others menu


Cyber Security Talk

Cybersecurity Solution we strongly recommend to companies in Indonesia

Recent Insights or Requirements Regarding Cyber Security Solutions.

Mr. Yoshi (LOGIQUE) :

Thank you for your time today. LOGIQUE is commited to providing Pen-test services and implementing phishing simulation tools for our clients in Indonesia. While, DTechCorp specializes in providing consulting services for high-level security policy definition. Together, we have formed a strong partnership to deliver a comprehensive security solution to our clients. In this discussion, our goal is to engage in a meaningful exchange of ideas about the security solution industry in Indonesia.

To start off, we would greatly appreciate it if you could kindly share any recent insights or requirements you have regarding cyber security solutions. Your input is valuable to us to understand specific needs and address the evolving challenges in the field of cybersecurity.

Mr. Didi (DTECHCORP) :

Currently, the majority of companies utilize cloud computing techniques to enhance the speed and accuracy of their processes, to support business continuity, and to enable future scalability. However, that also makes them more vulnerable to malicious threats.

Implementing cloud solutions is not just an engineering task and cannot be easily incorporated into your company; but it can be considered as a strategic challenge for each organization. The growing customer interest in cloud security before purchasing services has prompted cloud service providers to prioritize the implementation of security best practices.

But how can you continue to deliver cloud services while instilling customer confidence in your security and protection scheme over their data? This is where the ISO 27017 standard comes into play.

What is ISO 27017?

Mr. Yoshi (LOGIQUE) :

I know DTechCorp assists many Indonesian companies in obtaining ISO certification. Please tell me more about ISO 27017.

Mr. Didi (DTECHCORP) :

ISO/IEC 27017 security controls were developed in 2015 by the International Organization for Standardization alias ISO and the International Electronically Commission alias IEC for cloud service providers and customers to enhance cloud computing security and reduce organizational risk, provide guidance on best practice information security administration. It is part of the ISO/IEC 27000 series of safety standards.

ISO 27017 is a set of guidelines and practices that assist customers and cloud service providers in safely and effectively operating cloud services that can protect them from cyber threats. This standard is an extension of the ISO/IEC 27002 standard with more additions to the cloud-related security controls mentioned in the previous standard.

ISO/IEC 27017 defines the roles and responsibilities of cloud service providers and customers to help create secure cloud services.

Mr. Yoshi (LOGIQUE) :

How exactly does DTechCopr specifically assist its clients in obtaining ISO 27017 certification? What sets their consultancy apart from others in regard?

Mr. Didi (DTECHCORP) :

The DTECHCORP team of consultants will review your company's existing information security controls for cloud services against the requirements of the ISO 27017 standard. We will work with you to develop a comprehensive plan and implement the necessary controls to achieve compliance.

With our extensive knowledge and experience in management and technical standards, we are uniquely positioned to support companies in establishing information security management systems and integrating them with existing management systems. This allows you to achieve all the savings and efficiencies regarding system design, implementation, and maintenance.

Our success in delivering and maintaining projects based on standardized practices is built on two key principles. Firstly, our DTECHCORP consultants go beyond the scope of relevant standards to identify, define, and align with our clients' business drivers. Secondly, we seamlessly integrate ourselves into our clients' teams, fostering effective collaboration and partnership.

The Importance of Conducting "Phishing Simulation" for a Company

Mr. Yoshi (LOGIQUE) :

Great! We have received interest from multiple clients regarding ISO 27017 certification, and we would be delighted to collaborate with you on this matter.

At LOGIQUE, we continue to receive numerous inquiries regarding pen-testing, which demonstrates the persistent demand for this service. Additionally, we have noticed a significant increase in interest and concerns surrounding phishing simulations. As companies reach a certain level of security maturity, with implemented attack detection systems, regular pen-testing, and well-established security policies, the focus naturally shifts to employee education. We recognize the importance of addressing this crucial aspect and are committed to providing comprehensive solutions in this regard.

I strongly emphasize the siginificance of implementing "phishing simulation" within a company. While training and educating employees are crucial, it is important to recognize the inherent limitations. Not all employees may consistently adhere to security protocols, potentially creating vulnerabilities within the organization. Malicious actors often target individuals, exploiting their weaknesses as a means to gain unauthorized access. Even with the best intentions, an unwitting employee can inadvertently trigger a significant security incident.

Therefore, conducting phishing simulations becomes an invaluable tool to identify individuals who may pose a risk or lack a sufficiently secure understanding. It allows us to gain insight into potential vulnerabilities, enabling targeted training and reinforcement where it is most needed. By fostering a culture of awareness and preparedness, we can proactively mitigate the risk of security breaches caused by human factors.

Mr. Didi (DTECHCORP) :

Indeed, we have also received a significant number of inquiries regarding our employee evaluation service focused on security literacy, particularly in relation to the implementation of a phishing simulation tool. Do you mind telling me what Phishing Simulation tool LOGIQUE can provide for companies in Indonesia?

Mr. Yoshi (LOGIQUE) :

Certainly! At LOGIQUE, we offer a comprehensive phishing simulation platform designed to assess and enhance the security awareness and preparedness of employees. Our platform allows companies to create realistic phishing scenarios that closely resemble real cyber threats. It also enables the monitoring and analysis of employee responses. Through simulated phishing attacks, we can vulnerable areas of vulnerability and provide targeted training to improve employees' ability to detect and mitigate such threats.

Our phishing simulation tool is customized for the companies in Indonesia, taking into account local security requirements and best practices. We prioritize user-friendliness, advanced analytics, and comprehensive reporting, ensuring that companies can effectively measure and improve their employees' knowledge of security.

We would be delighted to discuss further details and explore how our phishing simulation tool can benefit your organization's security initiatives. The tool we offer is called Cywareness, which boasts extensive experience in implementation worldwide.

Our collaboration with Cywareness has allowed us to adapt the tool specifically for the Indonesian market. This includes developing phishing email templates that align with local customs and situations, making the simulations relevant and effective for employees in Indonesia. Together, we ensure that Cywareness is well-equipped to meet the unique needs and requirements of companies in Indonesia.

Mr. Didi (DTECHCORP) :

Have you noticed any changes in Pen-test market in Indonesia?

Mr. Yoshi (LOGIQUE) :

I have a positive outlook on the market as more companies recognize the importance of taking Pen-tests. However, it is worth noting that many companies tend to overlook the necessity of conducting periodic tests. Instead, the opt for a one-time assessment. Despite the clear need for regular assessments, there is still room for improvement in encouraging companies to prioritize ongoing Pen-tests.

As Pen-test conductor, we encounter another challenge in the process. Often, we discover significant number of security vulnerabilities during the tests, requiring the client to approach their contracted IT outsourcing vendor for resolution. However, a common issue arises as these vendors often take a long time to address the vulnerabilities, resulting in subpar fixing quality. Additionally, clients may face budget constraints when seeking assistance from their vendor.

To ensure comprehensive support to our clients, we have implemented a solution. We commit to conducting a second Pen-test promptly to verify whether all identified security vulnerabilities have been effectively addressed. This approach aims to instill confidence in our clients by ensuring the thoroughness and effectiveness of our services in mitigating security risks.

Advantages of LOGIQUE Pen-test Solutions

Mr. Didi (DTECHCORP) :

Can you share with readers what LOGIQUE’s strength in Pen-test solution is?

Mr. Yoshi (LOGIQUE) :

Our team of CeH certified pen-testers manages and executes the planning and execution of penetration tests, ensuring a high level of expertise. While we maintain competitive pricing, we pride ourselves on delivering affordable solutions. What sets us apart is our comprehensive in-house development department, comprising skilled professionals from Front-End to DevOps. This allows our pen-testers to closely collaborate with developers, providing valuable insights and assistance in addressing technical challenges.

Furthermore, our team possesses the proficiency to support clients with their digital marketing endeavors. We demonstrate a deep understanding of the complexities involved in prioritizing vulnerabilities for resolution and determining the desired level of security for campaigns or websites. Our advisory approach ensures that clients receive tailored guidance, enabling them to make informed decisions aligned with their specific needs and objectives.

Mr. Didi (DTECHCORP) :

It is evident that by working together, we can offer a comprehensive range of cyber security solutions. Let us continue to deliver exceptional security solutions in Indonesia as partners.

Mr. Yoshi (LOGIQUE) :

Ya. Definitely. Thank you for your time Today.

Solusi Keamanan Siber
Solusi Keamanan Siber
Logique menyediakan Solusi Keamanan Siber untuk meminimalkan resiko keamanan siber bagi perusahaan Indonesia
See More
Security Talk with a Senior Security Consultant, Iskandar from LOGIQUE
Security Talk with a Senior Security Consultant, Iskandar from LOGIQUE
Diskusi Keamanan Siber dengan Senior Security Consultant, Iskandar dari LOGIQUE
See More