95 ID-SIRTIICC Indonesia Security Incident Response Team of Internet Infrastructure Coordination Center – Indonesia 1. About ID-SIRTIICC 1.1. Introduction ID-SIRTIICC is the national CSIRTCC of Indonesia. The purpose of Id-SIRTII is to coordinate security efforts and incident response for critical infrastructure and IT-security problems on a national level in Indonesia.

1.2. Establishment

ID-SIRTIICC was established in 2006 by ICT Minister Decree Number 272006 and 262007 then revised with 162010.The main role of ID-SIRTII is to conduct security surveillance of telecommunication network based on internet protocol in Indonesia, and also as a central coordination Coordination CenterCC and liaison Single Point of Contact with related agenciesinstitutions both in domestic and overseas. ID-SIRTII as a legal institution which has been granted the right and authority to conduct Internet traffic monitoring in Indonesia refers to the rule of law as follows below: • Act No.361999 regarding National Telecommunication Industry • Government Regulation No.522000 regarding Telecommunication Practices • Ministry of Communication and Information Technology Regulation No.27PERM.KOMINFO92006 regarding Telecommunication Network Management Security based on internet protocol • Ministerial Regulation No.26PERM.KOMINFO2007 regarding Indonesian Security Incident Response Team on Internet Infrastructure On 2010, ID-SIRTII became a full member of APCERT. On 2011 became a member of FIRST and also National CSIRT Forum. On 2009 became a full member of OIC-CERT. 96

1.3. Management and Staffs

ID-SIRTIICC now has 6 member Board of Directors, which is 1 Chairman and 5 deputies Vice Chairman, and for supporting daily operations we employ 35 staffs in our office at Jakarta the Capital City of Indonesia.

1.4. Constituencies and Stakeholders

- IT security teams public sectors - Internet Service Provider ISP - Network Access Provider NAP - Local Internet Exchange Operator - Law Enforcement Agency LEA - Critical Infrastructure Operators - Other Sectors CSIRT’s in Indonesia.

1.5. Main activities:

- Monitoring, detection and early warning of threats and disturbance of the telecommunications network of IP-based in Indonesia - Developing and or providing, operating, and maintaining the database system of monitoring and conducting security activities of the telecommunications network utilization of IP-based at least for monitoring, early detection and early warning of threats and disturbance to the telecommunications network 97 utilization of IP-based, keeping records of transactions log files for supporting the law enforcement process - Performing the functions of information services to the threats and security disturbance of the telecommunications network utilization of IP-based - Carrying out research and development activities, providing simulation lab and training activities of the telecommunications network utilization security of IP-based - Providing consultancy services and technical assistance to strategic institutionsagencies - As a central coordination Coordination CenterCC and liaison Single Point of Contact with related agenciesinstitutions both in the country and abroad. 2. Activities and Operation 2.1. Incident Reports and Statistics