Knowledge management for information security incident handling at Security Operation Center of Jakarta Provincial Government

  • Maman Firmansyah Universitas Nusa Mandiri
  • Andrie Yuswanto Institut Teknologi Budi Utomo
DOI: https://doi.org/10.54849/monas.v4i2.102
Keywords: Knowledge Management, Security Operation Center, Incident Handling, Cyber Threat, Information Security

Abstract

Information security incidents have increased in number and become more diverse and destructive and disrupt service availability. An incident management system is needed to detect and handle information security incidents quickly, minimize losses, reduce exploited vulnerabilities and restore infrastructure, including services. An incident management system needs to be managed with a Security Operations Center (SOC). The use of tacit knowledge has been shown to help accelerate problem-solving in SOC better than experience by adopting strategies that have been used previously. The application of knowledge management in SOC has become a basic need. An organization's ability to manage existing knowledge is a necessary strength to be able to survive in the face of incessant cyber-attacks. This study aims to examine the process of capturing tacit in SOC so that it can be used to analyze and deal with cyber threats and to lay the foundation for implicit knowledge management in organizations to increase the efficiency of work methods and processes responding to incidents efficiently and systematically.

Published
2022-12-02
Issue
Vol. 4 No. 2 (2022): November
Section
Articles

Copyright (c) 2022 Monas: Jurnal Inovasi Aparatur

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

Authors who publish in this journal agree to the following terms:

  1. Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
  2. The journal allows the authors to hold the copyright without restrictions and to retain publishing rights without restrictions.
  3. Authors can enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
  4. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) before and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work.