it via the Web application that customers use to access account information. The script, programmed to run every four days, extracted records, zipped them and exported them to an FTP site. • Visa and MasterCard threatened to terminate it as a transactions processor. • CardSystems acquire by PayByTouch, in October 2005.
Data Loss 2000-2009
GhostNet – Cyber Espionage (Report: 29 March 2009) • Infected 1.295 Computers Targeted at: – Ministries of foreign affairs, – Embassies, – International organizations, – News media, – and NGOs. • 103 Countries (Indonesia Included)
Motivation Behind Cyber Attacks • Just for FUN • Fame and popularity • Challenging activities • Ideological/political • Jealousy, anger • Revenge • Random attack • Personal financial gain • Organized crime for financial gain (FUND)
Change in the Security Landscape 5 Years Ago Now • Vandalism • Profit Oriented • Incident is known • Stealthy mode • Attack System • Attack Application and Data • Broad base • Targeted • Individual • Organized crime • (State) Sponsored Attack/ Espionage/Sabotage
Hacking itu Mudah 41
How to Mitigate Information Security Risk
Practical Personal Protection AIDS Acquired InfoSec Deficiency Syndrome
Regulation & Best Practice • Government & Industry Regulation – UU ITE 2008 (PP pendukung - 2010) – PP 60/2008 – PBI (Peraturan Bank Indonesia) 2007 – Basell II (Banking Industry) – PCI-DSS (Payment Card Industry Data Security Standard) – SOX (Sarbanes-Oxley Act) – JSOX (Japan SOX) • Best Practice / Standard / Framework – COBIT Framework – COSO Enterprise Risk Management Framework – ISO 27001 (SNI-ISO 27001 - Oct 2009), ISO 27002 – HISA Framework 47
HISA Framework Hogan Information Security Architecture Framework
Fractal
Risk Equation Risk = Threat X Vulnerability x Asset
Risk Factor = T x V x A
Minimum level of protection Risk Factor = T x V x A Threat Level
Risk Factor = T x V x A Potential Future Threat Current Threat
MV Dumai Express-18 dari Dumai tujuan Batam bocor dan tenggelam di Pulau Terkulai, Batupanjang, Dumai, 15 menit setelah bertolak dari Pelabuhan Dumai, Senin (28/9) sekitar pukul 10.00 WIB.
False Sense of Security
Non Effective Enforcement
Situ Gintung, Before and After 27 March 2009
Where is ISO 27001 Position in IT Governance? UU ITE, PP60/2008, PBI COSO COBIT / ISO 38500 ISO 20000 / ITIL V3 SNI-ISO 27001
UniPro Public Training Top Management Information Security Governance for Top Executive Manager Umum Information Security Governance for General Management End User Information Security Awareness & Security Policy Socialization Holistic Information Security IT Manager ISO 27001 Introduction Security Policy Formulation Holistic Information Security IT Application Web Application Hacking & Countermeasures Secure SDLC/CSSLP (Certified Secure Software Lifecycle Professional) Holistic Information Security Hacking Insight through Penetration Testing IT Network Wireless Hacking & Defense Packet Analysis & Troubleshoot Managerial Holistic Information Security IT Server Hacking Insight through Penetration Testing Holistic Information Security ISO 27001 Introduction ISO 27001 Implementation IT Security Manager Security Policy Formulation BCP / DRP CISSP (Certified Information Systems Security Professional) Holistic Information Security Incident Response & Handling Log Management & Analysis Hacking Insight through Penetration Testing IT Security Personnel Wireless Hacking & Defense Packet Analysis & Troubleshoot Forensic Investigation Analysis SSCP (Systems Security Certified Practitioner) Physical Security Information Security for Physical Security Personnel
ISO 27001 Series: International Standard for Information Security Management System • Based on British It include the following: Standard BS7799 that 1. Security Policy provide comprehensive 2. Organizing Information Security guidance on various 3. Asset Management controls for implementing 4. Human Resources Security information security. 5. Physical and Environmental Security 6. Communications and Operations • ISMS Best Practice Pair: Management 7. Access Control Criteria for Certification – ISO 27001: 2005 8. Information Systems Acquisition, Development and Maintenance (was BS 7799 - 2: 2005) Guideline for Best Practice 9. Information Security Incident Management – ISO 27002 10. Business Continuity Management (was17799: 2005) 11. Compliance.
ISO 27002
ISO 27001 Certificates in The World (Jan 2010) ISO 27001 Statistic: 81 Negara Japan 55% 4 Negara Asia di Top 5 5 Negara Asia di Top 10 Indonesia di posisi no. 42, terrendah diantara negara awal ASEAN. http://www.iso27001certificates.com
Information Security Solution
7 Flagship DETIKNAS • e-Education • e-Budgeting • e-Procurement • National Identity Number • National Single Window • Palapa Ring • Legalisasi Software 66
Tenaga Ahli Keamanan Indonesia High Level International Certification Skill of InfoSec Medium Level of InfoSec Care / Awareness
The Economic of Supply and Demand Red Ocean vs Blue Ocean Applicant Job APPLICANT JOB Applicant >> Job Job >> Applicant Many Other IT Skill InfoSec Skill
Job Posting (Required CISSP Certification. From www.isc2.org) Manager/Analyst/Engineer • Computer Systems Security • Manager, Security Program • Cyber Network Operations Management Planning Specialist - $75K • Network Security Manager • Cyber Security Specialist • Project Manager Data Center • Data & System Security • Security Operations Center Specialist Analyst • Digital Forensics Analyst • Security System • Functional Security/Penetration Administrator - $95K Testers/Telecommute • Senior Computer Forensic • Information Security Analyst Examiner • Information System Security • Technical Manager of (ISS) Project/Program Manager Applications Security • IT Security Specialist Consulting • Manager, Security Policy, • Technology Risk Analyst Compliance, and Risk • Vulnerability Management Management Engineer
Job Posting (Required CISSP Certification. From www.isc2.org) Consultant/Auditor Critical Infrastructure • Consulting Partner • Critical Infrastructure Protection Specialist • Entry Level IT • NATO Cyber Defence Security Consultant Coordinator • Information Others Technology (IT) • Recruiter Auditor • Sales Engineer • Senior IT Auditor • Senior Technical Recruiter, Human Resources • Technical Writer
Job Posting (Required CISSP Certification. From www.isc2.org) Business Function Executive Management • Analyst, Business • Chief Information Analysis (Security Due Security Officer Diligence) • Director of Security • Business Continuity and • Director, Information Operational Quality Security Assurance Role • VP Governance, Risk • Identity Management and Compliance Architect/Developer • VP Security Engineering • Senior Enterprise • VP, Enterprise Security Architect • VP/Information • Senior Information Assurance Assurance Engineer • Senior Security Architect
US Department of Defense Directive 8570 Information Security Certification Required for 2010 IAT Level I IAT Level II IAT Level III IAT : SSCP SSCP CISSP (or Associate) Information Assurance A+ GSEC CISA Technical Network + Security + GSE GCIH SCNP SCNA IAM : Information Assurance IAM Level I IAM Level II IAM Level III Management CAP CISSP (or Associate) CAP CISSP (or Associate) GISF GSLC CISM IASAE : CISM Security + GSLC GSLC Information Assurance Security Architecture IASAE I IASAE II IASAE III and Engineering CISSP (or Associate) CISSP – ISSAP CND : CISSP (or Associate) Computer Network CISSP – ISSEP Defense CND Infrastructure CND Incident CND-SP CND Analyst Support Reporter CND Auditor Manager Level I : Junior Level GCIH CISA Level II : Middle Level GCIA SSCP CISSP-ISSMP CSIH GSNA Level III : Senior Level CEH CEH CEH CISM CEH 72
FBI Recruit CISSP
Tenaga Ahli Keamanan Indonesia High Level International Certification Skill of InfoSec Medium Level of InfoSec Care / Awareness
Why UniPro ? Training Partner Technology Competence Certification Experience Partner Regulation & Standard : UU ITE , PBI, SNI ISO 27001 Customer Requirement, Career Opportunities
Your InfoSec Learning Path International Certification e.g. SSCP, CISSP-ISSAP Expert Advance Professional Essential Fundamental
TRAINING, HIRING & INCREASE CAREER PROGRAM 77
Special Note: Program THINC juga mendapat dukungan Balitbang SDM Kementerian Kominfo sebagai pengakuan kualitas serta seiring dengan VISI & MISI pemerintah. Program ini akan menjadi bagian dari SKKNI (Standar Kompetensi Kerja Nasional Indonesia) 78
Silver Program (Promo) • Essential Information Security (4 Days) • Enterprise Information Security Technology (6 Days) • Exam (1 Day) • Total (11 Days) 79
Essential Information Security No Training Module Day 1 Essential Information 2 Security Foundation 2 Essential Packet Analysis 1 3 Essential Web Application 1 Security 80
Essential Information Security Foundation Day I • Introduction • InfoSec Management Concept • InfoSec Practical Concept • Threat and Attack • Firewall Day II • Firewall • IDS/IPS • VPN • Data Protection 81
Essential Packet Analysis • TCP/IP Security • TCP/IP Header • Stimulus and Response • Tcpdump • Wireshark 82
Essential Web Application Security • Introduction to Web Threat • Assessment Method • Top 10 OWASP Vulnerability • Web Application Firewall 83
Enterprise InfoSec Technology No Training Module Day 1 Firewall Fundamental 1 2 Firewall 1 ( Check Point ) 1 3 Firewall 2 ( Juniper ) 1 4 IPS (TippingPoint) 1 5 Proxy (Blue Coat) 1 6 Load Balancer (F5) 1 84
Firewall Fundamental (1 Day). • Basic TCP/IP • Firewall Technology • Firewall Design & Rules • Firewall Rules & Discussion 85
Firewall 1 – Checkpoint (1 Day) • Checkpoint FW Secure Platform • Checkpoint FW Smart Management • Checkpoint FW Installation • Checkpoint FW Smart Management Installation • Policy Implementation 86
Firewall 2 - Juniper (1 Day) • Juniper Firewall Introduction • Juniper FW Installation • Policy Implementation • Multiple Layers Policy Implementation 87
Intrusion Prevention System (1 Day) • IPS Architecture • Tippingpoint IPS Introduction • Tippingpoint IPS Installation • Configuring Tippingpoint IPS • Customize Policy & Monitoring Log 88
Proxy (1 Day) • Bluecoat Introduction • Proxy Features & Topology • Bluecoat Proxy Installation • Configuring Bluecoat Proxy • Visual Policy Manager • Customize Policy & Monitoring log 89
Load Balancer (1 Day) • F5 Introduction • Load Balancer Introduction • F5 Installation • Configuring F5 LTM • Load Balancing Methodology • Monitoring Log & Performance 90
Pre-Requisite • Bahan/mata kuliah yang perlu dipelajari sebagai persiapan sebelum mengambil kelas THINC Silver: – Kelas Komunikasi Data – Kelas Jaringan Komputer – Sistem Operasi Komputer
Package Modules Day(s) Price Bronze A Essential Information Security 2 Rp. 1.300.000,- Foundation Essential Essential Packet Analysis 1 Rp. 650.000,- Information Security Essential Web Application Security 1 Rp. 650.000,- Bronze A Package 4 Rp. 2.200.000- Firewall Fundamental 1 Rp. 750.000,- Bronze B Firewall 1 ( Check Point ) 1 Rp. 750.000,- Enterprise Firewall 2 ( Juniper ) 1 Rp. 750.000,- InfoSec IPS (TippingPoint) 1 Rp. 750.000,- Technology Proxy (Blue Coat) 1 Rp. 750.000,- Load Balancer (F5) 1 Rp. 750.000,- Bronze B Package 6 Rp. 4.000.000- EXAM 1 Rp. 500.000,- Total Individual Modules + Exam 11 Rp. 7.600.000,- 92 Note: Minimum participant 32 student, maximum 40 per Class
Package Modules Day(s) Price Essential Information Security 2 Rp. 1.300.000,- Essential Foundation Information Security Essential Packet Analysis 1 Rp. 650.000,- Essential Web Application Security 1 Rp. 650.000,- Firewall Fundamental 1 Rp. 750.000,- Enterprise Firewall 1 ( Check Point ) 1 Rp. 750.000,- InfoSec Firewall 2 ( Juniper ) 1 Rp. 750.000,- Technology IPS (TippingPoint) 1 Rp. 750.000,- Proxy (Blue Coat) 1 Rp. 750.000,- Load Balancer (F5) 1 Rp. 750.000,- EXAM 1 Rp. 500.000,- Silver Package 11 Rp. 5.000.000,- 93 Note: Minimum participant 32 student, maximum 40 per Class
SILVER PROMO !!! PROGRAM SILVER PROMO Total Class 10 Days Training Exam 1 Day IDR 5 Million/Student PRICE 32 - 40 Students Per Class 94
INTEGRATION SIMULATION (2 Days With Real Lab IN JAKARTA) 95
Integration Simulation 96
Seat Invest Your Future NOW !! Limited A journey of a thousand miles begins with a single step Lao Tzu, Chinese Philosopher (6th Centuries BC)
Hogan Kusnadi - Information Security

Recommended

Dr. Eddy Soeryanto Soegoto - Peningkatan Mutu dan Daya Saing PT I & K
Dr. Eddy Soeryanto Soegoto - Peningkatan Mutu dan Daya Saing PT I & KDr. Eddy Soeryanto Soegoto - Peningkatan Mutu dan Daya Saing PT I & K
Dr. Eddy Soeryanto Soegoto - Peningkatan Mutu dan Daya Saing PT I & Kdonnyreza
 
Bambang Hariyanto - Model Belajar Berjenjang Ala Z2S Way
Bambang Hariyanto - Model Belajar Berjenjang Ala Z2S WayBambang Hariyanto - Model Belajar Berjenjang Ala Z2S Way
Bambang Hariyanto - Model Belajar Berjenjang Ala Z2S Waydonnyreza
 
System of Systems Information Interoperability using a Linked Dataspace
System of Systems Information Interoperability using a Linked DataspaceSystem of Systems Information Interoperability using a Linked Dataspace
System of Systems Information Interoperability using a Linked DataspaceEdward Curry
 
Securing Mobile - A Business Centric Approach
Securing Mobile - A Business Centric ApproachSecuring Mobile - A Business Centric Approach
Securing Mobile - A Business Centric ApproachSalahuddin Khawaja
 
Manfred Linking the Real World
Manfred Linking the Real WorldManfred Linking the Real World
Manfred Linking the Real Worldsssw2012
 
Using Linked Data and the Internet of Things for Energy Management
Using Linked Data and the Internet of Things for Energy ManagementUsing Linked Data and the Internet of Things for Energy Management
Using Linked Data and the Internet of Things for Energy ManagementEdward Curry
 
SAMBA - Luka Pavol - 12.3.2014
SAMBA - Luka Pavol - 12.3.2014SAMBA - Luka Pavol - 12.3.2014
SAMBA - Luka Pavol - 12.3.2014Anton Bittner
 
Enterprise Energy Management using a Linked Dataspace for Energy Intelligence
Enterprise Energy Management using a Linked Dataspace for Energy IntelligenceEnterprise Energy Management using a Linked Dataspace for Energy Intelligence
Enterprise Energy Management using a Linked Dataspace for Energy IntelligenceEdward Curry
 

Recommended

Dr. Eddy Soeryanto Soegoto - Peningkatan Mutu dan Daya Saing PT I & K
Dr. Eddy Soeryanto Soegoto - Peningkatan Mutu dan Daya Saing PT I & KDr. Eddy Soeryanto Soegoto - Peningkatan Mutu dan Daya Saing PT I & K
Dr. Eddy Soeryanto Soegoto - Peningkatan Mutu dan Daya Saing PT I & Kdonnyreza
 
Bambang Hariyanto - Model Belajar Berjenjang Ala Z2S Way
Bambang Hariyanto - Model Belajar Berjenjang Ala Z2S WayBambang Hariyanto - Model Belajar Berjenjang Ala Z2S Way
Bambang Hariyanto - Model Belajar Berjenjang Ala Z2S Waydonnyreza
 
System of Systems Information Interoperability using a Linked Dataspace
System of Systems Information Interoperability using a Linked DataspaceSystem of Systems Information Interoperability using a Linked Dataspace
System of Systems Information Interoperability using a Linked DataspaceEdward Curry
 
Securing Mobile - A Business Centric Approach
Securing Mobile - A Business Centric ApproachSecuring Mobile - A Business Centric Approach
Securing Mobile - A Business Centric ApproachSalahuddin Khawaja
 
Manfred Linking the Real World
Manfred Linking the Real WorldManfred Linking the Real World
Manfred Linking the Real Worldsssw2012
 
Using Linked Data and the Internet of Things for Energy Management
Using Linked Data and the Internet of Things for Energy ManagementUsing Linked Data and the Internet of Things for Energy Management
Using Linked Data and the Internet of Things for Energy ManagementEdward Curry
 
SAMBA - Luka Pavol - 12.3.2014
SAMBA - Luka Pavol - 12.3.2014SAMBA - Luka Pavol - 12.3.2014
SAMBA - Luka Pavol - 12.3.2014Anton Bittner
 
Enterprise Energy Management using a Linked Dataspace for Energy Intelligence
Enterprise Energy Management using a Linked Dataspace for Energy IntelligenceEnterprise Energy Management using a Linked Dataspace for Energy Intelligence
Enterprise Energy Management using a Linked Dataspace for Energy IntelligenceEdward Curry
 
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfEnzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfSumit Tiwari
 
Proudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxProudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxthorishapillay1
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsanshu789521
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxVS Mahajan Coaching Centre
 
internship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developerinternship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developerunnathinaik
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxmanuelaromero2013
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionSafetyChain Software
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityGeoBlogs
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxOH TEIK BIN
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxiammrhaywood
 
Blooming Together_ Growing a Community Garden Worksheet.docx
Blooming Together_ Growing a Community Garden Worksheet.docxBlooming Together_ Growing a Community Garden Worksheet.docx
Blooming Together_ Growing a Community Garden Worksheet.docxUnboundStockton
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentInMediaRes1
 
Final demo Grade 9 for demo Plan dessert.pptx
Final demo Grade 9 for demo Plan dessert.pptxFinal demo Grade 9 for demo Plan dessert.pptx
Final demo Grade 9 for demo Plan dessert.pptxAvyJaneVismanos
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Sapana Sha
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxSayali Powar
 
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Celine George
 
Science 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsScience 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsKarinaGenton
 
2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by HubspotMarius Sescu
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTExpeed Software
 

More Related Content

Recently uploaded

Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfEnzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfSumit Tiwari
 
Proudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxProudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxthorishapillay1
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsanshu789521
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxVS Mahajan Coaching Centre
 
internship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developerinternship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developerunnathinaik
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxmanuelaromero2013
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionSafetyChain Software
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityGeoBlogs
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxOH TEIK BIN
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxiammrhaywood
 
Blooming Together_ Growing a Community Garden Worksheet.docx
Blooming Together_ Growing a Community Garden Worksheet.docxBlooming Together_ Growing a Community Garden Worksheet.docx
Blooming Together_ Growing a Community Garden Worksheet.docxUnboundStockton
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentInMediaRes1
 
Final demo Grade 9 for demo Plan dessert.pptx
Final demo Grade 9 for demo Plan dessert.pptxFinal demo Grade 9 for demo Plan dessert.pptx
Final demo Grade 9 for demo Plan dessert.pptxAvyJaneVismanos
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Sapana Sha
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxSayali Powar
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Celine George
 
Science 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsScience 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsKarinaGenton
 

Recently uploaded (20)

Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfEnzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
 
Proudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxProudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptx
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha elections
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
 
internship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developerinternship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developer
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptx
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory Inspection
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptx
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
 
Blooming Together_ Growing a Community Garden Worksheet.docx
Blooming Together_ Growing a Community Garden Worksheet.docxBlooming Together_ Growing a Community Garden Worksheet.docx
Blooming Together_ Growing a Community Garden Worksheet.docx
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media Component
 
Final demo Grade 9 for demo Plan dessert.pptx
Final demo Grade 9 for demo Plan dessert.pptxFinal demo Grade 9 for demo Plan dessert.pptx
Final demo Grade 9 for demo Plan dessert.pptx
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
 
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
 
Science 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsScience 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its Characteristics
 

Featured

2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by HubspotMarius Sescu
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTExpeed Software
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsPixeldarts
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthThinkNow
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfmarketingartwork
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024Neil Kimberley
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)contently
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024Albert Qian
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsKurio // The Social Media Age(ncy)
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Search Engine Journal
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summarySpeakerHub
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next Tessa Mero
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentLily Ray
 
Introduction to Data Science
Introduction to Data ScienceIntroduction to Data Science
Introduction to Data ScienceChristy Abraham Joy
 
Time Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesTime Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesVit Horky
 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project managementMindGenius
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...RachelPearson36
 

Featured (20)

2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPT
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage Engineerings
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental Health
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
 
Skeleton Culture Code
Skeleton Culture CodeSkeleton Culture Code
Skeleton Culture Code
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search Intent
 
How to have difficult conversations
How to have difficult conversations How to have difficult conversations
How to have difficult conversations
 
Introduction to Data Science
Introduction to Data ScienceIntroduction to Data Science
Introduction to Data Science
 
Time Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesTime Management & Productivity - Best Practices
Time Management & Productivity - Best Practices
 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project management
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
 

Hogan Kusnadi - Information Security

  • 1. Information Security Trend, Knowledge and Promising Career Medan, 12 Juni 2010 Delivering Quality and Competence 1 TRAINING, HIRING & INCREASE CAREER
  • 2. By: Ir. Hogan Kusnadi, MSc, CISSP-ISSAP, CISA (Certified Information Systems Security Professional) (Information Systems Security Architecture Professional) (Certified Information Systems Auditor) Certified Consultant for ISO 27001/27002 Founder and Director PT. UniPro Nuansa Indonesia E-mail: hogan@unipro.co.id www.unipro.co.id blog.unipro.co.id •
  • 3. Kegiatan dan Keanggotaan Terkait Keamanan Informasi • Ketua Sub Panitia Teknis Kementrian Kominfo dan BSN, untuk Keamanan Informasi, mengadopsi ISO 27001, ISO 27002 seri lain dari ISO 27000. • MASPI (Masyarakat Sandi dan Keamanan Informasi). Anggota Pendiri dan Ketua Bidang Pengembangan Kompetensi (2006). • (ISC)2 International Information Systems Security Certification Consortium • ISACA (Information Systems Audit and Control Association), Member. • Mantan anggota Menkominfo “Task Force Pengamanan dan Perlindungan Infrastruktur Strategis Berbasis Teknologi Informasi” (2004) • Mantan Anggota Pokja EVATIK DETIKNAS (2007)
  • 5. Holistic Information Security People – Process - Technology
  • 7. Partner UniPro Training Partner Service Partner Technology Partner 7
  • 12. Digital Lifestyle & Workstyle
  • 13. Akses dan Transaksi • Dimana saja • Kapan Saja • Siapa Saja
  • 14.
  • 16. Manfaat vs Risiko Multi Fungsi Database Application Web Application Fleksibel Client Server Mudah digunakan Networking Integration Manfaat Cloud Computing Kerahasiaan Integritas Risiko Identity Theft Information Theft Ketersediaan Information Theft Otentisitas Industrial/State Espionage Distributed Denial of Service Nir Sangkal
  • 18. INFORMATION SECURITY RISK R P R O I T Bussiness Process E C S Information Assets T I K O SAFE N 18
  • 19. Information Security Attack / Incident
  • 20. Serangan Keamanan Informasi di Indonesia • Malicious Ware (Virus, Worm, Spyware, Keylogger, DOS, DDOS, etc) • Spam, Phising • Pencurian Identitas * • Data Leakage/Theft • Web Defaced • Web Transaction Attack • Misuse of IT Resources * Pencurian via ATM (Jan 2010)
  • 21. Serangan Terhadap Website Indonesia Domain .id 1998 – 2009 792 .go.id 2138 846 .co.id .or.id 1463 .ac.id Source: www.zone-h.org
  • 22.
  • 23.
  • 24. Serangan Terhadap Website Government Domain 1998 - 2009 17 711 .go.id .gov.my .gov.sg 2138 Source: www.zone-h.org
  • 25. CISSP 2002 - 2010 1200 1000 800 3-Oct-02 30-Mar-10 600 400 200 0 Indonesia Malaysia Singapore
  • 26. Competency vs Incident (Government Website 2010) 2500 2000 1500 Number of CISSP Number of Incident 1000 500 0 Indonesia Malaysia Singapore 26
  • 27. As of Aug 2009 Number of (ISC)² Members in Various Asian Economies 2500 2000 1500 1000 500 0 Ho Ph Si Ind Au Ma Th Vi Ch Ko Ind ng etn ilip ng ail str on lay re ina ia ap an pin a am ali es Ko sia or d a ia es ng e
  • 28. CISSP In the World 1000+ United States Canada United Kingdom Hong Kong Korea, South Singapore Australia Japan India 500+ Switzerland France Netherlands Germany Mexico Brazil Denmark China South Africa Belgium Malaysia 200+ Ireland Finland Spain Sweden Taiwan United Arab Emirates 100+ Poland Russia Saudi Arabia Italy Israel New Zealand Thailand
  • 29. Facts about IT Security
  • 30.
  • 31.
  • 32. Pencurian Data WORLD RECORD 140,000,000 2009 Heartland Payment 120,000,000 System 2008 T-Mobile, Deutche 100,000,000 Telecom 80,000,000 2007 TJX Companies Inc 2006 US Dept of Veteran Affairs 60,000,000 2005 CardSystem 40,000,000 2004 American Online 20,000,000 - 2003 2004 2005 2006 2007 2008 2009 2010 INDONESIA World 2008 Total Incident Reported Indonesia 32
  • 34. CardSystems - Hacking Incident • Hackers had stolen 263,000 customer credit card numbers and exposed 40 million more. • In September 2004, hackers dropped a malicious script on the CardSystems application platform, injecting it via the Web application that customers use to access account information. The script, programmed to run every four days, extracted records, zipped them and exported them to an FTP site. • Visa and MasterCard threatened to terminate it as a transactions processor. • CardSystems acquire by PayByTouch, in October 2005.
  • 36. GhostNet – Cyber Espionage (Report: 29 March 2009) • Infected 1.295 Computers Targeted at: – Ministries of foreign affairs, – Embassies, – International organizations, – News media, – and NGOs. • 103 Countries (Indonesia Included)
  • 37.
  • 38. Motivation Behind Cyber Attacks • Just for FUN • Fame and popularity • Challenging activities • Ideological/political • Jealousy, anger • Revenge • Random attack • Personal financial gain • Organized crime for financial gain (FUND)
  • 39. Change in the Security Landscape 5 Years Ago Now • Vandalism • Profit Oriented • Incident is known • Stealthy mode • Attack System • Attack Application and Data • Broad base • Targeted • Individual • Organized crime • (State) Sponsored Attack/ Espionage/Sabotage
  • 41.
  • 42. How to Mitigate Information Security Risk
  • 43.
  • 44. Practical Personal Protection AIDS Acquired InfoSec Deficiency Syndrome
  • 45.
  • 46. Regulation & Best Practice • Government & Industry Regulation – UU ITE 2008 (PP pendukung - 2010) – PP 60/2008 – PBI (Peraturan Bank Indonesia) 2007 – Basell II (Banking Industry) – PCI-DSS (Payment Card Industry Data Security Standard) – SOX (Sarbanes-Oxley Act) – JSOX (Japan SOX) • Best Practice / Standard / Framework – COBIT Framework – COSO Enterprise Risk Management Framework – ISO 27001 (SNI-ISO 27001 - Oct 2009), ISO 27002 – HISA Framework 47
  • 47. HISA Framework Hogan Information Security Architecture Framework
  • 49. Risk Equation Risk = Threat X Vulnerability x Asset
  • 50. Risk Factor = T x V x A
  • 51. Minimum level of protection Risk Factor = T x V x A Threat Level
  • 52. Risk Factor = T x V x A Potential Future Threat Current Threat
  • 53. MV Dumai Express-18 dari Dumai tujuan Batam bocor dan tenggelam di Pulau Terkulai, Batupanjang, Dumai, 15 menit setelah bertolak dari Pelabuhan Dumai, Senin (28/9) sekitar pukul 10.00 WIB.
  • 54. False Sense of Security
  • 56. Situ Gintung, Before and After 27 March 2009
  • 57. Where is ISO 27001 Position in IT Governance? UU ITE, PP60/2008, PBI COSO COBIT / ISO 38500 ISO 20000 / ITIL V3 SNI-ISO 27001
  • 58. UniPro Public Training Top Management Information Security Governance for Top Executive Manager Umum Information Security Governance for General Management End User Information Security Awareness & Security Policy Socialization Holistic Information Security IT Manager ISO 27001 Introduction Security Policy Formulation Holistic Information Security IT Application Web Application Hacking & Countermeasures Secure SDLC/CSSLP (Certified Secure Software Lifecycle Professional) Holistic Information Security Hacking Insight through Penetration Testing IT Network Wireless Hacking & Defense Packet Analysis & Troubleshoot Managerial Holistic Information Security IT Server Hacking Insight through Penetration Testing Holistic Information Security ISO 27001 Introduction ISO 27001 Implementation IT Security Manager Security Policy Formulation BCP / DRP CISSP (Certified Information Systems Security Professional) Holistic Information Security Incident Response & Handling Log Management & Analysis Hacking Insight through Penetration Testing IT Security Personnel Wireless Hacking & Defense Packet Analysis & Troubleshoot Forensic Investigation Analysis SSCP (Systems Security Certified Practitioner) Physical Security Information Security for Physical Security Personnel
  • 59. ISO 27001 Series: International Standard for Information Security Management System • Based on British It include the following: Standard BS7799 that 1. Security Policy provide comprehensive 2. Organizing Information Security guidance on various 3. Asset Management controls for implementing 4. Human Resources Security information security. 5. Physical and Environmental Security 6. Communications and Operations • ISMS Best Practice Pair: Management 7. Access Control Criteria for Certification – ISO 27001: 2005 8. Information Systems Acquisition, Development and Maintenance (was BS 7799 - 2: 2005) Guideline for Best Practice 9. Information Security Incident Management – ISO 27002 10. Business Continuity Management (was17799: 2005) 11. Compliance.
  • 61.
  • 62. ISO 27001 Certificates in The World (Jan 2010) ISO 27001 Statistic: 81 Negara Japan 55% 4 Negara Asia di Top 5 5 Negara Asia di Top 10 Indonesia di posisi no. 42, terrendah diantara negara awal ASEAN. http://www.iso27001certificates.com
  • 63.
  • 65. 7 Flagship DETIKNAS • e-Education • e-Budgeting • e-Procurement • National Identity Number • National Single Window • Palapa Ring • Legalisasi Software 66
  • 66. Tenaga Ahli Keamanan Indonesia High Level International Certification Skill of InfoSec Medium Level of InfoSec Care / Awareness
  • 67. The Economic of Supply and Demand Red Ocean vs Blue Ocean Applicant Job APPLICANT JOB Applicant >> Job Job >> Applicant Many Other IT Skill InfoSec Skill
  • 68. Job Posting (Required CISSP Certification. From www.isc2.org) Manager/Analyst/Engineer • Computer Systems Security • Manager, Security Program • Cyber Network Operations Management Planning Specialist - $75K • Network Security Manager • Cyber Security Specialist • Project Manager Data Center • Data & System Security • Security Operations Center Specialist Analyst • Digital Forensics Analyst • Security System • Functional Security/Penetration Administrator - $95K Testers/Telecommute • Senior Computer Forensic • Information Security Analyst Examiner • Information System Security • Technical Manager of (ISS) Project/Program Manager Applications Security • IT Security Specialist Consulting • Manager, Security Policy, • Technology Risk Analyst Compliance, and Risk • Vulnerability Management Management Engineer
  • 69. Job Posting (Required CISSP Certification. From www.isc2.org) Consultant/Auditor Critical Infrastructure • Consulting Partner • Critical Infrastructure Protection Specialist • Entry Level IT • NATO Cyber Defence Security Consultant Coordinator • Information Others Technology (IT) • Recruiter Auditor • Sales Engineer • Senior IT Auditor • Senior Technical Recruiter, Human Resources • Technical Writer
  • 70. Job Posting (Required CISSP Certification. From www.isc2.org) Business Function Executive Management • Analyst, Business • Chief Information Analysis (Security Due Security Officer Diligence) • Director of Security • Business Continuity and • Director, Information Operational Quality Security Assurance Role • VP Governance, Risk • Identity Management and Compliance Architect/Developer • VP Security Engineering • Senior Enterprise • VP, Enterprise Security Architect • VP/Information • Senior Information Assurance Assurance Engineer • Senior Security Architect
  • 71. US Department of Defense Directive 8570 Information Security Certification Required for 2010 IAT Level I IAT Level II IAT Level III IAT : SSCP SSCP CISSP (or Associate) Information Assurance A+ GSEC CISA Technical Network + Security + GSE GCIH SCNP SCNA IAM : Information Assurance IAM Level I IAM Level II IAM Level III Management CAP CISSP (or Associate) CAP CISSP (or Associate) GISF GSLC CISM IASAE : CISM Security + GSLC GSLC Information Assurance Security Architecture IASAE I IASAE II IASAE III and Engineering CISSP (or Associate) CISSP – ISSAP CND : CISSP (or Associate) Computer Network CISSP – ISSEP Defense CND Infrastructure CND Incident CND-SP CND Analyst Support Reporter CND Auditor Manager Level I : Junior Level GCIH CISA Level II : Middle Level GCIA SSCP CISSP-ISSMP CSIH GSNA Level III : Senior Level CEH CEH CEH CISM CEH 72
  • 73. Tenaga Ahli Keamanan Indonesia High Level International Certification Skill of InfoSec Medium Level of InfoSec Care / Awareness
  • 74. Why UniPro ? Training Partner Technology Competence Certification Experience Partner Regulation & Standard : UU ITE , PBI, SNI ISO 27001 Customer Requirement, Career Opportunities
  • 75. Your InfoSec Learning Path International Certification e.g. SSCP, CISSP-ISSAP Expert Advance Professional Essential Fundamental
  • 76. TRAINING, HIRING & INCREASE CAREER PROGRAM 77
  • 77. Special Note: Program THINC juga mendapat dukungan Balitbang SDM Kementerian Kominfo sebagai pengakuan kualitas serta seiring dengan VISI & MISI pemerintah. Program ini akan menjadi bagian dari SKKNI (Standar Kompetensi Kerja Nasional Indonesia) 78
  • 78. Silver Program (Promo) • Essential Information Security (4 Days) • Enterprise Information Security Technology (6 Days) • Exam (1 Day) • Total (11 Days) 79
  • 79. Essential Information Security No Training Module Day 1 Essential Information 2 Security Foundation 2 Essential Packet Analysis 1 3 Essential Web Application 1 Security 80
  • 80. Essential Information Security Foundation Day I • Introduction • InfoSec Management Concept • InfoSec Practical Concept • Threat and Attack • Firewall Day II • Firewall • IDS/IPS • VPN • Data Protection 81
  • 81. Essential Packet Analysis • TCP/IP Security • TCP/IP Header • Stimulus and Response • Tcpdump • Wireshark 82
  • 82. Essential Web Application Security • Introduction to Web Threat • Assessment Method • Top 10 OWASP Vulnerability • Web Application Firewall 83
  • 83. Enterprise InfoSec Technology No Training Module Day 1 Firewall Fundamental 1 2 Firewall 1 ( Check Point ) 1 3 Firewall 2 ( Juniper ) 1 4 IPS (TippingPoint) 1 5 Proxy (Blue Coat) 1 6 Load Balancer (F5) 1 84
  • 84. Firewall Fundamental (1 Day). • Basic TCP/IP • Firewall Technology • Firewall Design & Rules • Firewall Rules & Discussion 85
  • 85. Firewall 1 – Checkpoint (1 Day) • Checkpoint FW Secure Platform • Checkpoint FW Smart Management • Checkpoint FW Installation • Checkpoint FW Smart Management Installation • Policy Implementation 86
  • 86. Firewall 2 - Juniper (1 Day) • Juniper Firewall Introduction • Juniper FW Installation • Policy Implementation • Multiple Layers Policy Implementation 87
  • 87. Intrusion Prevention System (1 Day) • IPS Architecture • Tippingpoint IPS Introduction • Tippingpoint IPS Installation • Configuring Tippingpoint IPS • Customize Policy & Monitoring Log 88
  • 88. Proxy (1 Day) • Bluecoat Introduction • Proxy Features & Topology • Bluecoat Proxy Installation • Configuring Bluecoat Proxy • Visual Policy Manager • Customize Policy & Monitoring log 89
  • 89. Load Balancer (1 Day) • F5 Introduction • Load Balancer Introduction • F5 Installation • Configuring F5 LTM • Load Balancing Methodology • Monitoring Log & Performance 90
  • 90. Pre-Requisite • Bahan/mata kuliah yang perlu dipelajari sebagai persiapan sebelum mengambil kelas THINC Silver: – Kelas Komunikasi Data – Kelas Jaringan Komputer – Sistem Operasi Komputer
  • 91. Package Modules Day(s) Price Bronze A Essential Information Security 2 Rp. 1.300.000,- Foundation Essential Essential Packet Analysis 1 Rp. 650.000,- Information Security Essential Web Application Security 1 Rp. 650.000,- Bronze A Package 4 Rp. 2.200.000- Firewall Fundamental 1 Rp. 750.000,- Bronze B Firewall 1 ( Check Point ) 1 Rp. 750.000,- Enterprise Firewall 2 ( Juniper ) 1 Rp. 750.000,- InfoSec IPS (TippingPoint) 1 Rp. 750.000,- Technology Proxy (Blue Coat) 1 Rp. 750.000,- Load Balancer (F5) 1 Rp. 750.000,- Bronze B Package 6 Rp. 4.000.000- EXAM 1 Rp. 500.000,- Total Individual Modules + Exam 11 Rp. 7.600.000,- 92 Note: Minimum participant 32 student, maximum 40 per Class
  • 92. Package Modules Day(s) Price Essential Information Security 2 Rp. 1.300.000,- Essential Foundation Information Security Essential Packet Analysis 1 Rp. 650.000,- Essential Web Application Security 1 Rp. 650.000,- Firewall Fundamental 1 Rp. 750.000,- Enterprise Firewall 1 ( Check Point ) 1 Rp. 750.000,- InfoSec Firewall 2 ( Juniper ) 1 Rp. 750.000,- Technology IPS (TippingPoint) 1 Rp. 750.000,- Proxy (Blue Coat) 1 Rp. 750.000,- Load Balancer (F5) 1 Rp. 750.000,- EXAM 1 Rp. 500.000,- Silver Package 11 Rp. 5.000.000,- 93 Note: Minimum participant 32 student, maximum 40 per Class
  • 93. SILVER PROMO !!! PROGRAM SILVER PROMO Total Class 10 Days Training Exam 1 Day IDR 5 Million/Student PRICE 32 - 40 Students Per Class 94
  • 94. INTEGRATION SIMULATION (2 Days With Real Lab IN JAKARTA) 95
  • 96. Seat Invest Your Future NOW !! Limited A journey of a thousand miles begins with a single step Lao Tzu, Chinese Philosopher (6th Centuries BC)