Become Expert of Infosec and Digital Economy

     Indonesia developed the National Strategy on Artificial Intelligence and the Digital Indonesia Vision 2045. The plan outlines five strategic priority areas: 1. Health; 2. Bureaucratic Reform; 3. Education and Research; 4. Food Security; 5. Smart City and Mobility.      The plan includes four focus areas to support the nation's AI aspirations: 1. Ethics and Policies; 2. Data and Infrastructure; 3. Talent Development; 4. Industrial Research and Innovation.     AI is implemented in various sectors in Indonesia, spanning education, finance and banking, logistics, human resources, health, cybersecurity, customer service technology, etc. As of 2023, the market size of AI in Indonesia reached approximately 1.8 billion U.S dollars, and it is projected to grow sixfold by 2030.      My organisation, Ministry of Communications and Informatics issued Circular Letter  of the Minister of Communications and Informatics (MOCI) Number 9 of...

Saat ini, belahan dunia banyak mengalami serangan malware khususnya ransomware. Serangan ransomware secara umum memiliki motif finansial dan meminta uang tebusan dari korban. Brain Cipher merupakan ransomware yang tergolong baru dan berdasarkan laporan dari Broadcom/Symantec merupakan varian dari Lockbit 3.0. Nama Brain Cipher Ransomware  muncul dalam catatan tebusan mereka untuk para korbannya.  Laporan Symantec ini diunggah pada 16 Juni 2024, sehari sebelum VMware melaporkan celah keamanan VMSA-2024-0012 yaitu 17 Juni 2024 atau 4 hari sebelum PDNS mengalami gangguan yaitu tanggal 20 Juni 2024. Pembuat Brain Cipher menggunakan metode double extortion-exfiltaring untuk data sensitif dan mengenkripsi data tersebut. "Kelompok ini tampaknya melakukan pemerasan ganda, menyusup ke dalam data sensitif dan mengenkripsinya. Para korban diberikan ID enkripsi untuk digunakan di situs Web Onion milik kelompok ini untuk menghubungi mereka, "tulis Symantec dalam laman resmi mereka. Symant...

Regarding the Minister Regulation No 11 of 2022 on Electronic Certification Governance, the organization must follow the procedures which is consist of:  Certification Authority possesses Indonesian legal entity, located in Indonesia and recognized by the Minister Communication and Informatics Republic of Indonesia. Certification Authority must conduct business entity  in the field of ICT which is proven by business license from Online Single Submission (OSS). There are the administrative requirements become Indonesian Certification Authority: Copy of Deed of Establishment and Deed of Amendment. Minimum venture capital: 30 Billion IDR. Registered as Electronic System Provider. The registration through website https://layanan.kominfo.go.id/register. Copy of Certificate Feasibility of Electronic System. Not as a root for other Certification Authority.  Has facilities and equipments which is located in Indonesia. System for manage the registration information of electronic c...

Ministry of Communication and Informatics released The Minister Regulation Number 11/2022 on Certification Authority Governance. Scope of the regulation consist of: Governance of Electronic Certification; Controlling of Certification Authority Certification Body of Certification Authority Procedures for Imposing Administrative Sactions in the Implementation of Electronic Certification. Directorate of Informatics Application Governance published standards like Standard of Facility and Equipment of Certification Authority, Certification Authority Interoperability Standard, Standard of Identity Verification, Certificate Policy of Root CA, Other Guidances, and national or international Best Practices. A certificate profile according to RFC 5280 Internet X 509 Public Key Infrastructure Certificate or Certificate Revocation List (CRL).  Services of Certification Authority: 1. e-Seal; 2. Electronic Time Stamp; 3. Registered Electronic Transmissions Services; 4. Archives of Electronic Sign...

Indonesia Public Key Infrastructure (Indonesia PKI) is a hierarchical PKI with the trust chain starting from the Root Certification Authority Indonesia (Indonesian Root CA). The Ministry of Communication and Informatics (MCI) operates Root CA Indonesia according to Government Regulation of the Republic of Indonesia number 71 of 2019 concerning Electronic System and Transaction Operation. Indonesian CA is a CA which has an Indonesian legal entity, located in Indonesia, and recognized by Government CA and Non-Government CAs. Government CAs issue certificates for civil servant which can only be used for carrying out his responsibilities and/or authorities. Non-Government CAs issue Certificates other than those issued by Government CAs. There are 10 CAs in Indonesia.  List of Government CA:  - BSrE List of Non-Government CAs: 1. PT. Privy Identitas Digital (Privy) 2. PT. Djelas Tandatangan Bersama (DTB) 3. PT. Indonesia Digital Identity (VIDA) 4. PT. Tilaka Nusa Teknologi (Tilaka)...

Saya sudah lama berkecimpung di bidang keamanan informasi. Alhamdulillah minggu lalu di hari kamis tanggal 26 Januari 2023 mendapatkan update ilmu dari Pak Chandra Yulistia atas undangan dari BSN (Badan Standardisasi Nasional) yaitu Refreshment bagi para Asesor KAN terkait Lembaga Sertifikasi SNI ISO 27001. Disini saya ingin berbagi beberapa poin penting perbedaannya. ISO 27001: 2013 terdiri atas 141 kontrol, sedangkan ISO 27001: 2022 yang menjadi 93 security control yang terbagi atas 4 bagian yaitu sebagai berikut: A.5 Organizational Controls (Pengendalian organisasi), jumlah pengendalian = 37 A.6 People Controls (Pengendalian personil), jumlah pengendalian = 8 A.7 Physical controls (Pengendalian fisik), jumlah pengendalian = 14 A.8 Technological controls (pengendalian teknologi), Jumlah pengendalian = 34 Total pengendalian = 93  Sistem Manajemen Keamanan Informasi (SMKI) standar ISO 27001 resmi dirilis pada 25 Oktober 2022. Pada update terbaru ini terdapat sedikit perubahan pada ...