Framework for critical information infrastructure protection in smart government: a case study in Indonesia

Purpose This paper aims to develop a framework for critical information infrastructure (CII) protection in smart government, an alternative measure for common cybersecurity frameworks such as NIST Cybersecurity Framework and ISO 27001. Smart government is defined as the government administration sec...

Full description

Saved in:
Bibliographic Details
Published inInformation and computer security Vol. 32; no. 1; pp. 112 - 129
Main Authors Putro, Prasetyo Adi Wibowo, Sensuse, Dana Indra, Wibowo, Wahyu Setiawan Setiawan
Format Journal Article
LanguageEnglish
Published Emerald Publishing Limited 22.01.2024
Subjects
PreMiSTS
Smart government
STS
Critical information infrastructure
Protection
Framework
Online AccessGet full text

Cover

More Information
Summary:Purpose This paper aims to develop a framework for critical information infrastructure (CII) protection in smart government, an alternative measure for common cybersecurity frameworks such as NIST Cybersecurity Framework and ISO 27001. Smart government is defined as the government administration sector of CII due to its similarity as a core of smart technology. Design/methodology/approach To ensure the validity of the data, the research methodology used in this paper follows the predicting malfunctions in socio-technical systems (PreMiSTS) approach, a variation of the socio-technical system (STS) approach specifically designed to predict potential issues in the STS. In this study, PreMiSTS was enriched with observation and systematic literature review as its main data collection method, thematic analysis and validation by experts using fuzzy Delphi method (FDM). Findings The proposed CII protection framework comprises several dimensions: objectives, interdependency, functions, risk management, resources and governance. For all those dimensions, there are 20 elements and 41 variables. Practical implications This framework can be an alternative guideline for CII protection in smart government, particularly in government administration services. Originality/value The author uses PreMiSTS, a socio-technical approach combined with thematic analysis and FDM, to design a security framework for CII protection. This combination was designed as a mixed-method approach to improve the likelihood of success in an IT project.
ISSN:2056-4961
2056-497X
2056-4961
DOI:10.1108/ICS-03-2023-0031