Ask The Financial Services Sector To Be Alert For Cyberattacks, BSSN Disburses Eight Things To Do
JAKARTA - The National Cyber and Crypto Agency (BSSN) revealed that in a day there were 124,000 cyber attacks on financial sector players throughout 2022.
Deputy for Cyber Security and Crypto of Finance, Trade and Tourism BSSN Edit Prima asked financial sector players, especially banks, to implement cyber security properly in accordance with the best practices set by Bank Indonesia (BI), the Financial Services Authority (OJK) and BSSN since 2016 through the G7 state forum.
"In principle, there are eight things that financial sector players must do which are divided into two sides. One time before the incident occurred and secondly after or when there was a cyber attack incident," said Edit when speaking at a sharing session in Jakarta, Friday, November 25.
Edit explained, the first step is to establish a cyber security strategy and framework. Second, prepare governance related to who is responsible for being accompanied by his duties and must receive support from organizational leaders. The three assessments and control risks.
"The financial sector must carry out risk assessment and control aimed at controlling cyber risks," he added.
Fourth, monitor for 24 hours to be able to detect how cyber attacks can sometimes not be anticipated. "After this, is it guaranteed safe? No. Attacks will always come and the most important thing is how we implement governance in terms of incident response," continued Edit.
Fifth, the financial sector can implement governance in terms of incident response. Sixth, how can you recover as quickly as possible.
Seventh, sharing information between financial institutions. According to him, this is the most important because the experience of institution one can be a lesson for other institutions.
"The most important point is number seven. Although cyber attacks are often considered a disgrace even though there is as much information sharing as possible. As much as possible the association can encourage information sharing," said Edit.
Eighth, through sharing information, financial institutions can evaluate and learn sustainably so that the same thing does not happen again in the future.
"The results of information sharing can be our material for the learning process so that in the future the security process can be better implemented," he concluded.