TataKelola dan KamSiber Kecerdasan Buatan v022.pdf

Tata Kelola dan Keamanan Siber
untuk
Kecerdasan Buatan
S A R WON O S U T I K N O, D R . E N G.
K U L I A H U MU M – I T E R A
K A MI S 2 5 A P R I L 2 0 2 4
V 0 2 2

Agenda
1.Sekilas CyberSecurity
2.Sekilas Kecerdasan Buatan (AI)
3.Inisiatif Keamanan AI
4.Usulan untuk Indonesia
5.Diskusi
2

• Cybersecurity https://s.id/WEF-Cybersecurity:
• Kecerdasan Buatan https://s.id/WEF-AI
https://s.id/WEF-Cybersecurity https://s.id/WEF-AI
3

Agenda
5.Diskusi
4

• Cybercrime
• Cybersecurity and Regulation
• Cybersecurity Skills Gap https://s.id/WEF-SG
• Critical Infrastructure and Cyber Resilience
• Cyber Risk Governance
• Cybersecurity and New Technologies
• Cyber Diplomacy and International Security
• Cyber and Supply Chain Risk
• Kecerdasan Buatan https://s.id/WEF-AI
5

https://s.id/WEF-SG
CyberSecurity Skills Gap:
• Corporate Governance
• Data Science
• Agile Governance
• Leadership
• Youth Perspectives
• Systemic Racism
• Gender Inequality
• Education
• Innovation
6

https://s.id/WEF-CorpGoV
Corporate Governance:
• Workplace Culture and
Incentives
• Purpose Driven Strategy
and Capital Allocation
• Tech Governance
• Stakeholder Engagement
and Cultivating Trust
• Values, Ethics and Integrity
• Oversight, Integrated
Assurance and Disclosure
• Managing Enterprise and
Emerging Risks
7

https://s.id/WEF-DataScience
8

https://s.id/WEF-Leadership 9
Leadership:
• Technology Leadership
• Responsibility and Accountability
• Entrepreneurial Leadership
• Systems Leadership
• Shaping Societies
• AdaptiveLeadership

https://s.id/WEF-Edu
1 0
Education:
• Education Innovation
• Lifelong Learning Pathways
• Quality Basic Education
• Relevant Continuing Education
• Digital Fluency and STEM Skills
• Core Soft Skills

CyberSecurity Skills Gap
ISACA researchers identified several core challenges, 2020:
• Shortage of qualified candidates
• Skills gap
• Attrition
• Unrealistic requirements
• Low salaries
• Lack of commitment to training
1 1

Agenda
1.Ikhtisar CyberSecurity
2.Ikhtisar Kecerdasan Buatan (AI)
5.Diskusi
1 2

• Kecerdasan Buatan https://s.id/WEF-AI :
• AI for What Purpose? https://s.id/WEF-AIfWPurp
• Generative AI https://s.id/WEF-GenAI
• Bias and Fairness in AI Algorithms https://s.id/WEF-BiasAI
• AI and the Future Jobs https://s.id/WEF-AIFJob
• Can AI Overcome Its Limitations?
• The Geopolitical Impacts of AI
• Operationalizing Responsible AI https://s.id/WEF-OpRespAI
• AI, Diversity, and Inclusion
1 3

AI for What Purpose?
• Justice and Law
• Ocean
• Mobility
• Science
• Digital Identity
• Health and Healthcare
• International Security
• Global Governance
• Values
• Global Risks
• Systemic Racism
• Human Rights
• The Digital Economy
• Education
https://s.id/WEF-AIfWPurp
1 4

Generative AI
• Fourth Industrial Revolution
• Education
• Future of Work
• Economic Progress
• Arts and Culture
• Civic Participation
• Health and Healthcare
• Internet Governance
• Media, Entertainment and Sport
https://s.id/WEF-GenAI
1 5

Bias and Fairness in AI
Algorithms
https://s.id/WEF-BiasAI
1 6

AI and the Future Jobs:
• Human Rights
• Entrepreneurship
• Education
• Future fo Work
• Advanced Manufacturing
• Mental Health
• Economic Progress
• Mining and Metals
• Media, Entertainment and
Sport
https://s.id/WEF-AIFJob 1 7

Operationalizing Responsible AI:
• Education
• Future of Work
• Justice and Law
• Leadership
• Global Governance
https://s.id/WEF-OpRespAI
1 8

Agenda
5.Diskusi
1 9

Risiko Positif dan Risiko Negatif AI
1.Positive Risks (Opportunities):
• Efficiency and Automation.
• Enhanced Decision-Making
• Innovation and Creativity
• Healthcare Advancements
2.Negative Risks (Challenges):
• Bias and Fairness
• Malicious Use
• Job Displacement
• Lack of Transparency
• Privacy Concerns
2 0

ARTIFICIAL INTELLIGENCE (AI) GOVERNANCE AND CYBER-SECURITY, A beginner’s guide to governing and securing AI, Taimur Ijlal, 2022
2 2

ARTIFICIAL INTELLIGENCE (AI) GOVERNANCE AND CYBER-SECURITY, A beginner’s guide to governing and securing AI, Taimur Ijlal, 2022 2 3

Agenda
5.Diskusi
2 6

PP60/2008 Sistem Pengendalian Intern Pemerintah – COSO, COSO ERM:
• Lingkungan Pengendalian
• Penilaian Risiko
• Kegiatan Pengendalian
• Informasi dan Komunikasi
• Pemantauan pengendalian intern
COBIT 2019 – COBIT Focus for Information and Technology Risk
SNI ISO 27001 Information Security Management System series
MITRE ATT&CK
=====
2 7
Keadaan Indonesia sekarang

PP60/2008 Sistem Pengendalian Intern Pemerintah – COSO, COSO ERM:
• Lingkungan Pengendalian
• Penilaian Risiko
• Kegiatan Pengendalian
• Informasi dan Komunikasi
• Pemantauan pengendalian intern
COBIT 2019 – COBIT Focus for Information and Technology Risk
SNI ISO 27001 Information Security Management System series
MITRE ATT&CK
=====
• SNI ISO/IEC TR 29119-11:2020 Rekayasa perangkat lunak dan sistem — Pengujian perangkat lunak —
Bagian 11: Panduan pengujian sistem berbasis Kecerdasan Artificial
• ISO/IEC 42001:2023 - Information technology - Artificial intelligence - Management system
• ISO/IEC 23894:2023 - Information technology - Artificial intelligence - Guidance on risk management
• SNI ISO/IEC 23053:2022 - Framework for Artificial Intelligence (AI) Systems Using Machine Learning (ML)
• RSNI ISO/IEC 22989:2022 - Artificial intelligence concepts and terminology
• SNI ISO/IEC 38507:2022 Governance of IT - Governance implications of the use of artificial intelligence
by organizations
2 8
Keadaan Indonesia sekarang + usul

Combining COSO ERM, COBIT 2019, SAIF, the ISO/IEC 27001 family, and MITRE ATLAS
Strengths of the Combined Framework:
•Complementary Focus: Each framework addresses a distinct aspect of AI security, creating a layered approach:
• COSO ERM: Identifies AI-related risks within the broader enterprise risk landscape.
• COBIT 2019: Provides IT governance best practices for developing and deploying AI systems securely.
• SAIF (Google Secure AI Framework): Guides securing AI systems themselves, addressing unique AI risks.
• ISO 27001: Defines a structured method for implementing security controls for AI systems.
• MITRE ATLAS: Offers a knowledge base of adversarial tactics, techniques, and case studies (TT&Cs) specifically ta
•Benefits:
• Comprehensive Security: Addresses a wide range of AI security concerns, from enterprise risk to technical contro
• Aligned with Business Goals: COBIT 2019 ensures AI development aligns with business objectives.
• Structured Approach: ISO 27001 provides a structured method for implementing security controls.
• Focus on AI-Specific Risks: SAIF tackles unique security challenges posed by AI systems.
• Proactive Defense: MITRE ATLAS helps anticipate and prevent potential attacks on AI systems.
2 9

Agenda
5.Diskusi
3 0

Diskusi
• Kerangka Tata Kelola dan Keamanan Siber ditambah risiko
Kecerdasan Buatan
• Berbagai usulan Kerangka (Risiko) Kecerdasan Buatan
• Kecerdasan Buatan masih berkembang termasuk risikonya
• Manfaatkan risiko positif dan cegah risiko negatif
3 1

Diskusi
• Kerangka Tata Kelola dan Keamanan Siber ditambah risiko
Kecerdasan Buatan
• Berbagai usulan Kerangka (Risiko) Kecerdasan Buatan
• Kecerdasan Buatan masih berkembang termasuk risikonya
• Manfaatkan risiko positif dan cegah risiko negative
• Jujur dan amanah
3 2

TataKelola dan KamSiber Kecerdasan Buatan v022.pdf

Recommended

Recommended

More Related Content

Similar to TataKelola dan KamSiber Kecerdasan Buatan v022.pdf

Similar to TataKelola dan KamSiber Kecerdasan Buatan v022.pdf (20)

More from Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F

More from Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F (20)

Recently uploaded

Recently uploaded (20)

TataKelola dan KamSiber Kecerdasan Buatan v022.pdf