INFORMATION SECURITY INCIDENT MANAGEMENT DESIGN FOR BANDUNG INSTITUTE OF TECHNOLOGY: CASE STUDY OF CREDENTIAL COMPROMISE, MALICIOUS EMAIL, AND THIRD-PARTY INCIDENT
In today's digital era, organizations face the ever-increasing threat of information security incidents that can have severe consequences on their operations, reputation and customer trust. Effective incident management is critical to minimize the impact of these incidents and ensuring a rap...
Saved in:
| Main Author: | |
|---|---|
| Format: | Final Project |
| Language: | Indonesia |
| Online Access: | https://digilib.itb.ac.id/gdl/view/74062 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Institut Teknologi Bandung |
| Language: | Indonesia |
| id |
id-itb.:74062 |
|---|---|
| spelling |
id-itb.:740622023-06-26T10:56:51ZINFORMATION SECURITY INCIDENT MANAGEMENT DESIGN FOR BANDUNG INSTITUTE OF TECHNOLOGY: CASE STUDY OF CREDENTIAL COMPROMISE, MALICIOUS EMAIL, AND THIRD-PARTY INCIDENT Lutfian Cicero, Kemal Indonesia Final Project post incident activity, information security, handling phase, incident management, organization, incident handling. INSTITUT TEKNOLOGI BANDUNG https://digilib.itb.ac.id/gdl/view/74062 In today's digital era, organizations face the ever-increasing threat of information security incidents that can have severe consequences on their operations, reputation and customer trust. Effective incident management is critical to minimize the impact of these incidents and ensuring a rapid and coordinated response. This thesis aims to design a comprehensive information security incident management for Bandung Institute of Technology with the main object of research being the Directorate of Information Technology of the Bandung Institute of Technology. The methodology used for this thesis is a combination of literature studies and various guidelines and standards, such as NIST, ISO, and also tools from Infosys to identify the main components and processes that are important for effective incident management. The resulting response phases include incident detection, analysis, containment, eradicate, recovery and post incident activities which provide a structured and systematic approach to incident response. To evaluate the designed incident management, feedback is collected from the main stakeholders in the organization. There are several important findings in the completion of this thesis, such as the importance of a well-defined and documented incident management plan, clear roles and responsibilities, as well as regular training and awareness programs. Additionally, the inclusion of post- incident activities contributes to continuous improvement and enhances overall incident management capabilities. text |
| institution |
Institut Teknologi Bandung |
| building |
Institut Teknologi Bandung Library |
| continent |
Asia |
| country |
Indonesia Indonesia |
| content_provider |
Institut Teknologi Bandung |
| collection |
Digital ITB |
| language |
Indonesia |
| description |
In today's digital era, organizations face the ever-increasing threat of information security
incidents that can have severe consequences on their operations, reputation and customer
trust. Effective incident management is critical to minimize the impact of these incidents
and ensuring a rapid and coordinated response. This thesis aims to design a comprehensive
information security incident management for Bandung Institute of Technology with the
main object of research being the Directorate of Information Technology of the Bandung
Institute of Technology. The methodology used for this thesis is a combination of literature
studies and various guidelines and standards, such as NIST, ISO, and also tools from
Infosys to identify the main components and processes that are important for effective
incident management. The resulting response phases include incident detection, analysis,
containment, eradicate, recovery and post incident activities which provide a structured
and systematic approach to incident response. To evaluate the designed incident
management, feedback is collected from the main stakeholders in the organization. There
are several important findings in the completion of this thesis, such as the importance of a
well-defined and documented incident management plan, clear roles and responsibilities,
as well as regular training and awareness programs. Additionally, the inclusion of post-
incident activities contributes to continuous improvement and enhances overall incident
management capabilities. |
| format |
Final Project |
| author |
Lutfian Cicero, Kemal |
| spellingShingle |
Lutfian Cicero, Kemal INFORMATION SECURITY INCIDENT MANAGEMENT DESIGN FOR BANDUNG INSTITUTE OF TECHNOLOGY: CASE STUDY OF CREDENTIAL COMPROMISE, MALICIOUS EMAIL, AND THIRD-PARTY INCIDENT |
| author_facet |
Lutfian Cicero, Kemal |
| author_sort |
Lutfian Cicero, Kemal |
| title |
INFORMATION SECURITY INCIDENT MANAGEMENT DESIGN FOR BANDUNG INSTITUTE OF TECHNOLOGY: CASE STUDY OF CREDENTIAL COMPROMISE, MALICIOUS EMAIL, AND THIRD-PARTY INCIDENT |
| title_short |
INFORMATION SECURITY INCIDENT MANAGEMENT DESIGN FOR BANDUNG INSTITUTE OF TECHNOLOGY: CASE STUDY OF CREDENTIAL COMPROMISE, MALICIOUS EMAIL, AND THIRD-PARTY INCIDENT |
| title_full |
INFORMATION SECURITY INCIDENT MANAGEMENT DESIGN FOR BANDUNG INSTITUTE OF TECHNOLOGY: CASE STUDY OF CREDENTIAL COMPROMISE, MALICIOUS EMAIL, AND THIRD-PARTY INCIDENT |
| title_fullStr |
INFORMATION SECURITY INCIDENT MANAGEMENT DESIGN FOR BANDUNG INSTITUTE OF TECHNOLOGY: CASE STUDY OF CREDENTIAL COMPROMISE, MALICIOUS EMAIL, AND THIRD-PARTY INCIDENT |
| title_full_unstemmed |
INFORMATION SECURITY INCIDENT MANAGEMENT DESIGN FOR BANDUNG INSTITUTE OF TECHNOLOGY: CASE STUDY OF CREDENTIAL COMPROMISE, MALICIOUS EMAIL, AND THIRD-PARTY INCIDENT |
| title_sort |
information security incident management design for bandung institute of technology: case study of credential compromise, malicious email, and third-party incident |
| url |
https://digilib.itb.ac.id/gdl/view/74062 |
| _version_ |
1822007291810938880 |