Perancangan Peningkatan Kapabilitas National Security Operation Center untuk Meningkatkan Keamanan Siber di Indonesia
DOI:
https://doi.org/10.52436/1.jpti.1015Kata Kunci:
Benchmarking, MITRE SOC Framework, NSOC, SOCAbstrak
Pertumbuhan pengguna internet di Indonesia mencapai 5,8% dalam empat tahun terakhir dan disertai peningkatan anomali traffic secara signifikan, dengan rata-rata 768 juta per tahun. Jumlah tersebut tiga kali lipat dari total pengguna internet, yang mengindikasikan perlunya strategi perlindungan siber yang lebih kuat dan adaptif untuk mengantisipasi kerentanan. Pemerintah Indonesia, melalui Badan Siber dan Sandi Negara (BSSN), telah membentuk National Security Operations Center (NSOC) sebagai langkah strategis dalam memperkuat keamanan siber nasional. Namun demikian, implementasi NSOC masih menghadapi berbagai tantangan, baik dari aspek kapabilitas, koordinasi, maupun keterbatasan operasional. Penelitian ini bertujuan untuk merancang peningkatan kapabilitas NSOC melalui pendekatan studi pustaka dan benchmarking terhadap pedoman serta praktik terbaik implementasi Security Operations Center (SOC) dari Uni Eropa, Inggris, Amerika Serikat, dan Australia. Hasil analisis menunjukkan bahwa praktik terbaik SOC mencakup tujuh kapabilitas dan 42 aktivitas inti. Sementara itu, NSOC memiliki sembilan kapabilitas dan 42 aktivitas, namun satu kapabilitas dan sembilan aktivitas di antaranya belum terimplementasi. Oleh karena itu, penelitian ini merekomendasikan penambahan kapabilitas Leadership and Management untuk memperkuat arah strategis dan tata kelola. Selain itu, penguatan aktivitas pada kapabilitas yang sudah ada perlu dilakukan, mencakup penyusunan pedoman simulasi ancaman, penanganan ancaman internal, layanan manajemen kerentanan, otomatisasi ticketing respons insiden, serta mekanisme transfer pengetahuan antar personel. Peningkatan ini diharapkan dapat memperkuat efektivitas NSOC dalam menghadapi kompleksitas ancaman siber nasional secara berkelanjutan dan terkoordinasi.
Unduhan
Referensi
Y. Li and Q. Liu, “A comprehensive review study of cyber-attacks and cyber security; Emerging trends and recent developments,” Energy Reports, vol. 7, pp. 8176–8186, Nov. 2021, doi: 10.1016/j.egyr.2021.08.126.
Asosiasi Penyedia Jasa Internet Indonesia, “Profil Internet Indonesia 2022,” Jakarta, 2022. Accessed: May 15, 2025. [Online]. Available: https://apjii.or.id/survei2019x/download/E17NsDYZ5pj0Wd32CqFGQfJRlA4vSV
Asosiasi Penyelenggara Jasa Internet Indonesia, “Survei Penetrasi Internet Indonesia 2024,” Jakarta, Feb. 2024. Accessed: May 15, 2025. [Online]. Available: https://survei1.apjii.or.id/download_survei/0c552657-97e4-4065-9f31-cbd0f809be82
T. Oluwaseun Abrahams, S. Kuzankah Ewuga, S. Onimisi Dawodu, A. Oluwatoyin Adegbite, and A. Olanipekun Hassan, “A Review of Cybersecurity Strategies in Modern Organizations: Examining The Evolution and Effectiveness of Cybersecurity Measures for Data Protection,” Computer Science & IT Research Journal, vol. 5, no. 1, pp. 1–25, 2024, doi: 10.51594/csitrj.v5i.699.
J. Rahman et al., Laporan Tahunan Monitoring Keamanan Siber 2021, 1st ed. Jakarta: Badan Siber dan Sandi Negara, 2022.
Pusat Operasi Keamanan Siber, Laporan Tahunan Monitoring Keamanan Siber 2020. Badan Siber dan Sandi Negara, 2021.
Direktorat Operasi Keamanan Siber, Lanskap Keamanan Siber Indonesia 2022. Jakarta: Badan Siber dan Sandi Negara, 2023.
Direktorat Operasi Keamanan Siber, Lanskap Keamanan Siber Indonesia 2023. Jakarta: Badan Siber dan Sandi Negara, 2024. Accessed: May 15, 2025. [Online]. Available: https://www.bssn.go.id/wp-content/uploads/2024/03/Lanskap-Keamanan-Siber-Indonesia-2023.pdf
Direktorat Operasi Keamanan Siber, Lanskap Keamanan Siber Indonesia 2024. Jakarta: Badan Siber dan Sandi Negara, 2025. Accessed: May 15, 2025. [Online]. Available: https://www.bssn.go.id/wp-content/uploads/2025/02/LANSKAP-KEAMANAN-SIBER-2024-1.pdf
Republik Indonesia, “Peraturan Presiden Republik Indonesia Nomor 28 Tahun 2021 tentang Badan Siber dan Sandi Negara,” Jakarta, 2021. Accessed: May 15, 2025. [Online]. Available: https://peraturan.bpk.go.id/Details/165493/perpres-no-28-tahun-2021
Badan Siber dan Sandi Negara, “Peraturan Badan Siber dan Sandi Negara Nomor 9 Tahun 2020 tentang Organisasi dan Tata Kerja Badan Siber dan Sandi Negara,” Jakarta, 2020. Accessed: May 15, 2025. [Online]. Available: https://peraturan.bpk.go.id/Details/174286/peraturan-bssn-no-9-tahun-2020
Badan Siber dan Sandi Negara, “Peraturan Badan Siber dan Sandi Negara Nomor 6 Tahun 2021 tentang Organisasi dan Tata Kerja Badan Siber dan Sandi Negara,” Jakarta, 2021. Accessed: May 15, 2025. [Online]. Available: https://peraturan.bpk.go.id/Details/174277/peraturan-bssn-no-6-tahun-2021
Badan Siber dan Sandi Negara, “Peraturan Badan Siber dan Sandi Negara Nomor 10 Tahun 2021 tentang Perubahan atas Peraturan Badan Siber dan Sandi Negara Nomor 5 Tahun 2020 tentang Rencana Strategis Badan Siber dan Sandi Negara Tahun 2020 - 2024,” 2021. Accessed: May 15, 2025. [Online]. Available: https://peraturan.bpk.go.id/Details/226095/peraturan-bssn-no-10-tahun-2021
K. Knerler, I. Parker, and C. Zimmerman, 11 Strategies of a World-Class Cybersecurity Operations Center, 2nd ed. The MITRE Corporation, 2022. Accessed: May 15, 2025. [Online]. Available: https://www.mitre.org/sites/default/files/2022-04/11-strategies-of-a-world-class-cybersecurity-operations-center.pdf
E. Taurins, “How To Setup Up CSIRT and SOC,” Dec. 2020. doi: 10.2824/056764.
Cybersecurity & Infrastructure Security Agency, “Security Operations Center as a Service (SOCaaS),” https://www.cisa.gov/resources-tools/services/security-operations-center-service-socaas. Accessed: May 15, 2025. [Online]. Available: https://www.cisa.gov/resources-tools/services/security-operations-center-service-socaas
A. Dedeke and K. Masterson, “Contrasting cybersecurity implementation frameworks (CIF) from three countries,” Information and Computer Security, vol. 27, no. 3, pp. 373–392, Jun. 2019, doi: 10.1108/ICS-10-2018-0122.
M. A. Ulin Nuha, Muhammad Salman, Nur Annisa Kadarwati Febriyani, and Eka Hero Ramadhani, “Reformulation of the Vulnerability Management Cycle for Enhancing Indonesia’s Critical Information Infrastructure Protection: An International Comparative Study,” The Indonesian Journal of Computer Science, vol. 14, no. 1, pp. 322–337, Feb. 2025, doi: 10.33022/ijcs.v14i1.4609.
V. Kravets, “Comparative Analysis of the Cybersecurity Indices and Their Applications,” Theoretical and Applied Cybersecurity, vol. 1, no. 1, May 2019, doi: 10.20535/tacs.2664-29132019.1.169090.
H. Yarovenko, O. Kuzmenko, and M. Stumpo, “Strategy for Determining Country Ranking by Level of Cybersecurity,” Financial Markets, Institutions and Risks, vol. 4, no. 3, pp. 124–137, 2020, doi: 10.21272/fmir.4(3).124-137.2020.
M. Alfano, V. Bastidas, P. Heynen, and M. Helfert, “An Assessment Methodology and Instrument for Cybersecurity: The Ireland Use Case,” Feb. 2023, [Online]. Available: http://arxiv.org/abs/2302.05166
A. Niedermeier, “Same threat, different answers? Comparing and assessing national cyber defence strategies in Central-Eastern Europe,” Security and Defence Quarterly, vol. 16, no. 3, pp. 52–74, Sep. 2017, doi: 10.35467/sdq/103184.
International Telecommunication Union, “Global Cybersecurity Index 2024 5th Edition Acknowledgements,” 2024. Accessed: May 15, 2025. [Online]. Available: https://www.itu.int/en/ITU-D/Cybersecurity/pages/global-cybersecurity-index.aspx
ACSC, “Practical cyber security tips for business leaders,” Canberra, Jan. 2024. Accessed: May 15, 2025. [Online]. Available: https://www.cyber.gov.au/sites/default/files/2025-03/Practical%20cybersecurity%20tips%20for%20business%20leaders%20%28January%202024%29.pdf
ACSC, Information Security Manual. Canberra: Australian Cyber Security Centre, 2024. Accessed: Dec. 28, 2024. [Online]. Available: https://www.cyber.gov.au/sites/default/files/2024-12/Information%20Security%20Manual%20%28December%202024%29.pdf
ACSC, “Essential Eight Maturity Model,” Canberra, Nov. 2023. Accessed: May 15, 2025. [Online]. Available: https://www.cyber.gov.au/sites/default/files/2025-03/Essential%20Eight%20maturity%20model%20%28November%202023%29.pdf
ACSC, “ASD Cyber Threat Report 2023-2024,” 2024. Accessed: May 15, 2025. [Online]. Available: https://www.cyber.gov.au/sites/default/files/2024-11/asd-cyber-threat-report-2024.pdf
National Cyber Security Centre, “Building a Security Operations Centre (SOC).” Accessed: May 15, 2025. [Online]. Available: https://www.ncsc.gov.uk/collection/building-a-security-operations-centre
National Cyber Security Centre, “Introduction to Logging for Security Purposes?: Laying the groundwork for incident readiness.” Accessed: May 15, 2025. [Online]. Available: https://www.ncsc.gov.uk/guidance/introduction-logging-security-purposes
United Kingdom Government, “Detecting the Unknown: A Guide to Threat Hunting,” Mar. 2019. Accessed: May 15, 2025. [Online]. Available: https://hodigital.blog.gov.uk/wp-content/uploads/sites/161/2020/03/Detecting-the-Unknown-A-Guide-to-Threat-Hunting-v2.0.pdf
United Kingdom Government, “Cyber Threat Intelligence in Government: A Guide for Decision Makers & Analysts version 2.0,” Mar. 2019. Accessed: May 15, 2025. [Online]. Available: https://hodigital.blog.gov.uk/wp-content/uploads/sites/161/2020/03/Cyber-Threat-Intelligence-A-Guide-For-Decision-Makers-and-Analysts-v2.0.pdf
National Cyber Security Centre United Kingdom, “CISP?: Connect Inform Share Protect.” Accessed: May 15, 2025. [Online]. Available: https://www.ncsc.gov.uk/cisp/home
National Cyber Security Centre United Kingdom, “Report a Cyber Incident.” Accessed: May 15, 2025. [Online]. Available: https://report.ncsc.gov.uk/?_gl=1*affn63*_ga*MTAyNjY0NjUwMy4xNzQ0OTMxMDE1*_ga_FMH2FBTCEP*czE3NDcyMjQxNzEkbzI5JGcxJHQxNzQ3MjI2MTEzJGowJGwwJGgxNTg0NDk2NzI.
National Cyber Security Centre United Kingdom, “Incident management: How to effectively detect, respond to and resolve cyber incidents.” Accessed: May 15, 2025. [Online]. Available: https://www.ncsc.gov.uk/collection/incident-management
National Cyber Security Centre United Kingdom, “Exercise in a Box.” Accessed: May 15, 2025. [Online]. Available: https://www.ncsc.gov.uk/section/exercise-in-a-box/overview
Carneige Mellon University, “CRR Supplemental Resource Guide Asset Management,” 2016. Accessed: May 15, 2025. [Online]. Available: https://www.cisa.gov/sites/default/files/publications/CRR_Resource_Guide-AM.pdf
Carneige Mellon University, “CRR Supplemental Resource Guide, Volume 2: Controls Management,” 2016. Accessed: May 15, 2025. [Online]. Available: https://www.cisa.gov/sites/default/files/publications/CRR_Resource_Guide-CM_0.pdf
Carneige Mellon University, “CRR Supplemental Resource Guide Vulnerability Management Version 1.1,” 2016. Accessed: May 15, 2025. [Online]. Available: https://www.cisa.gov/sites/default/files/publications/CRR_Resource_Guide-VM_0.pdf
Carneige Mellon University, “CRR Supplemental Resource Guide, Volume 10: Situational Awareness,” 2016. Accessed: May 15, 2025. [Online]. Available: https://www.cisa.gov/sites/default/files/publications/CRR_Resource_Guide-SA_0.pdf
Cybersecurity & Infrastructure Security Agency, “Cyber Threat Information Sharing (CTIS) - Shared Cybersecurity Services (SCS).” Accessed: May 15, 2025. [Online]. Available: https://www.cisa.gov/resources-tools/services/cyber-threat-information-sharing-ctis-shared-cybersecurity-services-scs
Cybersecurity & Infrastructure Security Agency, “Cyber Incident Resource Guide for Governors,” 2023. Accessed: May 15, 2025. [Online]. Available: https://csrc.nist.gov/glossary/term/incident
Carneige Mellon University, “CRR Supplemental Resource Guide, Volume 5: Incident Management,” 2016. Accessed: May 15, 2025. [Online]. Available: https://www.cisa.gov/sites/default/files/publications/CRR_Resource_Guide-IM_0.pdf
Pusat Operasi Keamanan Siber Nasional, Grand Desain NSOC - National Security Operation Center. Jakarta: BSSN, 2021.
