View
233
Download
0
Category
Preview:
Citation preview
SMART CITY & SMART HEALTH
Prof Suhono Harso Supangkat
Ketua Asosiasi Prakarsa Indonesia Cerdas APIC
www.apic.city suhono@stei.itb.ac.id
27
/05
/20
17
1
Masalah Perkotaan Global
• Pada tahun 2008, populasi perkotaan global melebihi populasi pedesaan untuk pertama kalinya (Seto et al., 2008)
• Tren urbanisasi menyebabkan meningkatnya kebutuhan energi, layanan limbah dan air di dalam dan di sekitar kota dan juga menuntut penanganan masalah lingkungan yang lebih banyak (Nevens et al., 2013)
Masalah Perkotaan di Indonesia
• Populasi perkotaan pada tahun 2015 sebesar 53,3% telah melebihi populasi pedesaan (bps.go.id)
• Urbanisasi menyebabkan konversi lahan yang luas dari daerah pertanian ke kawasan industri atau dari kawasan konservasi air ke jalan, menciptakan masalah lingkungan (Firman, 2000)
• Munculnya beberapa masalah perkotaan SMA
RT
HO
SPIT
AL
, HE
AL
TH
CA
RE
AN
D S
MA
RT
CIT
Y
Ekosistem
Kota sebagai sebuah ekosistem semakin lama menjadi semakin kompleks / rumit
Pertumbuhan entitas hidup (manusia) sangat cepat,
interaksi dan arus informasi melonjak dan
keterbatasan infrastruktur fisik yang tidak dapat mendukung semua kebutuhan.
27
/05
/20
17
2
DEFINISI KOTA
Infrastruktur Fisik
Entitas Kehidupan
Interaksi
Informasi
SMA
RT
HO
SPIT
AL
, HE
AL
TH
CA
RE
AN
D S
MA
RT
CIT
Y
EFEK URBANISASI & MASALAH PERKOTAAN
27
/05
/20
17
3
SMA
RT
HO
SPIT
AL
, HE
AL
TH
CA
RE
AN
D S
MA
RT
CIT
Y
GLOBAL GOALS FOR SUSTAINABLE DEVELOPMENT
Perserikatan Bangsa-Bangsa, pada tahun 2015 telah menyetujui tujuan Global yang
berlabel SDG's the Sustainable Development Goals untuk menggantikan Millennium
Development Goals yang disepakati pada tahun 2000
17 sasaran dan 169 target mencakup bidang seperti kemiskinan, kesehatan masyarakat,
lingkungan, pendidikan dan keadilan.
Upaya untuk mencapai target SDG harus berjalan seiring dengan rencana yang
membangun pertumbuhan ekonomi dan menangani berbagai kebutuhan sosial
termasuk kesehatan, pendidikan, perubahan iklim dan ketidaksetaraan.
27
/05
/20
17
4
SMA
RT
HO
SPIT
AL
, HE
AL
TH
CA
RE
AN
D S
MA
RT
CIT
Y
Permasalahan Perkotaan
Solusi Konvensional
Solusi “CERDAS”
SMART SOLUTION 27
/05
/20
17
5
What (description)
Why (diagnosis)
What will happen
(prediction)
What should we do
(prescription)
Sensing Understanding Acting
Solusi konvensional tidak dapat memecahkan permasalahan kota yang semakin kompleks. Oleh karena itu, diperlukan SMART SOLUTION
Contoh: Membangun lebih banyak Rumah Sakit, Menyediakan Dokter “yang berkualitas” akan Memerlukan Waktu dan Usaha serta Sumber Daya yang besar Smart Solution: Connect
SMA
RT
HO
SPIT
AL
, HE
AL
TH
CA
RE
AN
D S
MA
RT
CIT
Y
DEFINISI KOTA CERDAS (SMART CITY)
Kota yang dapat mengelola berbagai sumber dayanya (alam, manusia, waktu, teknologi dan lain-lain) secara efektif, efisien dan berkelanjutan untuk menyelesaikan berbagai tantangan kota menggunakan solusi inovatif dan terintegrasi untuk memberikan pelayanan kota yang dapat meningkatkan kualitas hidup warganya
27
/05
/20
17
SM
AR
T H
OSP
ITA
L, H
EA
LT
H C
AR
E A
ND
SM
AR
T C
ITY
6
7
KOTA CERDAS BUKAN SEKADAR ADOPSI TEKNOLOGI
27
/05
/20
17
MENJADI CERDAS TANPA MENINGGALKAN KEARIFAN LOKAL
SMA
RT
HO
SPIT
AL
, HE
AL
TH
CA
RE
AN
D S
MA
RT
CIT
Y
Cepat tanggap terhadap penanganan permasalahan kota
Kemampuan untuk menerapkan kreativitas dalam rangka
pemecahan masalah dan menemukan peluang
Berdaya saing
KARAKTERISTIK KOTA CERDAS 27
/05
/20
17
8
SMA
RT
HO
SPIT
AL
, HE
AL
TH
CA
RE
AN
D S
MA
RT
CIT
Y
CIRI-CIRI PENTING KOTA CERDAS
Peningkatan kualitas hidup
Layanan Kota
Solusi Inovatif dan terintegrasi untuk
mengantisipasi kecepatan pertumbuhan
masalah perkotaan
Efektif dan Efisien Berkelanjutan Mengelola (penerapan
manajemen)
27
/05
/20
17
SM
AR
T H
OSP
ITA
L, H
EA
LT
H C
AR
E A
ND
SM
AR
T C
ITY
9
SMART CITY & DIGITALISASI
Sense
Understand
Act
27
/05
/20
17
10
1. Dalam smart city, setiap elemen kota dapat menghasilkan solusi yang tepat untuk tiap masalah yang ditemui.
2. Solusi yang tepat dihasilkan dari keputusan yang tepat.
3. Keputusan yang tepat diperoleh dari pemahaman yang baik mengenai permasalahan.
4. Pemahaman yang cukup diperoleh dari tersedianya data yang berkualitas.
Dengan demikian, smart city dapat terjadi bila
infrastruktur data dan informasi pada kota tersebut dikembangkan dengan baik.
Pengembangan infrastruktur data dan informasi ini yang
disebut sebagai digitalisasi.
SMA
RT
HO
SPIT
AL
, HE
AL
TH
CA
RE
AN
D S
MA
RT
CIT
Y
Smart City dimulai dari Digital City. Digital City dibentuk oleh…
Digital Banking
Digital Business
Digital Healthcare
Digital Public Services
Digital Learning
Digital Lifestyle
27
/05
/20
17
11
• Menyediakan infrastruktur dasar bagi pengembangan smart city
• Penggunaan saluran digital untuk memberikan media pembentukan nilai
• Digitalisasi pada proses-proses bisnis • Penggunaan open data dan data-
sharing untuk menciptakan nilai baru
SMA
RT
HO
SPIT
AL
, HE
AL
TH
CA
RE
AN
D S
MA
RT
CIT
Y
INTEGRASI DIGITAL REGION -> AWAL SMART CITY
27
/05
/20
17
12
Digital Home
Digital Commerce Digital
Public Service
Digital Health
Digital Transport
SMA
RT
HO
SPIT
AL
, HE
AL
TH
CA
RE
AN
D S
MA
RT
CIT
Y
SMART HOSPITAL, HEALTH CARE AND SMART CITY
27
/05
/20
17
SM
AR
T H
OSP
ITA
L, H
EA
LT
H C
AR
E A
ND
SM
AR
T C
ITY
13
SMART HEALTH DI DALAM SMART CITY
• Jejaring pelayanan kesehatan di sebuah kota
Setiap kota harus memiliki jejaring pelayanan kesehatan. Layanan tersebut harus mampu menghubungkan, memonitoring, mengendalikan untuk pengambilan keputusan dari setiap jaringan unit pelayanan kesehatan.
• Ekosistem kesehatan di Smart City.
27
/05
/20
17
SM
AR
T H
OSP
ITA
L, H
EA
LT
H C
AR
E A
ND
SM
AR
T C
ITY
14
JEJARING PELAYANAN KESEHATAN
27
/05
/20
17
SM
AR
T H
OSP
ITA
L, H
EA
LT
H C
AR
E A
ND
SM
AR
T C
ITY
15
LAYANAN SMART HOSPITAL
• Salah satu jejaring pelayanan kesehatan yang menjadi tujuan akhir dari setiap masyarakat adalah RUMAH SAKIT
27
/05
/20
17
SM
AR
T H
OSP
ITA
L, H
EA
LT
H C
AR
E A
ND
SM
AR
T C
ITY
16
SEKTOR PELAYANAN DAN ASPEK
• Beberapa sektor pelayanan kesehatan dan aspek kebutuhan yang diperlukan
27
/05
/20
17
SM
AR
T H
OSP
ITA
L, H
EA
LT
H C
AR
E A
ND
SM
AR
T C
ITY
17
ISU KEAMANAN PADA SMART HEALTH
27
/05
/20
17
SM
AR
T H
OSP
ITA
L, H
EA
LT
H C
AR
E A
ND
SM
AR
T C
ITY
18
RANSOMWARE 101
• Ransomware is a type of malware (malicious + software) that encrypts a victim’s files, locking users out of the infected device/system or blocking access to encrypted files.
• In order to acquire the key to decrypt these files, the victim must pay a ransom, often in the form of bitcoin or other electronic currency.
27
/05
/20
17
SM
AR
T H
OSP
ITA
L, H
EA
LT
H C
AR
E A
ND
SM
AR
T C
ITY
19
EVOLUTION OF AN ATTACK 27
/05
/20
17
SM
AR
T H
OSP
ITA
L, H
EA
LT
H C
AR
E A
ND
SM
AR
T C
ITY
20
•Ransomware typically sent as an email attachment or an embedded code / link in a webpage or email
•Emails historically generic (phising); increasingly targeted to specific individual (spear phising)
(1) source
•Once opened or clicked, ransomware begins encrypting all available files, without user interaction or notification
•If user’s machine is connected, available files can include files on network, cloud, shared services, etc.
(2) infection
•Once encryption is complete, ransomware alerts the user of infection, blocks access to system / files and provides payment instructions for decryption key
(3) ransom notice
•Key choice: - Pay ransom; or - Restore from backup
(4) pay or ???
HEALTHCARE RANSOMWARE TRENDS 27
/05
/20
17
SM
AR
T H
OSP
ITA
L, H
EA
LT
H C
AR
E A
ND
SM
AR
T C
ITY
21
According to the FBI, Ransomware has quickly become one of the larger threats to healthcare cyber security.1
At least 14 hospitals have been attacked by ransomware in 2016.2
Healthcare data breaches are frequent and impact everyone:
Nearly 90% of hospitals reported a data breach in the past 2 years; 45% had 6 or more data breaches.3
About 47% of US population has had their personal healthcare data compromised over last 12 months.3
1. FBI, Incidents of Ransomware on the Rise, April 29, 2016, https://www.fbi.gov/news/stories/incidents-of-ransomware-on-the-rise. 2. Jessica Davis, Ransomware: See the 14 hospitals attacked so far in 2016, Healthcare IT News, Oct. 5, 2016,
http://www.healthcareitnews.com/slideshow/ransomware-see-hospitals-hit-2016?page=1. 3. Institute for Critical Infrastructure Technology, Hacking Healthcare IT in 2016, January 2016.
WHY IS HEALTHCARE A TARGET FOR RANSOMWARE
27
/05
/20
17
SM
AR
T H
OSP
ITA
L, H
EA
LT
H C
AR
E A
ND
SM
AR
T C
ITY
22
“Hospitals are the perfect mark for this kind of extortion. [They] are more likely to pay a ransom rather than risk delays that could result in death and lawsuits.”1
• Staggering amounts of valuable electronic data, which is not required to be encrypted “at rest”.
• Reliant on technology to deliver patient care.
• Increasing connectivity of care and interconnectivity of healthcare industry.
• Tremendous number of access points for criminals (systems and users).
• Insecure and antiquated networks vulnerable to attacks.2
“It's very common for hospitals to have a large number of outdated and vulnerable systems on the network.”
1. Kim Zetter, Why Hospitals Are the Perfect Targets for Ransomware, Wired.com, March 30, 2016. 2. Institute for Critical Infrastructure Technology, Hacking Healthcare IT in 2016, January 2016.
This ppt is created for Knowledge Sharing in Indonesia and recreated based on copyright © 2010, Mohan Kamat and ISO27k Implementers' forum, some rights reserved and licensed under the CCAN-Share Alike 3.0 License.
“… Apa pun bentuk informasi yang diperlukan, dengan pengertian informasi tsb merupakan
sebuah sarana yang dapat digunakan secara bersama-sama atau sesuatu yg dapat disimpan di suatu tempat,
maka hendaknya informasi tsb
harus selalu dilindungi.“
This ppt is created for Knowledge Sharing in Indonesia and recreated based on copyright © 2010, Mohan Kamat and ISO27k Implementers' forum, some rights reserved and licensed under the CCAN-Share Alike 3.0 License.
This ppt is created for Knowledge Sharing in Indonesia and recreated based on copyright © 2010, Mohan Kamat and ISO27k Implementers' forum, some rights reserved and licensed under the CCAN-Share Alike 3.0 License.
Merupakan suatu kualitas atau pernyataan keadaan yang aman dan bebas dari ancaman
Keamanan dapat dicapai dengan menggunakan beberapa strategi
Keamanan dapat dicapai dengan menggunakan beberapa strategi secara simultan atau digunakan dalam bentuk kombinasi satu dengan yang lainnya
Keamanan yang diakui sebagai bagian penting dalam melindungi proses-proses yang vital dan melindungi sistem yang menyediakan proses-proses tersebut
Keamanan bukanlah sesuatu yang dapat kita beli, namun sesuatu yang dapat kita perbuat
Merupakan suatu arsitektur di mana sebuah kombinasi yang terintegrasi dari peralatan, sistem dan solusinya, perangkat lunak, alarm, serta kerentanan yang bersinergi secara bersama-sama di dalamnya.
Sesuatu yang dimonitor secara 7 X 24 jam Memiliki SDM, proses, teknologi, kebijakan,
prosedur di dalamnya Keamanan adalah SDM/people, proses,
teknologi, kebijakan, prosedur dan bukan hanya peralatan atau perangkat semata
Kesadaran akan keamanan informasi merupakan suatu pengetahuan, keahlian/keterampilan dan sikap dari seorang individu terkait perlindungan
terhadap aset informasi
Menjadi seseorang yang menyadari pentingnya keamanan informasi akan membuat kita paham, bahwa akan ada potensi bagi sebagian orang baik dengan sengaja
maupun tidak sengaja dapat mencuri, merusak, atau menyalahgunakan akun kita, baik itu di komputer atau pada data yang disimpan di komputer kita.
Kesadaran akan risiko keamanan informasi dan pengamanannya merupakan lini
pertahanan pertahanan terdepan dalam menjaga keamanan informasi, sistem dan jaringannya
This ppt is created for Knowledge Sharing in Indonesia and recreated based on copyright © 2010, Mohan Kamat and ISO27k Implementers' forum, some rights reserved and licensed under the CCAN-Share Alike 3.0 License.
This ppt is created for Knowledge Sharing in Indonesia and recreated based on copyright © 2010, Mohan Kamat and ISO27k Implementers' forum, some rights reserved and licensed under the CCAN-Share Alike 3.0 License.
Pemegang Saham / Pemilik Manajemen Karyawan Mitra Bisnis Penyedia layanan Kontraktor Pelanggan / Klien Regulator, dll
This ppt is created for Knowledge Sharing in Indonesia and recreated based on copyright © 2010, Mohan Kamat and ISO27k Implementers' forum, some rights reserved and licensed under the CCAN-Share Alike 3.0 License.
Proses yang khas dalam Infrastruktur IT adalah sebagai berikut :
Helpdesk/Layanan manajemen Insiden Pelaporan dan Manajemen Permintaan Perubahan Proses Permintaan pemenuhan kebutuhan sistem Manajemen Akses Manajemen Identitas Service Level/ Layanan Manajemen pihak ke tiga Proses pengadaan TI
This ppt is created for Knowledge Sharing in Indonesia and recreated based on copyright © 2010, Mohan Kamat and ISO27k Implementers' forum, some rights reserved and licensed under the CCAN-Share Alike 3.0 License.
Network Infrastructure:
Cabling, Data/Voice Networks and equipment
Telecommunications services (PABX), including VoIP services , ISDN , Video Conferencing
Server computers and associated storage devices
Operating software for server computers
Communications equipment and related hardware.
Intranet and Internet connections
VPNs and Virtual environments
Remote access services
Wireless connectivity
Application software:
Finance and assets systems, including Accounting packages, Inventory management, HR systems, Assessment and reporting systems
Software as a service (Sass) - instead of software as a packaged or custom-made product. Etc..
Physical Security components:
CCTV Cameras
Clock in systems / Biometrics
Environmental management Systems: Humidity Control, Ventilation , Air Conditioning, Fire Control systems
Electricity / Power backup
Access devices:
Desktop computers
Laptops, ultra-mobile laptops and PDAs
Thin client computing.
Digital cameras, Printers, Scanners, Photocopier etc.
This ppt is created for Knowledge Sharing in Indonesia and recreated based on copyright © 2010, Mohan Kamat and ISO27k Implementers' forum, some rights reserved and licensed under the CCAN-Share Alike 3.0 License.
Memastikan bahwa informasi hanya dapat diakses untuk orang-orang yg diizinkan untuk memiliki akses
Menjaga ketepatan dan kelengkapan informasi serta metode pengolahan
Memastikan bahwa pengguna yang berwenang memiliki akses ke informasi dan aset yang terkait bila diperlukan
This ppt is created for Knowledge Sharing in Indonesia and recreated based on copyright © 2010, Mohan Kamat and ISO27k Implementers' forum, some rights reserved and licensed under the CCAN-Share Alike 3.0 License.
Pelanggaran keamanan akan mengarah pd : Kehilangan reputasi Kerugian keuangan Kerugian Kekayaan intelektual Adanya pelanggaran akan menyebabkan
adanya tindakan hukum (Cyber Law) Kehilangan kepercayaan pelanggan Gangguan thd bisnis biaya
Keamanan Informasi adalah "Masalah Organisasi“ bukan hanya " Masalah IT “
Lebih dari 70% ancaman berasal dari Internal Org. Lebih dari 60% disebabkan oleh pemain baru Risiko terbesar berasal dari Orang/People Aset terbesar keamanan adalah Orang/People Social Engineering merupakan ancaman utama Lebih dari 2/3 organisasi mengungkapkan bahwa
mereka tidak mampu untuk menentukan "Apakah sistem kami sedang dikompromikan?"
This ppt is created for Knowledge Sharing in Indonesia and recreated based on copyright © 2010, Mohan Kamat and ISO27k Implementers' forum, some rights reserved and licensed under the CCAN-Share Alike 3.0 License.
Melindungi informasi dari berbagai ancaman Menjamin kelangsungan bisnis Meminimalkan kerugian keuangan Mengoptimalkan hasil investasi Meningkatkan peluang bisnis
This ppt is created for Knowledge Sharing in Indonesia and recreated based on copyright © 2010, Mohan Kamat and ISO27k Implementers' forum, some rights reserved and licensed under the CCAN-Share Alike 3.0 License.
This ppt is created for Knowledge Sharing in Indonesia and recreated based on copyright © 2010, Mohan Kamat and ISO27k Implementers' forum, some rights reserved and licensed under the CCAN-Share Alike 3.0 License.
This ppt is created for Knowledge Sharing in Indonesia and recreated based on copyright © 2010, Mohan Kamat and ISO27k Implementers' forum, some rights reserved and licensed under the CCAN-Share Alike 3.0 License.
Threats Vulnerabilities exploit
Risk
Asset values Protection Requirements
Information assets
Controls * reduce
Elements of threats
Agent : The catalyst that performs the threat.
Human
Machine
Nature
Motive : Something that causes the agent to act.
Accidental
Intentional
Only motivating factor that can be both accidental and intentional is human
Results : The outcome of the applied threat. The results normally lead to the loss of CIA
Confidentiality
Integrity
Availability
This ppt is created for Knowledge Sharing in Indonesia and recreated based on copyright © 2010, Mohan Kamat and ISO27k Implementers' forum, some rights reserved and licensed under the CCAN-Share Alike 3.0 License.
Source Motivation Threat
External Hackers
Challenge
Ego
Game Playing
System hacking
Social engineering
Dumpster diving
Internal Hackers
Deadline
Financial problems
Disenchantment
Backdoors
Fraud
Poor documentation
Terrorist Revenge
Political
System attacks
Social engineering
Letter bombs
Viruses
Denial of service
Poorly trained
employees
Unintentional errors
Programming
errors Data entry
errors
Corruption of data
Malicious code introduction
System bugs
Unauthorized access
Threats :
Employees
External Parties
Low awareness of security
issues
Growth in networking and
distributed computing
Growth in complexity and
effectiveness of hacking tools
and viruses
Natural Disasters eg. fire, flood,
earthquake
This ppt is created for Knowledge Sharing in Indonesia and recreated based on copyright © 2010, Mohan Kamat and ISO27k Implementers' forum, some rights reserved and licensed under the CCAN-Share Alike 3.0 License.
No Categories of Threat Example
1 Human Errors or failures Accidents, Employee mistakes
2 Compromise to Intellectual Property Piracy, Copyright infringements
3 Deliberate Acts or espionage or trespass Unauthorized Access and/or data collection
4 Deliberate Acts of Information extortion Blackmail of information exposure / disclosure
5 Deliberate Acts of sabotage / vandalism Destruction of systems / information
6 Deliberate Acts of theft Illegal confiscation of equipment or information
7 Deliberate software attacks Viruses, worms, macros Denial of service
8 Deviations in quality of service from service provider
Power and WAN issues
9 Forces of nature Fire, flood, earthquake, lightening
10 Technical hardware failures or errors Equipment failures / errors
11 Technical software failures or errors Bugs, code problems, unknown loopholes
12 Technological Obsolence Antiquated or outdated technologies
This ppt is created for Knowledge Sharing in Indonesia and recreated based on copyright © 2010, Mohan Kamat and ISO27k Implementers' forum, some rights reserved and licensed under the CCAN-Share Alike 3.0 License.
1990 :
DTI (UK) established a working group
Information Security Management Code of Practice produced as BSI-DISC
publication
1995 :
BS 7799 published as UK Standard
1999 :
BS 7799 - 1:1999 second revision published
2000 :
BS 7799 - 1 accepted by ISO as ISO - 17799 published
BS 7799-2:2002 published
2005 :
ISO 27001:2005
Information technology — Security techniques — Information security
management systems — Requirements
2005 :
ISO 27002:2005
Information technology — Security techniques — Code of practice for information security management
This ppt is created for Knowledge Sharing in Indonesia and recreated based on copyright © 2010, Mohan Kamat and ISO27k Implementers' forum, some rights reserved and licensed under the CCAN-Share Alike 3.0 License.
ISO 27001: Standar ini mencakup semua jenis organisasi
(misalnya perusahaan komersial, instansi pemerintah, organisasi non-profit)
Standar ini menentukan beberapa persyaratan dalam pendirian, pelaksanaan, pengoperasian, pemantauan, pemeriksaan, pemeliharaan dan peningkatan
Manajemen Sistem Keamanan Informasi (ISMS) yang terdokumentasikan dalam konteks risiko keseluruhan organisasi bisnis.
Standar ini juga menentukan persyaratan pelaksanaan pengendalian keamanan yang dapat disesuaikan dengan kebutuhan organisasi atau bagian
dari organisasi tersebut
ISMS dirancang untuk menjamin pemilihan kontrol keamanan yang memadai dan proporsional yang dapat melindungi aset informasi serta mampu
memberikan kepercayaan kepada pihak yang terkait
This ppt is created for Knowledge Sharing in Indonesia and recreated based on copyright © 2010, Mohan Kamat and ISO27k Implementers' forum, some rights reserved and licensed under the CCAN-Share Alike 3.0 License.
This ppt is created for Knowledge Sharing in Indonesia and recreated based on copyright © 2010, Mohan Kamat and ISO27k Implementers' forum, some rights reserved and licensed under the CCAN-Share Alike 3.0 License.
Plan, Do, Check, Act (PDCA) Process Model Process Based Approach Stress on Continual Process Improvements Scope covers Information Security not only IT Security Covers People, Process and Technology 5600 plus organizations worldwide have been certified 11 Domains, 39 Control objectives, 133 controls
This ppt is created for Knowledge Sharing in Indonesia and recreated based on copyright © 2010, Mohan Kamat and ISO27k Implementers' forum, some rights reserved and licensed under the CCAN-Share Alike 3.0 License.
Interested Parties
Information Security
Requirements &
Expectations
PLAN Establish
ISMS
CHECK Monitor &
Review ISMS
ACT Maintain & Improve
Management Responsibility
Interested Parties
Managed Information
Security
DO Implement & Operate the
ISMS
This ppt is created for Knowledge Sharing in Indonesia and recreated based on copyright © 2010, Mohan Kamat and ISO27k Implementers' forum, some rights reserved and licensed under the CCAN-Share Alike 3.0 License.
Information Security Policy Organisation
of Information
Security
Asset Management
Human Resource Security
Physical Security
Communication & Operations Management
Access Control
System Development &
Maintenance
Incident Management
Business Continuity Planning
Compliance
QUESTIONS?
• Referensi: Buku Panduan Kondisi Ideal Smart City Indonesia
berdasarkan Garuda Smart City Model, Tim GSCM ITB, Bandung, 2014.
Your Money or Your PHI: Ransomware in the Healthcare Industry - Arizona Society for Healthcare Risk Management November 11, 2016
Kim Zetter, Why Hospitals Are the Perfect Targets for Ransomware, Wired.com, March 30, 2016.
Institute for Critical Infrastructure Technology, Hacking Healthcare IT in 2016, January 2016.
FBI, Incidents of Ransomware on the Rise, April 29, 2016, https://www.fbi.gov/news/stories/incidents-of-ransomware-on-the-rise.
Jessica Davis, Ransomware: See the 14 hospitals attacked so far in 2016, Healthcare IT News, Oct. 5, 2016, http://www.healthcareitnews.com/slideshow/ransomware-see-hospitals-hit-2016?page=1.
Institute for Critical Infrastructure Technology, Hacking Healthcare IT in 2016, January 2016.
27
/05
/20
17
SM
AR
T H
OSP
ITA
L, H
EA
LT
H C
AR
E A
ND
SM
AR
T C
ITY
45
Recommended