5. Indonesian IT Growth
Market overview
Projected to be worth nearly US$ 512 billion by 2012
The government is pushing for more integrated
e-government development, promoting a series of
infrastructure and education initiatives
Financial services and banking sectors accounting
for as much as 30% of total spending forecast
Source: Business Monitor International
6. Indonesian IT Growth
Computer sales
Notebook sales were the main driver of PC market
growth in 2007 accounted for around 60% of unit
sales
Computer sales (including notebooks and
peripherals) will be worth an estimated
US$ 1.9 billion in full year 2008
Source: Business Monitor International
7. Indonesian IT Growth
Software
For 2008, legal software sales are forecast at
US$ 361 million
Indonesia having one of the worst records in the
world in terms of its failure to significantly reduce the
software piracy rate, which was estimated at 85% by
Business Software Association in 2007
Source: Business Monitor International
8. Indonesian IT Growth
IT Services
Expected to be worth US$ 500 million in 2008
Hardware deployment services remain the largest
Indonesian IT service approximately 20% share
Opportunities are mainly in fundamental services:
system integration, support systems, training,
professional services, outsourcing, and Internet
services
Source: Business Monitor International
9. Indonesian IT Growth
e-Readiness
Only 14% of Indonesians have Internet access
(32 million users)
Low telephone line density, high charges, and low
PC penetration are all significant obstacles
In 2007 research, only 40% of Indonesian Internet
users have ever made purchases through the
Internet
Source: Business Monitor International
12. Cyber Security Issues
Email and communication
Email attachments Social networking
websites
SPAM
Blog
Blind carbon copy
VoIP
Digital signatures
Internet messaging
13. Cyber Security Issues
Mobile Devices
Physical security
Data security
USB drives
Wireless network
Bluetooth
18. Developers
Operations Contractors
Finance Operating Systems
Marketing
ISP
Vendors Network Infrastructure
Auditors
ASP
System Integrators Consultants
ERP
System Analysis Operations
Customers Intranet Applications
Spies Applications Billing
Competitors
Business Associations Payment Gateway
Corporation
Lawyers Backup
Business Units Database
Board of Directors
Executives Planning
Secretary
Analysis
Anti-monopoly
Design
Development
Fair Trades Regulation Government
Implementation
Money Laundry Surveillance
Maintenance
Marketing Business Intelligence Data Mining
HRD
19. Access Management
Database
Development Audit Trails
Code Audit Software Updates
Application
Performance Review Operating Systems System Hardening
Logging Performance Optimisation
IT Operations
Installation ISP
Network
Configuration Administration Network Devices
Maintenance
Backup
20. Parties involved in a typical
software attack
The company that sold the software
The attack tool writer
The attacker him/herself
The owner of the network
21. 100% of the liability shouldn't fall on the shoulders of the
software vendor, just as 100% shouldn't fall on the
attacker or the network owner. But today, 100% of the
cost falls directly on the network owner, and that just has
to stop.
We will always pay for security. If software vendors have
liability costs, they'll pass those on to us. It might not be
cheaper than what we're paying today. But as long as
we're going to pay, we might as well pay to fix the
problem. Forcing the software vendor to pay to fix the
problem and then pass those costs on to us means that
the problem might actually get fixed.
23. ISO 27001:2005
What's new? (compared to BS 7799:2000)
11 old controls modified,116 controls remaining, 17
new controls added — 133 controls in total
5 control objectives re-arranged, 8 new controls
objectives added — 39 control objectives in total
24. ISO 27001:2005
What's new?
Service Delivery Management
Service delivery, monitoring and review of third
party services, managing charges to third party
services
Based on BS 15000/ISO 2000
25. ISO 27001:2005
What's new?
Improving the management of external risk
Outsourcing, service providers, supplies, third
parties, business partners, and customers
SLAs and contracts, audits