Practical Implementation of Information Security Management in the Energy Sector Insights from An Oil and Gas Organization in Indonesia

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

1 Citation (Scopus)

Abstract

Information security is considered as an important facet of IT management in the energy industry, which ranks as the top five targets of cyber-attacks around the world, including in Indonesia. In this case-study action research, we unrevealed the way an organization in the oil and gas industry improve its information security management up to par to that of ISO 27001:2013. Data was gathered by means of a series of FGDs in which the researchers were actively involved as a team member. This research clarified the steps undertook, from the generation of risk registers, its mitigation, and the development of SOA. Furthermore, a gap analysis of the organization's current condition compared with the standards of ISO 27001:2013 was analyzed. Finally, a set of recommendations was offered to improve the organization's information security management in order to meet to standards of ISO27001:2013.

Original languageEnglish
Title of host publication2018 International Workshop on Big Data and Information Security, IWBIS 2018
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages159-163
Number of pages5
ISBN (Electronic)9781538655252
DOIs
Publication statusPublished - 24 Sept 2018
Event2018 International Workshop on Big Data and Information Security, IWBIS 2018 - Balai Kartini, Jakarta, Indonesia
Duration: 12 May 201813 May 2018

Publication series

Name2018 International Workshop on Big Data and Information Security, IWBIS 2018

Conference

Conference2018 International Workshop on Big Data and Information Security, IWBIS 2018
Country/TerritoryIndonesia
CityBalai Kartini, Jakarta
Period12/05/1813/05/18

Keywords

  • Energy
  • ISO 27001
  • Information security
  • Information security management
  • Oil and Gas

Fingerprint

Dive into the research topics of 'Practical Implementation of Information Security Management in the Energy Sector Insights from An Oil and Gas Organization in Indonesia'. Together they form a unique fingerprint.

Cite this