The Implementation of Cyber Incident Management Frameworks in Indonesia
Abstract
The rise of cyber attacks occurring in Indonesia could potentially cause incidents in institutions/companies. To anticipate these incidents, each institution/company need to prepare themselves by implementing proper incident management. There are a lot of incident management frameworks that can be used as a guideline in the implementation. But on the other hand, institutions/companies sometimes find it difficult to select the appropriate and suitable framework to use. The authors employed qualitative research methods using the data acquired from primary data (interviews) and secondary data (documentation). The data analysis techniques used were comparative analyses which included theoretical analysis, activity analysis, and analysis of the scope of incident management. The result of the analysis of the incident management scope was then validated using data triangulation method. Based on the theory analysis, there are differences on the 2 (two) compared incident management frameworks. These differences are seen from the definition of the activity-levelling scheme, definition of the maturity level of the incident management implementation, and the number of activities in the frameworks that can be implemented. The framework activities can be categorised into two, namely similar activities and different activities. There are 35 scopes of framework that can be considered as incident management processes.
Copyright (c) 2020 Jurnal Teknologi Informasi dan Pendidikan
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.