Exploring MSMEs Cybersecurity Awareness and Risk Management : Information Security Awareness

https://doi.org/10.22146/ijccs.67010

Yerik Afrianto Singgalen(1*), Hindriyanto Dwi Purnomo(2), Irwan Sembiring(3)

(1) Universitas Katolik Indonesia Atma Jaya, Jakarta
(2) Universitas Kristen Satya Wacana, Jawa Tengah
(3) Universitas Kristen Satya Wacana, Jawa Tengah
(*) Corresponding Author

Abstract


The use of information technology in the management of Micro, Small, and Medium Enterprises (MSMEs) is not limited to business performance and productivity but also aspects of data security and transactions using various mobile, website, and desktop-based applications. This article offers an idea to explore cybersecurity awareness and risk management of MSME actors who adopt information technology. The research method used is qualitative with a case study approach in the Coffeeshop X business and the Y Souvenir business in Salatiga City, Central Java, Indonesia. The data collection technique used in-depth interviews, observation, and document studies. These findings indicate that Cybersecurity Awareness, especially information security awareness, can be reviewed based on knowledge, attitudes, and behavior. Risk management can be review based on supply risk, operational risk, and customer risk. Cybersecurity Awareness and Risk Management in MSMEs is holistic and cannot be generalized, so it needs to be discussed contextually based on case studies. In the context of Coffeeshop X and Souvenir Y, the level of Cybersecurity Awareness (knowledge, attitude, behavior) is not always linear. In addition, risk management is more dominant in the customer risk dimension, compared to supply risk and operational risk.

 


Keywords


Cybersecurity; Risk Management; SMEs; Information Security

Full Text:

PDF


References

[1] G. Rahmadi and A. Raf’ie Pratama, “Analisis Kesadaran Cyber Security pada Kalangan Pelaku e-Commerce di Indonesia,” Automata, vol. 1, no. 2, pp. 1–7, 2020, [Online]. Available: https://journal.uii.ac.id/AUTOMATA/article/view/15399.

[2] S. F. Aboelfotoh and N. A. Hikal, “A review of cyber-security measuring and assessment methods for modern enterprises,” Int. J. Informatics Vis., vol. 3, no. 2, pp. 157–176, 2019, doi: 10.30630/joiv.3.2.239.

[3] F. Anwar, B. U. I. Khan, R. F. Olanrewaju, B. R. Pampori, and R. N. Mir, “A comprehensive insight into game theory in relevance to cyber security,” Indones. J. Electr. Eng. Informatics, vol. 8, no. 1, pp. 189–203, 2020, doi: 10.11591/ijeei.v8i1.1810.

[4] S. Aritonang, H. Yulieanto, and D. D. A. Rajab, “Internet Eavesdropping : Information Security Challenge in the Cyberspace,” J. Pertahanan, vol. 4, no. 1, pp. 61–75, 2018, [Online]. Available: http://jurnal.idu.ac.id/index.php/DefenseJournal/article/view/253/pdf4.

[5] F. T. Riadi, A. D. Manuputty, and A. Saputra, “Evaluasi Manajemen Risiko Keamanan Informasi Dengan Menggunakan COBIT 5 Subdomain EDM03 (Ensure Risk Optimisation) (Studi Kasus : Satuan Organisasi XYZ – Lembaga ABC),” JUTEI, vol. 3, no. 1, pp. 1–10, 2018, doi: 10.21460/jutei.2018.12.53.

[6] A. Z. Maingak and L. D. Harsono, “Information Security Assessment Using Iso / Iec 27001 : 2013 Standard,” Trikonomika, vol. 17, no. 1, pp. 28–37, 2018, [Online]. Available: http://journal.unpas.ac.id/index.php/trikonomika/article/view/1138/618.

[7] A. Fathurohman and R. W. Witjaksono, “Analysis and Design of Information Security Management System Based on ISO 27001: 2013 Using ANNEX Control (Case Study: District of Government of Bandung City),” Bull. Comput. Sci. Electr. Eng., vol. 1, no. 1, pp. 1–11, 2020, doi: 10.25008/bcsee.v1i1.2.

[8] P. D. Ibnugraha, L. E. Nugroho, and P. I. Santosa, “An approach for risk estimation in information security using text mining and jaccard method,” Bull. Electr. Eng. Informatics, vol. 7, no. 3, pp. 393–399, 2018, doi: 10.11591/eei.v7i3.847.

[9] I. G. N. Mantra, “The Modeling of Information Security Classification With Risk Value Assesment Factor to Good Information Governance on The Indonesia Higher Education Sector,” JATISI (Jurnal Tek. Inform. dan Sist. Informasi), vol. 3, no. 1, pp. 12–22, 2016.

[10] W. B. W. Ismail, R. A. T. R. Ahmad, S. Widyarto, and K. A. Ghani, “A generic framework for information security policy development,” Int. Conf. Electr. Eng. Comput. Sci. Informatics, vol. 2017-Decem, no. September, pp. 19–21, 2017, doi: 10.1109/EECSI.2017.8239132.

[11] Dafid and Dorie, “Metode MCDA Untuk Pengukuran Tingkat Kesadaran Keamanan Informasi Pada Mahasiswa,” JATISI (Jurnal Tek. Inform. dan Sist. Informasi), vol. 7, no. 1, pp. 11–20, 2020, doi: 10.35957/jatisi.v7i1.296.

[12] I. R. Munthe and I. Purnama, “Uji Tingkat Kesadaran Keamanan Informasi Pengguna Smartphone (Studi Kasus: Amik Labuhan Batu),” J. Tek. Inf. dan Komput., vol. 2, no. 2, pp. 156–165, 2019, doi: 10.37600/tekinkom.v2i2.113.

[13] R. Akraman, C. Candiwan, and Y. Priyadi, “Pengukuran Kesadaran Keamanan Informasi Dan Privasi Pada Pengguna Smartphone Android Di Indonesia,” J. Sist. Inf. Bisnis, vol. 8, no. 2, pp. 115–122, 2018, doi: 10.21456/vol8iss2pp1-8.

[14] D. C. Islami and K. B. I. H. Candiwan, “Kesadaran Keamanan Informasi pada Pegawai Bank x di Bandung Indonesia,” J. INKOM, vol. 10, no. 1, pp. 1–8, 2016, doi: 10.14203/j.inkom.428.

[15] A. D. Smith and W. T. Rupp, “Issues in cybersecurity: Understanding the potential risks associated with hackers/crackers,” Inf. Manag. Comput. Secur., vol. 10, no. 4, pp. 178–183, 2002, doi: 10.1108/09685220210436976.

[16] A. S. Firdaos, “Sistem Pengamanan dan Pemantau Sepeda Motor Menggunakan NFC ( Near Field Communication ) dan GPS ( Global Positioning System ) Security and Monitoring System in Motorcycle Using NFC ( Near Field Communication ) and GPS ( Global Positioning System ),” vol. 5, no. 1, 2017.

[17] R. Z. Yousif, S. W. Kareem, and S. M. Abdalwahid, “Enhancing Approach for Information Security in Hadoop,” Polytech. J., vol. 10, no. 1, pp. 81–87, 2020, doi: 10.25156/ptj.v10n1y2020.pp81-87.

[18] D. Efstathiou, “A collaborative physical layer security scheme,” Int. J. Electr. Comput. Eng., vol. 9, no. 3, pp. 1924–1934, 2019, doi: 10.11591/ijece.v9i3.pp1924-1934.

[19] P. T. Tin, D. H. Ha, M. Tran, and T. T. Trang, “Physical security layer with friendly jammer in half-duplex relaying networks over rayleigh fading channel: Intercept probability analysis,” Bull. Electr. Eng. Informatics, vol. 9, no. 4, pp. 1694–1700, 2020, doi: 10.11591/eei.v9i4.2249.

[20] Sumantri, “The Urgency of National Security Council (NSC) in the Context of Cyber Security as a Sub System of National Security to Protect State and People,” J. Soc. Polit. Sci., vol. 1, no. 1, pp. 71–75, 2020.

[21] S. S. Aulianisa and I. Indirwan, “Critical Review of the Urgency of Strengthening the Implementation of Cyber Security and Resilience in Indonesia,” Lex Sci. Law Rev., vol. 4, no. 1, pp. 33–48, 2020, doi: 10.15294/lesrev.v4i1.38197.

[22] L. Hadington, “Employees Attitude towards Cyber Security and Risky Online Behaviours : An Empirical Assessment in the United Kingdom,” Int. J. Cyber Criminol., vol. 11, no. 1, pp. 262–274, 2018, doi: 10.5281/zenodo.495776.

[23] T. Halevi, N. Memon, and J. Lewis, “Cultural and psychological factors in cyber-security,” J. Mob. Multimed., vol. 13, no. 1–2, pp. 43–56, 2017.

[24] F. Kwarto and M. Angsito, “Pengaruh Cyber Crime Terhadap Cyber Security Compliance Di Sektor Keuangan,” J. Akunt. Bisnis, vol. 11, no. 2, pp. 99–110, 2018, doi: 10.30813/jab.v11i2.1382.

[25] A. Ghadge, M. Weiß, N. D. Caldwell, and R. Wilding, “Managing cyber risk in supply chains: a review and research agenda,” Supply Chain Manag., vol. 25, no. 2, pp. 223–240, 2020, doi: 10.1108/SCM-10-2018-0357.

[26] M. S. Ansari, “Information System Security (Cyber Security),” J. Inform., vol. 2, no. 1, pp. 189–197, 2016, doi: 10.31311/ji.v2i1.60.

[27] A. Setiyanigrum and H. Hidayat, “Service Quality dan Kepuasan Konsumen : Studi Empiris dan Implikasinya pada Toko Online,” J. Ilm. Manaj., vol. 6, no. 2, pp. 247–260, 2016.

[28] R. Rachmatullah and R. Yanto, “Sistem Penjualan Online Spare Part Mobil di Toko Citra Abadi Motor Semarang,” Indones. J. Netw. Secur., vol. 5, no. 3, pp. 56–62, 2016.

[29] R. R. Febriani and B. Sudaryanto, “Pengaruh Brand Image dan Kualitas Layanan Terhadap Kepercayaan dan Keputusan Pembelian pada Toko Online (Studi Pada Konsumen OLX.co.id di Kota Semarang),” Diponegoro J. Manag., vol. 7, no. 2, pp. 1–11, 2018.

[30] F. Alwafi and R. H. Magnadi, “Pengaruh Persepsi Keamanan, Kemudahan Bertransaksi, Kepercayaan terhadap Toko dan Pengalaman Berbelanja terhadap Minat Beli Secara Online pada Situs Jual Beli tokopedia.com,” Diponegoro J. Manag., vol. 5, no. 2, pp. 1–15, 2016.

[31] A. Mohansyah and R. Parani, “Digital Online Dan Trust Dalam Hubungan Antara Tokopedia Dengan Penguna Layanan,” J. Lontar, vol. 6, no. 1, pp. 58–68, 2018.

[32] S. Pandey, R. K. Singh, A. Gunasekaran, and A. Kaushik, “Cyber security risks in globalized supply chains: conceptual framework,” J. Glob. Oper. Strateg. Sourc., vol. 13, no. 1, pp. 103–128, 2020, doi: 10.1108/JGOSS-05-2019-0042.

[33] M. Setiawardani, “Peran Servicescape Terhadap Peningkatan Loyalitas Pelanggan ( Kajian Empiris terhadap Pelanggan Yumaju Coffee ),” J. Ris. Bisnis dan Inov., vol. 7, no. 1, pp. 10–21, 2021.

[34] E. Irawan, “Analisis Faktor – Faktor Yang Mempengaruhi Pendapatan Anggota Kelompok Sadar Wisata Pada Usaha Industri Kecil Kerajinan Souvenir Di Kota Mataram,” J. Ekon. dan Bisnis Indones., vol. 2, no. 1, pp. 1–10, 2017, doi: 10.37673/jebi.v2i1.47.

[35] A. T. Novitasari, “Pelatihan Membuat Kerajinan Souvenir Rangka Besi untuk Meningkatkan Keterampilan Berwirausaha,” JAPI, vol. 5, no. 2, pp. 124–131, 2020.

[36] D. Islamiyati and C. Chairy, “the Influence of Memorable Souvenirs Shopping Experience and Place Identity on Revisit Intention (the Case of Yogyakarta),” J. Muara Ilmu Ekon. dan Bisnis, vol. 5, no. 1, pp. 205–213, 2021, doi: 10.24912/jmieb.v5i1.11054.



DOI: https://doi.org/10.22146/ijccs.67010

Article Metrics

Abstract views : 3953 | views : 3233

Refbacks





Copyright (c) 2021 IJCCS (Indonesian Journal of Computing and Cybernetics Systems)

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.



Copyright of :
IJCCS (Indonesian Journal of Computing and Cybernetics Systems)
ISSN 1978-1520 (print); ISSN 2460-7258 (online)
is a scientific journal the results of Computing
and Cybernetics Systems
A publication of IndoCEISS.
Gedung S1 Ruang 416 FMIPA UGM, Sekip Utara, Yogyakarta 55281
Fax: +62274 555133
email:ijccs.mipa@ugm.ac.id | http://jurnal.ugm.ac.id/ijccs



View My Stats1
View My Stats2