Today Euwyn’s storm kept me company all day. It’s been one of those perfectly gloomy days where the rain seems endless, and the grey skies blend seamlessly with the horizon. While many would consider this the perfect excuse to curl up in bed, I decided to make the most of the cozy vibe. With a hot cup of tea in hand, I tackled the “Bank Indonesia Regulation” on “Cyber Security and Resilience.” Surprisingly, it turned out to be a pretty engaging way to spend my afternoon, especially since it ties directly into my upcoming dissertation preparation, officially starting this May.
From what I’ll focus on in my project, I carved out some key takeaways from the regulation that could form the groundwork for my research:
- Identification of Security Standards
The regulation emphasizes the importance of following best practices. While it doesn’t explicitly reference international standards, I think frameworks like ISO 27001 are highly applicable, as they address confidentiality, integrity, and data availability. For my dissertation, I’ll likely analyze the standards mentioned in the regulation, compare them to others like NIST or COBIT, and identify any gaps relevant to the Indonesian context. - Framework Design
The regulation includes essential elements of cyber risk management, such as identifying critical assets, conducting periodic risk assessments, and mitigating threats with tech-driven strategies. This aligns well with my goal to develop a framework that integrates policy and technology, tailored specifically to the needs of PSPs (Payment Service Providers) in Indonesia. - Audit and Supervision Procedures
Another point of interest is the regulation’s requirement for internal and external audits to evaluate compliance with security standards and incident reporting to Bank Indonesia. This could inspire a section in my framework detailing effective audit processes, including incident reporting, key performance indicators (KPIs), and leveraging technology for streamlined oversight. - Review of Best Technologies and Procedures
The regulation encourages the adoption of advanced technologies like encryption, threat detection systems, and real-time monitoring. To deepen my analysis, I’ll explore technologies already used in Indonesia, compare them with global trends, and highlight innovations that could boost security and efficiency for PSPs.
After mapping these points, I realized the scope might be too broad. It’s a good reminder to stick to the plan I’ve laid out in my proposal—focus is key! I’m excited to meet with my supervisor soon to refine what specific aspects to delve into for my framework.
Alright, time to wrap up this post—thanks for sticking with me through these musings! Here’s to more gloomy days turning into productive moments. See you in the next blog post!
…and you can check the regulation here! (but i’m so sorry that it is in Bahasa Indonesia).
Meera
Yes, it very important to stay in focus so that the project remains within the decided scope. Its tricky because research will take you into new directions everyday, and while we enjoy those digressions, we need to keep coming back to the fundamental questions of the project!
s2764172
Dear Meera! Thank you so much for your response. Yes, absolutely i already have questions to ask my supervisor! one of them is “How can i make it more narrow?” since i gotta think that my idea can be more compact.