Hello, Igniters!

Last Saturday, precisely on the 14^thof September 2019, a COMPFEST seminar titled “Cybersecurity: How Secure and Valuable is Your Data?” was held at Dr. Indro Suwandi Auditorium, Faculty of Computer Science, Universitas Indonesia. The speaker at the seminar was Muhammad Endhy Aziz, a Cybersecurity Specialist at the National Cyber and Cryptography Agency.

Muhammad Endhy Aziz has several Professional Certifications. Including Certified Information System Security Professional (CISSP) in 2016, International Software Testing Qualifications Board (ISTQB) Certified Tester in 2017, EC-Council Certified Incident Handler (ECIH) in 2018, Computer Hacking Forensic Investigator (CHFI) in 2018, and Certified Ethical Hacker (CEH) in 2018.

He has a lot of experience in the Cybersecurity field. He was a member of the cryptographic research and development team at Lembaga Sandi Negara in 2008-2012. He was the team leader at the Indonesian Government e-procurement public key infrastructure project at Lembaga Sandi Negarain 2013-2014. He was the team leader at the Indonesian Government public key infrastructure project at Lembaga Sandi Negarain 2015 – 2016. And from 2017 ‘til now, he’s working as a Cybersecurity Specialist – CSIRT Development at the National Cyber and Cryptography Agency. As a Cybersecurity Specialist, he is responsible for developing incident readiness, as well as procedures and protocols for various incident management functional elements for critical information infrastructures.

The main topics of the seminar were about cybersecurity and cybercrime. Cybersecurity is the practice of protecting systems, networks, and programs from digital attacks. These attacks are usually aimed at accessing, changing, or destroying sensitive information, extorting money from users, or interrupting normal business processes. A successful cybersecurity approach has multiple layers of protection spread across the computers, networks, programs, or data that one intends to keep safe.

Cybercrime is defined as a crime in which a computer is the object of the crime (hacking, phishing, spamming) or is used as a tool to commit an offense (child pornography, hate crimes). Cybercriminals may use computer technology to access personal information, business trade secrets or use the internet for exploitative or malicious purposes.

Last but not least, the speaker told us about cyber hygiene. Cyber hygiene is a colloquial term that refers to best practices and other activities that computer system administrators and users can undertake to improve their cybersecurity while engaging in common online activities.

Here are some cyber hygiene best practices:

1. Ensuring that routers and firewalls are installed and properly configured.
2. Updating both “white lists” (authorized users) and “blacklists” (unauthorized users), and enforcing compartmentalized (“need to know”) user permissions for authorized users.
3. Ensuring that all anti-virus (AV), spam-ware, and other anti-malware protection software is properly installed and configured.
4. Updating all Operating System (OS), application software, web browsers, and firmware with latest security patches.
5. Enforcing strong password rules and 2-Factor/Multi-Factor Authorization (2FA/MFA) procedures.
6. Ensuring that all computer networks are physically segmented with secure routers and active firewalls between segments.

Don’t forget to keep up with us through our social media on Twitter and Instagram @COMPFEST, and our main site http://www.compfest.id. (Editorial Marketing/Diva).