SlideShare uma empresa Scribd logo

Protecting Data Privacy

Directorate of Information Security | Ditjen Aptika
Directorate of Information Security | Ditjen Aptika

Presented by RUDI LUMANTO, ID-SIRTII in Indonesia Information Security Forum 2012

Tecnologia
1 de 19
Baixar para ler offline
Protecting Data Privacy: Perlindungan Data Pribadi Pengguna Sistem Elektronik RUDI LUMANTO -ID-SIRTII- 10 October 2012 Indonesia Information Security Forum (IISF 2012) Hotel Hilton, Bandung, Indonesia
The moderns thief can steal more with a computer than a gun
Bad guys tend to go where the masses go
Defining Privacy  According to Ruth Gavison (Law and Human Right Professor), there are three elements in privacy: secrecy, anonymity and solitude. It is a state which can be lost, whether through the choice of the person in that state or through the action of another person  The Calcutta Committee in the United Kingdom said that, "nowhere have we found a wholly satisfactory statutory definition of privacy." But the committee was satisfied that it would be possible to define it legally and adopted this definition in its first report on privacy:  The right of the individual to be protected against intrusion into his personal life or affairs, or those of his family, by direct physical means or by publication of information
Data Privacy : what is to be protect ?  What is actually personal data? personal data means any information concerning commercial transactions stored or recorded and which can be managed automatically or as a file system (Under Section 4 of the PDPA Malaysia)  Generally, personal data has a very wide scope, covering sensitive and personal information such as blood type, health records and descriptions, political and religious beliefs, mental or physical conditions, or any other data needed by the authority from time to time.  Normal personal data also involves details on bank accounts, credit cards, telecommunication links like telephone or any other information stipulated by the minister under the PDPA from time to time.  When you purchase an item online : ◦ your credit card data is online as well. ◦ Your banking activities precipitate the storage, retrieval as well as the movement of your credit and debit records Reff : Protecting your personal data By DATUK SERI DR RAIS YATIM
What is to be mentioned ?  on the rights and liabilities pertaining to information;  protection of information from unlawful use;  the right to information;  the status of information belonging to individuals and  the overall issues pertaining to the future of online trade and commerce using other people’s data. Reff : Protecting your personal data By DATUK SERI DR RAIS YATIM
How to protect ?  Organizationally  Tecnologically : Encryption, PKI, e-ID etc  Legally  Socially : mindset and habit ◦ Kompetisi Cyber Jawara (ID-SIRTII) ◦ Amazing drill test ◦ Forensic dan anti forensic ◦ Seminar Indonesia cyber army – Aptikom ◦ dll
Lesson Learned from Malaysia  The Personal Data Protection Act 2010 (PDPA) is one of the cyber legislations aimed at regulating the processing of personal data in commercial transactions.  The Act was passed by Parliament in May 2010 and the Personal Data Protection Department was created a year later  While the PDPA functions in the commercial environment, abuse of telephony communication networks or other channels through violations of personal data are also closely associated with the Communications and Multimedia Act (CMA) 1998.  For example, a person who intentionally infiltrates and gets without permission any information, including data through telephony or other means of communications under S.234 of the CMA, can be jailed up to one year or fined up to RM50,000 or both, if convicted. Reff : Protecting your personal data By DATUK SERI DR RAIS YATIM
Cyber threat to data privacy  Low of security awareness of internet users (non obscurity model)  Vulnerabilties  Social engineering  So many free tools and techniques for retrieving information (search engines, crawling techniques etc)  Malware E-KTP  180 juta an data penduduk !!!
SOCIAL ENGINEERING the strength of a chain depends on the weakest link  The art of manipulating people into performing actions or divulging confidential information.  Exploiting Human Vulnerabilities.  A non-technical kind of intrusion that relies heavily on human interaction
Malware threats • Symantec blocked a total of over 5.5 billion malware attacks in 2011, an 81% increase over 2010. • Web based attacks increased by 36% with over 4,500 new attacks each day. • 403 million new variants of malware were created in 2011, a 41% increase of 2010. • 39% of malware attacks via email used a link to a web page. Reff: norton symanted security threat report 2011
Last but not least
Indonesia Internet Profile YEAR INTERNET USER 2000 2 Million 2006 20 Million 2007 25 Million 2008 31 Million 2009 40.4 Million 2010 48,7 Million 2011 55 Million Source : IDC, PT Telkom, Nokia Siemens Network. User growth within 10 years, 2600 % increase !!!
Indonesia Internet Profile : the Value is Increase !!  The value of trade transactions conducted via the Internet or online this year(2011) is estimated to reach U.S. $ 4.1 billion, growing at about 20.5% of the value of online transactions in the last year. Indonesian People communicate differently today, people do transaction and trade differently today, and it drives today's threats and crime !!
Indonesia Securitiy : Sep 2012 incidents N 160 Webiste Count 141 o 140 129 1 .go.id 141 .go.id 2 .sch.id 129 120 103 .sch.id 3 .web.id 103 100 95 .web.id 4 .ac.id 95 81 .ac.id 80 5 .co.id 81 .co.id 6 .or.id 30 60 .or.id 7 .mil.id .mil.id 20 40 30 .net.id 8 .net.id 0 20 Jumlah 20 0 Deface .id 599 0 Grafik Insiden September 2012
Indonesia Security : incidents 2012 700 600 web.id 500 co.id 400 go.id 300 ac.id or.id 200 sch.id 100 mil.id 0 net.id
Indonesia Security : incidents 2012 Top 5 Events Top % Ports
SAMPLE BIG CASE  (2012) Aneka Tambang (ANTAM) Tbk data leak. PT ANTAM (Persero) Tbk. Antam is a vertically integrated, export-oriented, diversified mining and metals company. Land mines data leak caused by internal employee  (2012) Telco Operator customer data leak, hundreds of customer email id and passwd leaks, caused by external intrusion.  (2011) 25 million customer data leak from Telco Operator that cause many spam emails
Thank you Contact ID-SIRTII : http://www.id-sirtii.or.id email : info@id-sirtii.or.id TEL : 021-319305556

Recomendados

Cyber Crime and Cyber Law of India BY Vinay
Cyber Crime and Cyber Law of India BY VinayCyber Crime and Cyber Law of India BY Vinay
Cyber Crime and Cyber Law of India BY VinayVinay Pancholi
 
Cyber Law and Cyber Crime
Cyber Law and Cyber Crime Cyber Law and Cyber Crime
Cyber Law and Cyber Crime Col Mukteshwar Prasad
 
Cyber laws with case studies
Cyber laws with case studiesCyber laws with case studies
Cyber laws with case studiesBhagya Bgk
 
Cyber law case Assignment
Cyber law case AssignmentCyber law case Assignment
Cyber law case Assignment9945446746
 
Cyber crime a potential threat and remedies
Cyber crime a potential threat and remediesCyber crime a potential threat and remedies
Cyber crime a potential threat and remediesIJARIIT
 
Cyber Law With case studies
Cyber Law With case studies Cyber Law With case studies
Cyber Law With case studies Bhagya Bgk
 
Cyber law
Cyber lawCyber law
Cyber lawabiabel
 
Mobile security issues & frauds in India
Mobile security issues & frauds in IndiaMobile security issues & frauds in India
Mobile security issues & frauds in IndiaYogesh Lolge
 

Recomendados

Cyber Crime and Cyber Law of India BY Vinay
Cyber Crime and Cyber Law of India BY VinayCyber Crime and Cyber Law of India BY Vinay
Cyber Crime and Cyber Law of India BY VinayVinay Pancholi
 
Cyber Law and Cyber Crime
Cyber Law and Cyber Crime Cyber Law and Cyber Crime
Cyber Law and Cyber Crime Col Mukteshwar Prasad
 
Cyber laws with case studies
Cyber laws with case studiesCyber laws with case studies
Cyber laws with case studiesBhagya Bgk
 
Cyber law case Assignment
Cyber law case AssignmentCyber law case Assignment
Cyber law case Assignment9945446746
 
Cyber crime a potential threat and remedies
Cyber crime a potential threat and remediesCyber crime a potential threat and remedies
Cyber crime a potential threat and remediesIJARIIT
 
Cyber Law With case studies
Cyber Law With case studies Cyber Law With case studies
Cyber Law With case studies Bhagya Bgk
 
Cyber law
Cyber lawCyber law
Cyber lawabiabel
 
Mobile security issues & frauds in India
Mobile security issues & frauds in IndiaMobile security issues & frauds in India
Mobile security issues & frauds in IndiaYogesh Lolge
 
Cyber law assignment
Cyber law assignmentCyber law assignment
Cyber law assignmentRini Mahade
 
Internet cybercrime,ebanking and security
Internet cybercrime,ebanking and securityInternet cybercrime,ebanking and security
Internet cybercrime,ebanking and securityDheeraj Kumar Tiwari
 
Section 66 of Information Technology Act.
Section 66 of Information Technology Act.Section 66 of Information Technology Act.
Section 66 of Information Technology Act.anveshika thakur
 
Data security
Data securityData security
Data securityHitesh Kumar
 
Cyber law11
Cyber law11Cyber law11
Cyber law11maradabudkinsantosh
 
Cyber law and ipc codes
Cyber law and ipc codesCyber law and ipc codes
Cyber law and ipc codesRakesh Otari
 
An overview study on cyber crimes in internet
An overview study on cyber crimes in internetAn overview study on cyber crimes in internet
An overview study on cyber crimes in internetAlexander Decker
 
Cyber Security Awareness Challenge: In India
Cyber Security Awareness Challenge: In IndiaCyber Security Awareness Challenge: In India
Cyber Security Awareness Challenge: In IndiaIRJET Journal
 
10.2.2015 e commerce fraud final slide show.ppt
10.2.2015 e commerce fraud final slide show.ppt10.2.2015 e commerce fraud final slide show.ppt
10.2.2015 e commerce fraud final slide show.pptshaks9151
 
Apresentação Allen ES
Apresentação Allen ESApresentação Allen ES
Apresentação Allen ESAllen Informática
 
Cyber law assignment
Cyber law assignmentCyber law assignment
Cyber law assignmentVarsha Mali
 
Identity Theft : A Serious Crime
Identity Theft : A Serious CrimeIdentity Theft : A Serious Crime
Identity Theft : A Serious CrimeTanzim Rizwan
 
Chapter 17 a fraud in e commerce Jen
Chapter 17 a fraud in e commerce JenChapter 17 a fraud in e commerce Jen
Chapter 17 a fraud in e commerce JenVidaB
 
Safety Mechanism of Cyber Crime in Indian Banking System
Safety Mechanism of Cyber Crime in Indian Banking SystemSafety Mechanism of Cyber Crime in Indian Banking System
Safety Mechanism of Cyber Crime in Indian Banking Systempaperpublications3
 
Digital footprints (preview)
Digital footprints (preview)Digital footprints (preview)
Digital footprints (preview)Neeraj Mahajan
 
Cyber law assignment
Cyber law assignmentCyber law assignment
Cyber law assignmentAnusha Kadayyanmath
 
Cyber crime in Pakistan
Cyber crime in PakistanCyber crime in Pakistan
Cyber crime in PakistanMustufain Ahmed Ansari
 
Cybertorts
CybertortsCybertorts
Cybertortspanabaha
 
English in written
English in writtenEnglish in written
English in writtenazhar manap
 
eFolder Partner Chat Webinar: The Myths and Realities of Data Protection and ...
eFolder Partner Chat Webinar: The Myths and Realities of Data Protection and ...eFolder Partner Chat Webinar: The Myths and Realities of Data Protection and ...
eFolder Partner Chat Webinar: The Myths and Realities of Data Protection and ...eFolder
 
Presentation ICT2
Presentation ICT2Presentation ICT2
Presentation ICT2safa
 
Cyberlaw
CyberlawCyberlaw
CyberlawShanmugam Thiagoo
 

Mais conteúdo relacionado

Mais procurados

Cyber law assignment
Cyber law assignmentCyber law assignment
Cyber law assignmentRini Mahade
 
Internet cybercrime,ebanking and security
Internet cybercrime,ebanking and securityInternet cybercrime,ebanking and security
Internet cybercrime,ebanking and securityDheeraj Kumar Tiwari
 
Section 66 of Information Technology Act.
Section 66 of Information Technology Act.Section 66 of Information Technology Act.
Section 66 of Information Technology Act.anveshika thakur
 
Cyber law and ipc codes
Cyber law and ipc codesCyber law and ipc codes
Cyber law and ipc codesRakesh Otari
 
An overview study on cyber crimes in internet
An overview study on cyber crimes in internetAn overview study on cyber crimes in internet
An overview study on cyber crimes in internetAlexander Decker
 
Cyber Security Awareness Challenge: In India
Cyber Security Awareness Challenge: In IndiaCyber Security Awareness Challenge: In India
Cyber Security Awareness Challenge: In IndiaIRJET Journal
 
10.2.2015 e commerce fraud final slide show.ppt
10.2.2015 e commerce fraud final slide show.ppt10.2.2015 e commerce fraud final slide show.ppt
10.2.2015 e commerce fraud final slide show.pptshaks9151
 
Cyber law assignment
Cyber law assignmentCyber law assignment
Cyber law assignmentVarsha Mali
 
Identity Theft : A Serious Crime
Identity Theft : A Serious CrimeIdentity Theft : A Serious Crime
Identity Theft : A Serious CrimeTanzim Rizwan
 
Chapter 17 a fraud in e commerce Jen
Chapter 17 a fraud in e commerce JenChapter 17 a fraud in e commerce Jen
Chapter 17 a fraud in e commerce JenVidaB
 
Safety Mechanism of Cyber Crime in Indian Banking System
Safety Mechanism of Cyber Crime in Indian Banking SystemSafety Mechanism of Cyber Crime in Indian Banking System
Safety Mechanism of Cyber Crime in Indian Banking Systempaperpublications3
 
Digital footprints (preview)
Digital footprints (preview)Digital footprints (preview)
Digital footprints (preview)Neeraj Mahajan
 
Cybertorts
CybertortsCybertorts
Cybertortspanabaha
 
English in written
English in writtenEnglish in written
English in writtenazhar manap
 

Mais procurados (19)

Cyber law assignment
Cyber law assignmentCyber law assignment
Cyber law assignment
 
Internet cybercrime,ebanking and security
Internet cybercrime,ebanking and securityInternet cybercrime,ebanking and security
Internet cybercrime,ebanking and security
 
Section 66 of Information Technology Act.
Section 66 of Information Technology Act.Section 66 of Information Technology Act.
Section 66 of Information Technology Act.
 
Data security
Data securityData security
Data security
 
Cyber law11
Cyber law11Cyber law11
Cyber law11
 
Cyber law and ipc codes
Cyber law and ipc codesCyber law and ipc codes
Cyber law and ipc codes
 
An overview study on cyber crimes in internet
An overview study on cyber crimes in internetAn overview study on cyber crimes in internet
An overview study on cyber crimes in internet
 
Cyber Security Awareness Challenge: In India
Cyber Security Awareness Challenge: In IndiaCyber Security Awareness Challenge: In India
Cyber Security Awareness Challenge: In India
 
10.2.2015 e commerce fraud final slide show.ppt
10.2.2015 e commerce fraud final slide show.ppt10.2.2015 e commerce fraud final slide show.ppt
10.2.2015 e commerce fraud final slide show.ppt
 
Apresentação Allen ES
Apresentação Allen ESApresentação Allen ES
Apresentação Allen ES
 
Cyber law assignment
Cyber law assignmentCyber law assignment
Cyber law assignment
 
Identity Theft : A Serious Crime
Identity Theft : A Serious CrimeIdentity Theft : A Serious Crime
Identity Theft : A Serious Crime
 
Chapter 17 a fraud in e commerce Jen
Chapter 17 a fraud in e commerce JenChapter 17 a fraud in e commerce Jen
Chapter 17 a fraud in e commerce Jen
 
Safety Mechanism of Cyber Crime in Indian Banking System
Safety Mechanism of Cyber Crime in Indian Banking SystemSafety Mechanism of Cyber Crime in Indian Banking System
Safety Mechanism of Cyber Crime in Indian Banking System
 
Digital footprints (preview)
Digital footprints (preview)Digital footprints (preview)
Digital footprints (preview)
 
Cyber law assignment
Cyber law assignmentCyber law assignment
Cyber law assignment
 
Cyber crime in Pakistan
Cyber crime in PakistanCyber crime in Pakistan
Cyber crime in Pakistan
 
Cybertorts
CybertortsCybertorts
Cybertorts
 
English in written
English in writtenEnglish in written
English in written
 

Destaque

eFolder Partner Chat Webinar: The Myths and Realities of Data Protection and ...
eFolder Partner Chat Webinar: The Myths and Realities of Data Protection and ...eFolder Partner Chat Webinar: The Myths and Realities of Data Protection and ...
eFolder Partner Chat Webinar: The Myths and Realities of Data Protection and ...eFolder
 
Presentation ICT2
Presentation ICT2Presentation ICT2
Presentation ICT2safa
 
Personal Data Protection Act - Employee Data Privacy
Personal Data Protection Act - Employee Data PrivacyPersonal Data Protection Act - Employee Data Privacy
Personal Data Protection Act - Employee Data PrivacylegalPadmin
 

Destaque (20)

eFolder Partner Chat Webinar: The Myths and Realities of Data Protection and ...
eFolder Partner Chat Webinar: The Myths and Realities of Data Protection and ...eFolder Partner Chat Webinar: The Myths and Realities of Data Protection and ...
eFolder Partner Chat Webinar: The Myths and Realities of Data Protection and ...
 
Presentation ICT2
Presentation ICT2Presentation ICT2
Presentation ICT2
 
Cyberlaw
CyberlawCyberlaw
Cyberlaw
 
Chapter 1
Chapter 1Chapter 1
Chapter 1
 
Personal Data Protection Act - Employee Data Privacy
Personal Data Protection Act - Employee Data PrivacyPersonal Data Protection Act - Employee Data Privacy
Personal Data Protection Act - Employee Data Privacy
 
E commerce
E commerceE commerce
E commerce
 
Privacy and Data Protection
Privacy and Data ProtectionPrivacy and Data Protection
Privacy and Data Protection
 
Chuan weihoo_IISF2011
Chuan weihoo_IISF2011Chuan weihoo_IISF2011
Chuan weihoo_IISF2011
 
02. R U Sure U R Secure
02. R U Sure U R Secure02. R U Sure U R Secure
02. R U Sure U R Secure
 
04. SAKTTI Introduction
04. SAKTTI Introduction04. SAKTTI Introduction
04. SAKTTI Introduction
 
Information Security Governance
Information Security GovernanceInformation Security Governance
Information Security Governance
 
Developing a Legal Framework for Privacy
Developing a Legal Framework for PrivacyDeveloping a Legal Framework for Privacy
Developing a Legal Framework for Privacy
 
Telkom sigma keminfo materi
Telkom sigma keminfo materiTelkom sigma keminfo materi
Telkom sigma keminfo materi
 
Rusmanto - Pengantar PDF dan Aplikasi Open Source terkait PDF
Rusmanto - Pengantar PDF dan Aplikasi Open Source terkait PDFRusmanto - Pengantar PDF dan Aplikasi Open Source terkait PDF
Rusmanto - Pengantar PDF dan Aplikasi Open Source terkait PDF
 
Global informationsecurityissue_ZainalHasibuan
Global informationsecurityissue_ZainalHasibuanGlobal informationsecurityissue_ZainalHasibuan
Global informationsecurityissue_ZainalHasibuan
 
Protecting Data Privacy
Protecting Data PrivacyProtecting Data Privacy
Protecting Data Privacy
 
Budaya keamanan informasi dari perspektif psikologi ia-14 mar2012
Budaya keamanan informasi dari perspektif psikologi ia-14 mar2012Budaya keamanan informasi dari perspektif psikologi ia-14 mar2012
Budaya keamanan informasi dari perspektif psikologi ia-14 mar2012
 
Sovereignty in Cyberspace
Sovereignty in CyberspaceSovereignty in Cyberspace
Sovereignty in Cyberspace
 
Personal security
Personal securityPersonal security
Personal security
 
Skema Akreditasi-Sertifikasi ISO 27001 Komite Akreditasi Nasional
Skema Akreditasi-Sertifikasi ISO 27001 Komite Akreditasi NasionalSkema Akreditasi-Sertifikasi ISO 27001 Komite Akreditasi Nasional
Skema Akreditasi-Sertifikasi ISO 27001 Komite Akreditasi Nasional
 

Semelhante a Protecting Data Privacy

Irjet v5 i1268
Irjet v5 i1268Irjet v5 i1268
Irjet v5 i1268xosap
 
Cyber crime and laws
Cyber crime and lawsCyber crime and laws
Cyber crime and lawsAjnish Rana
 
India and its wall of data security
India and its wall of data securityIndia and its wall of data security
India and its wall of data securityAshish Jhalani
 
India and Its Wall of Data Security
India and Its Wall of Data SecurityIndia and Its Wall of Data Security
India and Its Wall of Data SecurityeTailing India
 
How AI is impacting digital identity security.pdf
How AI is impacting digital identity security.pdfHow AI is impacting digital identity security.pdf
How AI is impacting digital identity security.pdfVLink Inc
 
Rise of cyber security v0.1
Rise of cyber security v0.1Rise of cyber security v0.1
Rise of cyber security v0.1Sohail Gohir
 
Team 3_Final Project.docx
Team 3_Final Project.docxTeam 3_Final Project.docx
Team 3_Final Project.docxMarcusBrown87
 
ISACA NA CACS 2012 Orlando session 414 Ulf Mattsson
ISACA NA CACS 2012 Orlando session 414 Ulf MattssonISACA NA CACS 2012 Orlando session 414 Ulf Mattsson
ISACA NA CACS 2012 Orlando session 414 Ulf MattssonUlf Mattsson
 
Mitigating Cyber-Threat in the Financial Industry of Bangladesh using Biometr...
Mitigating Cyber-Threat in the Financial Industry of Bangladesh using Biometr...Mitigating Cyber-Threat in the Financial Industry of Bangladesh using Biometr...
Mitigating Cyber-Threat in the Financial Industry of Bangladesh using Biometr...Dr. Amarjeet Singh
 
Cybercrime, Digital Investigation and Public Private Partnership by Francesca...
Cybercrime, Digital Investigation and Public Private Partnership by Francesca...Cybercrime, Digital Investigation and Public Private Partnership by Francesca...
Cybercrime, Digital Investigation and Public Private Partnership by Francesca...Tech and Law Center
 
AI and IoT - A New Era of Cybercrimes | Cyberroot Risk Advisory (CR Group)
AI and IoT - A New Era of Cybercrimes | Cyberroot Risk Advisory (CR Group)AI and IoT - A New Era of Cybercrimes | Cyberroot Risk Advisory (CR Group)
AI and IoT - A New Era of Cybercrimes | Cyberroot Risk Advisory (CR Group)CR Group
 
Cyber crime p pt
Cyber crime p ptCyber crime p pt
Cyber crime p ptHemant
 
Security and Privacy challenges of the Internet of Things (IoT) | Sysfore
Security and Privacy challenges of the Internet of Things (IoT) | SysforeSecurity and Privacy challenges of the Internet of Things (IoT) | Sysfore
Security and Privacy challenges of the Internet of Things (IoT) | SysforeSysfore Technologies
 
L12. Digital Forensics BS.pptx
L12. Digital Forensics BS.pptxL12. Digital Forensics BS.pptx
L12. Digital Forensics BS.pptxtalhajann43
 
Cyberfort syllabus & career
Cyberfort syllabus & careerCyberfort syllabus & career
Cyberfort syllabus & careerAmit Kumar
 
Cyberfort syllabus & career
Cyberfort syllabus & careerCyberfort syllabus & career
Cyberfort syllabus & careerAmit Kumar
 
The Internet Of Things ( Iot And The Internet
The Internet Of Things ( Iot And The InternetThe Internet Of Things ( Iot And The Internet
The Internet Of Things ( Iot And The InternetMichelle Singh
 
02_Security_Audit_-_Common_Cyber_Attacks_9.pdf
02_Security_Audit_-_Common_Cyber_Attacks_9.pdf02_Security_Audit_-_Common_Cyber_Attacks_9.pdf
02_Security_Audit_-_Common_Cyber_Attacks_9.pdfRakeshPatel583282
 

Semelhante a Protecting Data Privacy (20)

Irjet v5 i1268
Irjet v5 i1268Irjet v5 i1268
Irjet v5 i1268
 
Cyber crime and laws
Cyber crime and lawsCyber crime and laws
Cyber crime and laws
 
India and its wall of data security
India and its wall of data securityIndia and its wall of data security
India and its wall of data security
 
India and Its Wall of Data Security
India and Its Wall of Data SecurityIndia and Its Wall of Data Security
India and Its Wall of Data Security
 
How AI is impacting digital identity security.pdf
How AI is impacting digital identity security.pdfHow AI is impacting digital identity security.pdf
How AI is impacting digital identity security.pdf
 
Rise of cyber security v0.1
Rise of cyber security v0.1Rise of cyber security v0.1
Rise of cyber security v0.1
 
Team 3_Final Project.docx
Team 3_Final Project.docxTeam 3_Final Project.docx
Team 3_Final Project.docx
 
ISACA NA CACS 2012 Orlando session 414 Ulf Mattsson
ISACA NA CACS 2012 Orlando session 414 Ulf MattssonISACA NA CACS 2012 Orlando session 414 Ulf Mattsson
ISACA NA CACS 2012 Orlando session 414 Ulf Mattsson
 
Mitigating Cyber-Threat in the Financial Industry of Bangladesh using Biometr...
Mitigating Cyber-Threat in the Financial Industry of Bangladesh using Biometr...Mitigating Cyber-Threat in the Financial Industry of Bangladesh using Biometr...
Mitigating Cyber-Threat in the Financial Industry of Bangladesh using Biometr...
 
Cybercrime, Digital Investigation and Public Private Partnership by Francesca...
Cybercrime, Digital Investigation and Public Private Partnership by Francesca...Cybercrime, Digital Investigation and Public Private Partnership by Francesca...
Cybercrime, Digital Investigation and Public Private Partnership by Francesca...
 
Future of Internet.pptx
Future of Internet.pptxFuture of Internet.pptx
Future of Internet.pptx
 
AI and IoT - A New Era of Cybercrimes | Cyberroot Risk Advisory (CR Group)
AI and IoT - A New Era of Cybercrimes | Cyberroot Risk Advisory (CR Group)AI and IoT - A New Era of Cybercrimes | Cyberroot Risk Advisory (CR Group)
AI and IoT - A New Era of Cybercrimes | Cyberroot Risk Advisory (CR Group)
 
Cyber crime p pt
Cyber crime p ptCyber crime p pt
Cyber crime p pt
 
Security and Privacy challenges of the Internet of Things (IoT) | Sysfore
Security and Privacy challenges of the Internet of Things (IoT) | SysforeSecurity and Privacy challenges of the Internet of Things (IoT) | Sysfore
Security and Privacy challenges of the Internet of Things (IoT) | Sysfore
 
L12. Digital Forensics BS.pptx
L12. Digital Forensics BS.pptxL12. Digital Forensics BS.pptx
L12. Digital Forensics BS.pptx
 
Cyberfort syllabus & career
Cyberfort syllabus & careerCyberfort syllabus & career
Cyberfort syllabus & career
 
Cyberfort syllabus & career
Cyberfort syllabus & careerCyberfort syllabus & career
Cyberfort syllabus & career
 
The Internet Of Things ( Iot And The Internet
The Internet Of Things ( Iot And The InternetThe Internet Of Things ( Iot And The Internet
The Internet Of Things ( Iot And The Internet
 
02_Security_Audit_-_Common_Cyber_Attacks_9.pdf
02_Security_Audit_-_Common_Cyber_Attacks_9.pdf02_Security_Audit_-_Common_Cyber_Attacks_9.pdf
02_Security_Audit_-_Common_Cyber_Attacks_9.pdf
 
Emerging Threats to Digital Payments - Is Your Business Ready
Emerging Threats to Digital Payments - Is Your Business ReadyEmerging Threats to Digital Payments - Is Your Business Ready
Emerging Threats to Digital Payments - Is Your Business Ready
 

Mais de Directorate of Information Security | Ditjen Aptika

Mais de Directorate of Information Security | Ditjen Aptika (20)

Sosialisasi Keamanan Informasi_Sektor Kesehatan
Sosialisasi Keamanan Informasi_Sektor KesehatanSosialisasi Keamanan Informasi_Sektor Kesehatan
Sosialisasi Keamanan Informasi_Sektor Kesehatan
 
Sosialisasi Keamanan Informasi_Penyelenggaraan Telekomunikasi
Sosialisasi Keamanan Informasi_Penyelenggaraan TelekomunikasiSosialisasi Keamanan Informasi_Penyelenggaraan Telekomunikasi
Sosialisasi Keamanan Informasi_Penyelenggaraan Telekomunikasi
 
Sosialisasi Keamanan Informasi_Sektor Tranportasi
Sosialisasi Keamanan Informasi_Sektor TranportasiSosialisasi Keamanan Informasi_Sektor Tranportasi
Sosialisasi Keamanan Informasi_Sektor Tranportasi
 
Sosialisasi Keamanan Informasi_Bidang Perhubungan Udara
Sosialisasi Keamanan Informasi_Bidang Perhubungan UdaraSosialisasi Keamanan Informasi_Bidang Perhubungan Udara
Sosialisasi Keamanan Informasi_Bidang Perhubungan Udara
 
Sosialisasi Keamanan Informasi_Bidang Mineral dan Batubara
Sosialisasi Keamanan Informasi_Bidang Mineral dan BatubaraSosialisasi Keamanan Informasi_Bidang Mineral dan Batubara
Sosialisasi Keamanan Informasi_Bidang Mineral dan Batubara
 
Sosialisasi Keamanan Informasi_Bidang Ketenagalistrikan
Sosialisasi Keamanan Informasi_Bidang KetenagalistrikanSosialisasi Keamanan Informasi_Bidang Ketenagalistrikan
Sosialisasi Keamanan Informasi_Bidang Ketenagalistrikan
 
Sosialisasi Keamanan Informasi_Bidang Energi Baru, Terbarukan dan Konservasi ...
Sosialisasi Keamanan Informasi_Bidang Energi Baru, Terbarukan dan Konservasi ...Sosialisasi Keamanan Informasi_Bidang Energi Baru, Terbarukan dan Konservasi ...
Sosialisasi Keamanan Informasi_Bidang Energi Baru, Terbarukan dan Konservasi ...
 
Fetri Miftach_Uji publik rpm tata kelola
Fetri Miftach_Uji publik rpm tata kelolaFetri Miftach_Uji publik rpm tata kelola
Fetri Miftach_Uji publik rpm tata kelola
 
Hasyim Gautama_Tata kelola tik 20151118
Hasyim Gautama_Tata kelola tik 20151118Hasyim Gautama_Tata kelola tik 20151118
Hasyim Gautama_Tata kelola tik 20151118
 
Standar rujukan keamanan informasi sub sektor perangkat telekomunikasi
Standar rujukan keamanan informasi sub sektor perangkat telekomunikasiStandar rujukan keamanan informasi sub sektor perangkat telekomunikasi
Standar rujukan keamanan informasi sub sektor perangkat telekomunikasi
 
Diskusi Publik RPM Perangkat Lunak Sistem Elektronik_I Made Wiryawan
Diskusi Publik RPM Perangkat Lunak Sistem Elektronik_I Made WiryawanDiskusi Publik RPM Perangkat Lunak Sistem Elektronik_I Made Wiryawan
Diskusi Publik RPM Perangkat Lunak Sistem Elektronik_I Made Wiryawan
 
Diskusi Publik RPM Perangkat Lunak Sistem Elektronik_Junior Lazuardi
Diskusi Publik RPM Perangkat Lunak Sistem Elektronik_Junior LazuardiDiskusi Publik RPM Perangkat Lunak Sistem Elektronik_Junior Lazuardi
Diskusi Publik RPM Perangkat Lunak Sistem Elektronik_Junior Lazuardi
 
Diskusi Publik RPM Perangkat Lunak Sistem Elektronik_DR Hasyim Gautama
Diskusi Publik RPM Perangkat Lunak Sistem Elektronik_DR Hasyim GautamaDiskusi Publik RPM Perangkat Lunak Sistem Elektronik_DR Hasyim Gautama
Diskusi Publik RPM Perangkat Lunak Sistem Elektronik_DR Hasyim Gautama
 
Teguh arifiyadi ls skse
Teguh arifiyadi ls skseTeguh arifiyadi ls skse
Teguh arifiyadi ls skse
 
Konny sagala skema kelaikan se
Konny sagala skema kelaikan seKonny sagala skema kelaikan se
Konny sagala skema kelaikan se
 
Intan rahayu tata cara sertifikasi kelaikan sistem elektronik
Intan rahayu tata cara sertifikasi kelaikan sistem elektronikIntan rahayu tata cara sertifikasi kelaikan sistem elektronik
Intan rahayu tata cara sertifikasi kelaikan sistem elektronik
 
Uji Publik RPM SMPI Fetri Miftah
Uji Publik RPM SMPI Fetri MiftahUji Publik RPM SMPI Fetri Miftah
Uji Publik RPM SMPI Fetri Miftah
 
RPM SMPI 20150805 Hasim Gautama
RPM SMPI 20150805 Hasim GautamaRPM SMPI 20150805 Hasim Gautama
RPM SMPI 20150805 Hasim Gautama
 
SNI ISO 27001 Anwar Siregar
SNI ISO 27001 Anwar SiregarSNI ISO 27001 Anwar Siregar
SNI ISO 27001 Anwar Siregar
 
RPM SMPI
RPM SMPIRPM SMPI
RPM SMPI
 

Último

Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsRavi Sanghani
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterMydbops
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Scott Andery
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Farhan Tariq
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Strongerpanagenda
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI AgeCprime
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesThousandEyes
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demoHarshalMandlekar2
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rick Flair
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 

Último (20)

Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and Insights
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL Router
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI Age
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demo
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 

Protecting Data Privacy

  • 1. Protecting Data Privacy: Perlindungan Data Pribadi Pengguna Sistem Elektronik RUDI LUMANTO -ID-SIRTII- 10 October 2012 Indonesia Information Security Forum (IISF 2012) Hotel Hilton, Bandung, Indonesia
  • 2. The moderns thief can steal more with a computer than a gun
  • 3. Bad guys tend to go where the masses go
  • 4. Defining Privacy  According to Ruth Gavison (Law and Human Right Professor), there are three elements in privacy: secrecy, anonymity and solitude. It is a state which can be lost, whether through the choice of the person in that state or through the action of another person  The Calcutta Committee in the United Kingdom said that, "nowhere have we found a wholly satisfactory statutory definition of privacy." But the committee was satisfied that it would be possible to define it legally and adopted this definition in its first report on privacy:  The right of the individual to be protected against intrusion into his personal life or affairs, or those of his family, by direct physical means or by publication of information
  • 5. Data Privacy : what is to be protect ?  What is actually personal data? personal data means any information concerning commercial transactions stored or recorded and which can be managed automatically or as a file system (Under Section 4 of the PDPA Malaysia)  Generally, personal data has a very wide scope, covering sensitive and personal information such as blood type, health records and descriptions, political and religious beliefs, mental or physical conditions, or any other data needed by the authority from time to time.  Normal personal data also involves details on bank accounts, credit cards, telecommunication links like telephone or any other information stipulated by the minister under the PDPA from time to time.  When you purchase an item online : ◦ your credit card data is online as well. ◦ Your banking activities precipitate the storage, retrieval as well as the movement of your credit and debit records Reff : Protecting your personal data By DATUK SERI DR RAIS YATIM
  • 6. What is to be mentioned ?  on the rights and liabilities pertaining to information;  protection of information from unlawful use;  the right to information;  the status of information belonging to individuals and  the overall issues pertaining to the future of online trade and commerce using other people’s data. Reff : Protecting your personal data By DATUK SERI DR RAIS YATIM
  • 7. How to protect ?  Organizationally  Tecnologically : Encryption, PKI, e-ID etc  Legally  Socially : mindset and habit ◦ Kompetisi Cyber Jawara (ID-SIRTII) ◦ Amazing drill test ◦ Forensic dan anti forensic ◦ Seminar Indonesia cyber army – Aptikom ◦ dll
  • 8. Lesson Learned from Malaysia  The Personal Data Protection Act 2010 (PDPA) is one of the cyber legislations aimed at regulating the processing of personal data in commercial transactions.  The Act was passed by Parliament in May 2010 and the Personal Data Protection Department was created a year later  While the PDPA functions in the commercial environment, abuse of telephony communication networks or other channels through violations of personal data are also closely associated with the Communications and Multimedia Act (CMA) 1998.  For example, a person who intentionally infiltrates and gets without permission any information, including data through telephony or other means of communications under S.234 of the CMA, can be jailed up to one year or fined up to RM50,000 or both, if convicted. Reff : Protecting your personal data By DATUK SERI DR RAIS YATIM
  • 9. Cyber threat to data privacy  Low of security awareness of internet users (non obscurity model)  Vulnerabilties  Social engineering  So many free tools and techniques for retrieving information (search engines, crawling techniques etc)  Malware E-KTP  180 juta an data penduduk !!!
  • 10. SOCIAL ENGINEERING the strength of a chain depends on the weakest link  The art of manipulating people into performing actions or divulging confidential information.  Exploiting Human Vulnerabilities.  A non-technical kind of intrusion that relies heavily on human interaction
  • 11. Malware threats • Symantec blocked a total of over 5.5 billion malware attacks in 2011, an 81% increase over 2010. • Web based attacks increased by 36% with over 4,500 new attacks each day. • 403 million new variants of malware were created in 2011, a 41% increase of 2010. • 39% of malware attacks via email used a link to a web page. Reff: norton symanted security threat report 2011
  • 12. Last but not least
  • 13. Indonesia Internet Profile YEAR INTERNET USER 2000 2 Million 2006 20 Million 2007 25 Million 2008 31 Million 2009 40.4 Million 2010 48,7 Million 2011 55 Million Source : IDC, PT Telkom, Nokia Siemens Network. User growth within 10 years, 2600 % increase !!!
  • 14. Indonesia Internet Profile : the Value is Increase !!  The value of trade transactions conducted via the Internet or online this year(2011) is estimated to reach U.S. $ 4.1 billion, growing at about 20.5% of the value of online transactions in the last year. Indonesian People communicate differently today, people do transaction and trade differently today, and it drives today's threats and crime !!
  • 15. Indonesia Securitiy : Sep 2012 incidents N 160 Webiste Count 141 o 140 129 1 .go.id 141 .go.id 2 .sch.id 129 120 103 .sch.id 3 .web.id 103 100 95 .web.id 4 .ac.id 95 81 .ac.id 80 5 .co.id 81 .co.id 6 .or.id 30 60 .or.id 7 .mil.id .mil.id 20 40 30 .net.id 8 .net.id 0 20 Jumlah 20 0 Deface .id 599 0 Grafik Insiden September 2012
  • 16. Indonesia Security : incidents 2012 700 600 web.id 500 co.id 400 go.id 300 ac.id or.id 200 sch.id 100 mil.id 0 net.id
  • 17. Indonesia Security : incidents 2012 Top 5 Events Top % Ports
  • 18. SAMPLE BIG CASE  (2012) Aneka Tambang (ANTAM) Tbk data leak. PT ANTAM (Persero) Tbk. Antam is a vertically integrated, export-oriented, diversified mining and metals company. Land mines data leak caused by internal employee  (2012) Telco Operator customer data leak, hundreds of customer email id and passwd leaks, caused by external intrusion.  (2011) 25 million customer data leak from Telco Operator that cause many spam emails
  • 19. Thank you Contact ID-SIRTII : http://www.id-sirtii.or.id email : info@id-sirtii.or.id TEL : 021-319305556