Main Article Content

Abstract

Insiden kebocoran data di Pusat Data Nasional Sementara 2 (PDNS 2) Surabaya menunjukkan pentingnya penerapan budaya keamanan siber yang efektif dalam sebuah organisasi. Penelitian ini bertujuan untuk menganalisis dampak kebocoran data PDNS 2 Surabaya melalui pendekatan Matriks Budaya Keamanan Siber yang dan Matriks Dimensi Budaya Nasional Hofstede dengan data sampel berita yang diperoleh secara online. Tanggal publikasi beritanya adalah 26 Juni 2024 - 10 Juli 2024. Keterbatasan penelitian ini terletak pada sumber data yang hanya berasal dari berita online. Implikasi manajerial diberikan dari aspek manajemen puncak dan karyawan. Kesimpulan penelitian ini diuraikan dari aspek: (1) Kebutuhan akan peningkatan kesadaran dan pendidikan keamanan; (2) pentingnya penerapan dan kepatuhan terhadap kebijakan keamanan; (3) respons cepat dan efektif terhadap insiden; (4) pengembangan proses pemulihan dan backup data yang kuat; (5) orientasi jangka panjang dalam pengelolaan keamanan informasi; serta (6) penegakan disiplin dan pengendalian internal.

Keywords

kebocoran data PDNS 2 Surabaya budaya keamanan siber dimensi budaya nasional Hofstede keamanan informasi

Article Details

Author Biographies

Fikri Irfan Adristi, Universitas Islam Indonesia

Fikri Irfan Adristi is a Managing Editor at Selekta Manajemen: Jurnal Mahasiswa Bisnis & Manajemen. He has research interests including:
`1.Algorithmic Trading
2.Econometrics & Machine Learning
3.Financial Economics
4.Political Economics

Erika Ramadhani, Universitas Islam Indonesia

Erika Ramadhani is an ordinary person who loves IT and Digital Forensics. She has been a lecturer at the Informatics Department of Universitas Islam Indonesia since 2010. Her research interests are in computer systems and networks, computer security, and digital forensics. Apart from being a lecturer, she also enjoys learning languages, such as French and Arabic.

How to Cite
Adristi, F. I., & Ramadhani, E. (2024). Analisis Dampak Kebocoran Data Pusat Data Nasional Sementara 2 (PDNS 2) Surabaya: Pendekatan Matriks Budaya Keamanan Siber dan Dimensi Budaya Nasional Hofstede. Selekta Manajemen: Jurnal Mahasiswa Bisnis & Manajemen, 2(6), 196–212. Retrieved from https://journal.uii.ac.id/selma/article/view/35529

References

  1. Ahlan, A.R., Lubis, M. dan Lubis, A.R. (2015) “Information Security Awareness at the Knowledge-Based Institution: Its Antecedents and Measures,” in Procedia Computer Science. Amsterdam: Elsevier B.V., hal. 361–373. Tersedia pada: https://doi.org/10.1016/j.procs.2015.12.151.
  2. AlHogail, A. (2015) “Design and validation of information security culture framework,” Computers in Human Behavior, 49, hal. 567–575. Tersedia pada: https://doi.org/10.1016/j.chb.2015.03.054.
  3. Ali, T., Al-Khalidi, M. dan Al-Zaidi, R. (2024) “Information Security Risk Assessment Methods in Cloud Computing: Comprehensive Review,” Journal of Computer Information Systems, hal. 1–28. Tersedia pada: https://doi.org/10.1080/08874417.2024.2329985.
  4. Alraja, M.N., Butt, U.J. dan Abbod, M. (2023) “Information security policies compliance in a global setting: An employee’s perspective,” Computers & Security, 129, hal. 103208. Tersedia pada: https://doi.org/10.1016/j.cose.2023.103208.
  5. Alvarez-Dionisi, L.E. dan Urrego-Baquero, N. (2019) “Implementing a Cybersecurity Culture,” ISACA JOURNAL, 2, hal. 1–6. Tersedia pada: https://www.isaca.org/resources/isaca-journal/issues/2019/volume-2/implementing-a-cybersecurity-culture.
  6. Anggraeni, R. (2024a) DPR Sesali Bertahun-tahun PDNS 2 Tidak Punya Data Cadangan (Backup), Bisnis Tekno. Diedit oleh Leo Dwi Jatmiko. Tersedia pada: https://teknologi.bisnis.com/read/20240627/101/1777675/dpr-sesali-bertahun-tahun-pdns-2-tidak-punya-data-cadangan-backup (Diakses: 24 Juli 2024).
  7. Anggraeni, R. (2024b) Server PDNS Down, BSSN Lakukan Audit Digital Forensik, Bisnis Tekno. Tersedia pada: https://teknologi.bisnis.com/read/20240627/101/1777617/server-pdns-down-bssn-lakukan-audit-digital-forensik (Diakses: 24 Juli 2024).
  8. Aranditio, S. (2024) Terdampak Peretasan PDN, Apa yang Harus Dilakukan Mahasiswa Penerima Beasiswa KIP Kuliah?, Kompas.id. Tersedia pada: https://www.kompas.id/baca/humaniora/2024/07/01/kemendikbudristek-pastikan-data-pokok-pendidikan-aman-dari-peretasan-pdn (Diakses: 24 Juli 2024).
  9. Ashraf, S. (2005) “Organization Need and Everyone’s Responsibility Information Security Awareness.” SANS Institute, hal. 21. Tersedia pada: https://www.giac.org/paper/gsec/4340/organization-everyones-responsibility-information-security-awareness/107113#:~:text=Information Security Awareness is user’s,like confidentiality%2C integrity and availability.
  10. Ayanwale, M.A. et al. (2023) “A Structural Equation Approach and Modelling of Pre-service Teachers’ Perspectives of Cybersecurity Education,” Education and Information Technologies [Preprint]. Tersedia pada: https://doi.org/10.1007/s10639-023-11973-5.
  11. Bhagat, S. dan Pravin, D.P. (2023) “Cybersecurity Awareness and Adaptive Behavior: Does Prior Exposure Lead to Adaptive Behavior?,” in AMCIS 2023 Proceedings. Panama City: AIS Electronic Library (AISel), hal. 23.
  12. Bloomberg Technoz (2024) Kelalaian Tata Kelola Pusat Data (PDN), Minta Maaf Tak Cukup, Bloomberg Technoz. Tersedia pada: https://www.bloombergtechnoz.com/detail-news/42718/kelalaian-tata-kelola-pusat-data-pdn-minta-maaf-tak-cukup (Diakses: 24 Juli 2024).
  13. CNN Indonesia (2024a) Imbas Peretasan PDNS, Pemerintah Godok Aturan Kewajiban Backup Data, CNN Indonesia. Tersedia pada: https://www.cnnindonesia.com/teknologi/20240710091916-192-1119505/imbas-peretasan-pdns-pemerintah-godok-aturan-kewajiban-backup-data (Diakses: 24 Juli 2024).
  14. CNN Indonesia (2024b) Insiden Peretasan PDNS 2, Pakar Sorot Kualitas SDM Indonesia, CNN Indonesia. Tersedia pada: https://www.cnnindonesia.com/teknologi/20240626110919-192-1114286/insiden-peretasan-pdns-2-pakar-sorot-kualitas-sdm-indonesia (Diakses: 24 Juli 2024).
  15. CNN Indonesia (2024c) Update Kasus PDNS 2: Brain Cipher Minta Maaf, Dirjen Aptika Mundur, CNN Indonesia. Tersedia pada: https://www.cnnindonesia.com/teknologi/20240705142613-192-1117995/update-kasus-pdns-2-brain-cipher-minta-maaf-dirjen-aptika-mundur/2 (Diakses: 24 Juli 2024).
  16. D’Arcy, J., Hovav, A. dan Galletta, D. (2009) “User Awareness of Security Countermeasures and Its Impact on Information Systems Misuse: A Deterrence Approach,” Information Systems Research, 20(1), hal. 79–98. Tersedia pada: https://doi.org/10.1287/isre.1070.0160.
  17. EC-Council (2022) Ethical Hacking and Countermeasures Academia Series Version 12. Albuquerque: EC-Council New Mexico.
  18. Fadilah, K. (2024) Pemerintah Bakal Siapkan 4 Lapis Backup Data Usai PDNS Diretas, detikNews. Tersedia pada: https://news.detik.com/berita/d-7417288/pemerintah-bakal-siapkan-4-lapis-backup-data-usai-pdns-diretas (Diakses: 24 Juli 2024).
  19. Hadyan, R. (2024) Password Disebar Karyawan Picu Serangan Siber ke PDNS 2, Bagaimana Mitigasinya?, Investor Trust. Diedit oleh F.F.S. Putra. Tersedia pada: https://investortrust.id/news/password-disebar-karyawan-picu-serangan-siber-ke-pdns-2-bagaimana-mitigasinya (Diakses: 24 Juli 2024).
  20. Harper, J.W. (2023) “Cybersecurity: A review of human-based behavior and best practices to mitigate risk.” MACON: School of Computing Faculty of Middle Georgia State University, hal. 1–9. Tersedia pada: https://comp.mga.edu/static/media/doctoralpapers/2023_Harper_0516152313.pdf.
  21. Hofstede, G., Hofstede, G.J. dan Minkov, M. (2010) Cultures and Organizations Software of The Mind: Intercultural Cooperation and Its Importance for Survival. The McGraw-Hill Companies, Inc.
  22. Hofstede, G. dan Minkov, M. (2010) “Long- versus short-term orientation: new perspectives,” Asia Pacific Business Review, 16(4), hal. 493–504. Tersedia pada: https://doi.org/10.1080/13602381003637609.
  23. Katsantonis, M.N. et al. (2023) “Cyber range design framework for cyber security education and training,” International Journal of Information Security, 22(4), hal. 1005–1027. Tersedia pada: https://doi.org/10.1007/s10207-023-00680-4.
  24. Kure, E. (2024) Peretasan PDNS 2 Diduga Ulah Oknum Karyawan Lintasarta, Berhenti Kerja Agustus 2021 dan Mulai Bocorkan Data 11 Oktober 2022, Berita Satu. Diedit oleh AD. Tersedia pada: https://www.beritasatu.com/ekonomi/2827333/peretasan-pdns-2-diduga-ulah-oknum-karyawan-lintasarta-berhenti-kerja-agustus-2021-dan-mulai-bocorkan-data-11-oktober-2022 (Diakses: 24 Juli 2024).
  25. Kwon, R. et al. (2020) “Cyber Threat Dictionary Using MITRE ATT&CK Matrix and NIST Cybersecurity Framework Mapping,” in 2020 Resilience Week (RWS). Salt Lake: IEEE, hal. 106–112. Tersedia pada: https://doi.org/10.1109/RWS50334.2020.9241271.
  26. Luthfiani, D. (2024) Peretas Pusat Data Nasional Minta Tebusan Rp 131 Miliar, Tempo. Diedit oleh R. Paraqbueq. Tersedia pada: https://nasional.tempo.co/read/1883534/peretas-pusat-data-nasional-minta-tebusan-rp-131-miliar (Diakses: 24 Juli 2024).
  27. Merriam, S.B. (2009) Qualitative Research A Guide to Design and Implementation. San Francisco: Jossey-Bass. Tersedia pada: https://www.wiley.com/en-us/Qualitative+Research%3A+A+Guide+to+Design+and+Implementation%2C+4th+Edition-p-9781119003618.
  28. Mikuletič, S. et al. (2024) “Security and privacy oriented information security culture (ISC): Explaining unauthorized access to healthcare data by nursing employees,” Computers & Security, 136, hal. 103489. Tersedia pada: https://doi.org/10.1016/j.cose.2023.103489.
  29. Molle, S.S. et al. (2024) “Pengaruh Dimensi Budaya Nasional Hofstede terhadap Kinerja Pegawai dalam Pengelolaan Keuangan di Pemerintah Kota Kupang,” Jurnal Ilmiah Universitas Batanghari Jambi, 24(2), hal. 1683–1691. Tersedia pada: http://ji.unbari.ac.id/index.php/ilmiah/article/view/4963.
  30. Niemimaa, M. (2024) “Incorrect Compliance and Correct Noncompliance with Information Security Policies: A Framework of Rule-Related Information Security Behaviour,” Computers & Security, hal. 103986. Tersedia pada: https://doi.org/10.1016/j.cose.2024.103986.
  31. Oltsik, J. (2024) Improving cybersecurity culture: A priority in the year of the CISO, CSO. Tersedia pada: https://www.csoonline.com/article/1298541/improving-cybersecurity-culture-a-priority-in-the-year-of-the-ciso.html#:~:text=“The concept of cybersecurity culture,people’s behavior with information technologies. (Diakses: 24 Juli 2024).
  32. Pratiwi, M.I. (2017) IMPLEMENTASI GAYA KEPEMIMPINAN PATERNALISTIK (STUDI KASUS PT JASA RAHARJA PERSERO CABANG JAWA TENGAH). Universitas Diponegoro. Tersedia pada: https://repofeb.undip.ac.id/9649/.
  33. Puspitasari, D. (2024) Tata Kelola PDN Kacau, Harus Sanksi Tak Cuma Minta Maaf, KABARBURSA.COM. Tersedia pada: https://www.kabarbursa.com/berita-pilihan/63443/tata-kelola-pdn-kacau-harus-sanksi-tak-cuma-minta-maaf (Diakses: 24 Juli 2024).
  34. Rahmawati, D. (2024) BSSN Jelaskan Upaya Pulihkan Layanan Imigrasi Usai PDNS Kena Ransomware, detikNews. Tersedia pada: https://news.detik.com/berita/d-7412027/bssn-jelaskan-upaya-pulihkan-layanan-imigrasi-usai-pdns-kena-ransomware (Diakses: 24 Juli 2024).
  35. Rochman, F. (2024) Dirjen Aptika mundur setelah insiden serangan siber terhadap PDNS 2, Antara Kuala Lumpur. Diedit oleh V.P. Setyorini. Antara. Tersedia pada: https://kl.antaranews.com/berita/26115/dirjen-aptika-mundur-setelah-insiden-serangan-siber-terhadap-pdns-2 (Diakses: 24 Juli 2024).
  36. Saeed, S. (2023) “Education, Online Presence and Cybersecurity Implications: A Study of Information Security Practices of Computing Students in Saudi Arabia,” Sustainability, 15(12), hal. 9426. Tersedia pada: https://doi.org/10.3390/su15129426.
  37. Safitri, E. (2024) Jokowi Perintahkan BPKP Audit Pusat Data Nasional Buntut Peretasan, detikNews. Tersedia pada: https://news.detik.com/berita/d-7414588/jokowi-perintahkan-bpkp-audit-pusat-data-nasional-buntut-peretasan (Diakses: 24 Juli 2024).
  38. Sari, D.R. dan Dirgahayu, T. (2017) “Adopsi Theory of Planned Behavior Untuk Pengembangan Model Pengaruh Budaya Terhadap Penggunaan E-Commerce,” Jurnal Buana Informatika, 8(2), hal. 67–76. Tersedia pada: https://ojs.uajy.ac.id/index.php/jbi/article/view/1078.
  39. Tenzin, S., McGill, T. dan Dixon, M. (2024) “An Investigation of the Factors That Influence Information Security Culture in Government Organizations in Bhutan,” Journal of Global Information Technology Management, 27(1), hal. 37–62. Tersedia pada: https://doi.org/10.1080/1097198X.2023.2297634.
  40. Tsoeu, M.A. dan da Veiga, A. (2022) “A Cyber4Dev Security Culture Model,” in T. Guarda, F. Portela, dan M.F. Augusto (ed.) Advanced Research in Technologies, Information, Innovation and Sustainability. ARTIIS 2022. Communications in Computer and Information Science. Cham: Springer Nature Switzerland, hal. 339–351. Tersedia pada: https://link.springer.com/chapter/10.1007/978-3-031-20316-9_26.
  41. Wakang, A.A. (2024) Beranda Nasional PDNS Diretas, PPI Dunia Sarankan Buat Simulasi Rutin Kesiapan Hadapi Serangan Siber, Tempo. Diedit oleh I. Hamdi. Tersedia pada: https://nasional.tempo.co/read/1886811/pdns-diretas-ppi-dunia-sarankan-buat-simulasi-rutin-kesiapan-hadapi-serangan-siber.
  42. Wardani, D.K. dan Nurainun’nisa, N. (2024) “Analisis Perilaku Kecurangan Akademik Pada Mahasiswa Akuntansi Menggunakan Konsep Budaya Hofstede,” Relasi: Jurnal Ekonomi, 20(1), hal. 44–58. Tersedia pada: http://jurnal.itsm.ac.id/index.php/relasi/article/view/698.