Outline of the Project
Name of the project
Project on capacity building for information security
Country of the project
Republic of Indonesia
Signed date of the project
4th December, 2013
Project location
Ministry of Communication and Information Technology (MCIT)
Project Period
From 23 July, 2014 to 22 January, 2017
JICA's counterpart of the project
Ministry of Communication and Information Technology (MCIT)
Background of the project
With the rapid spread of the Internet, the need for information security measures is increasing day by day. In particular, the damage by cyber-attack has been internationally increasing. Cyber-attacks illegally connect website and/or terminals in governmental offices or private companies, attempting falsification of website or leaking of company's confidential information. In South Korea in March 2013, broadcasting station and banks are damaged in large scale by cyber-attacks. The same may possibly happen in Japan, and countermeasures against such attacks need to be established urgently.
It is via the Internet that the cyber-attacks such as a computer virus or DoS attacks (Denial of Services Attack) reach attacking targets. As such, the countries with poor or insufficient information security settings are not only vulnerable against cyber-attacks, but also exposed to risks to be utilized as originating or transiting sites of cyber-attacks (step-stone), which causes deterioration in business trustfulness of the country. Conversely, the countries with higher levels of information securities will increase trustfulness in business environments, where high qualitied direct investment functions positively to invite high-value-added and knowledge-intensive economies.
Taking this fact seriously, the Indonesian Government has been improving information security levels of the country. The government has first established National CERT; ‘ID-SIRTII/CC' (Indonesian Security Incident Response Team on Internet Infrastructure) under MCIT in 2007, and subsequently ‘Government CSIRT' under Information Security Department of MCIT in 2012. However, countermeasures by these organizations haven't attained to satisfactory levels judged from the increasing amount of cyber-attacks, happening from Indonesia to its ASEAN neighbors or vice versa. For this reason, Indonesia has requested assistance from Japan, who has excellent experience and skill levels in this field.
Additionally to say, since the cyber-attacks are mainly performed via the Internet, single country's measures cannot perfectly tackle the problem. Hence, cooperation needs to be established, where we can properly foresee or quickly respond international cyber-attacks by collecting and analyzing the country's and/or regional information. In response to a request by the Indonesian Government, JICA has dispatched its survey team to the country in April 2013. The team has studied organizational structure of the departments in MCIT responsible for the information security task, and confirmed their capability to perform work as JICA's counterpart. In addition, the team has discussed with MCIT their intentions of cooperation with other ASEAN countries. As a result, two project goals are determined and agreed by MCIT and JICA; one is on capacity building of staff members in the Information Security Department of MCIT to improve information security environments of the country, and the other on establishment of wider and deeper cooperation with other ASEAN countries for improvement of their information security levels.
Improvement of levels in information security in the entire ASEAN region will help promote economy activities in each country in ASEAN, as well as help improve capacity to foresee cyber-attacks targeting Japan, which eventually result in good contribution to information security improvement in Japan too.
Goals
Overall Goal
To improve the Indonesia of information security measures
Project goal
To improve information security measures implementation capacity of Indonesia Ministry of Information and Communication
Outputs
- Function of Information Security Department is strengthened
- Mechanism to support government offices is established
- Awareness raising is improved
Activities
Output1
(1) Research an ideal mechanism for SNI ISO/IEC27001 accreditation and certification
(2) Improve technical skills of staffs
(3) Establish a network with Japan and ASEAN countries for studying future trends
Output2
(1) Create a method to introduce ISMS to government offices
(2) Create a method to establish CSIRT in government offices
Output3
(1) Create a method (channel) for awareness raising
(2) Create materials for awareness raising
Inputs
Input from the Japan side
- JICA long-term Experts (Chief Advisor, Information security Specialist, and Project Coordinator)
- Trainings (local trainings and trainings in the third country)
- Equipment, such as software etc.
Input from the Indonesia side
- Counterpart
- Environment of work, such as office
- About JICA
- News & Features
- Countries & Regions
- Our Work
- Thematic Issues
- Types of Assistance
- Partnerships with Other Development Partners
- Climate Change / Environmental and Social Considerations
- Evaluations
- Compliance and Anti-corruption
- Science and Technology Cooperation on Global Issues
- Research
- JICA Development Studies Program / JICA Chair
- Support for the Acceptance of Foreign HRs / Multicultural and Inclusive Community
- Publications
- Investor Relations