INFORMATION SECURITY INCIDENT MANAGEMENT DESIGN FOR BANDUNG INSTITUTE OF TECHNOLOGY: CASE STUDY OF CREDENTIAL COMPROMISE, MALICIOUS EMAIL, AND THIRD-PARTY INCIDENT

INFORMATION SECURITY INCIDENT MANAGEMENT DESIGN FOR BANDUNG INSTITUTE OF TECHNOLOGY: CASE STUDY OF CREDENTIAL COMPROMISE, MALICIOUS EMAIL, AND THIRD-PARTY INCIDENT

In today's digital era, organizations face the ever-increasing threat of information security incidents that can have severe consequences on their operations, reputation and customer trust. Effective incident management is critical to minimize the impact of these incidents and ensuring a rap...

Full description

Saved in:
Bibliographic Details
Main Author: Lutfian Cicero, Kemal
Format: Final Project
Language:Indonesia
Online Access:https://digilib.itb.ac.id/gdl/view/74062
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Institut Teknologi Bandung
Language: Indonesia
Description
Summary:In today's digital era, organizations face the ever-increasing threat of information security incidents that can have severe consequences on their operations, reputation and customer trust. Effective incident management is critical to minimize the impact of these incidents and ensuring a rapid and coordinated response. This thesis aims to design a comprehensive information security incident management for Bandung Institute of Technology with the main object of research being the Directorate of Information Technology of the Bandung Institute of Technology. The methodology used for this thesis is a combination of literature studies and various guidelines and standards, such as NIST, ISO, and also tools from Infosys to identify the main components and processes that are important for effective incident management. The resulting response phases include incident detection, analysis, containment, eradicate, recovery and post incident activities which provide a structured and systematic approach to incident response. To evaluate the designed incident management, feedback is collected from the main stakeholders in the organization. There are several important findings in the completion of this thesis, such as the importance of a well-defined and documented incident management plan, clear roles and responsibilities, as well as regular training and awareness programs. Additionally, the inclusion of post- incident activities contributes to continuous improvement and enhances overall incident management capabilities.

Similar Items