TY - GEN
T1 - The Effect of Programmer Information Security Awareness on the Results of Vulnerability Assessments in Achieving Secure Applications
AU - Effendi, Hermawan
AU - Sumpeno, Surya
AU - Affandi, Achmad
N1 - Publisher Copyright:
© 2022 IEEE.
PY - 2022
Y1 - 2022
N2 - The existence of application innovation is important for the operations of an organization. Information security is currently a challenge in building secure applications because hacking often occurs in critical or transactional information applications, such as the financial sector. In addition to applying good programming techniques, application programmers must have information security awareness to produce secure applications. Application security vulnerabilities are caused by programmers' lack of information security awareness. In this study, the measurement of programmer information awareness is juxtaposed with testing application security vulnerabilities. Measuring the level of information security awareness using knowledge, attitude, and behavior modeling with Manage Security Services indicators on COBIT 5 as the focus area and testing application security vulnerabilities using OWASP-ZAP according to OWASP TOP 10 best practices. Data processing using Structural Equation Modeling-Partial Least Square can provide information about the effect of programmer information security awareness on application security vulnerabilities. The information becomes input in improving the competence of programmers in the field of information security. As a result of the research, some findings and discussions are given at the end of this article to achieve secure application programming through increasing awareness of information security.
AB - The existence of application innovation is important for the operations of an organization. Information security is currently a challenge in building secure applications because hacking often occurs in critical or transactional information applications, such as the financial sector. In addition to applying good programming techniques, application programmers must have information security awareness to produce secure applications. Application security vulnerabilities are caused by programmers' lack of information security awareness. In this study, the measurement of programmer information awareness is juxtaposed with testing application security vulnerabilities. Measuring the level of information security awareness using knowledge, attitude, and behavior modeling with Manage Security Services indicators on COBIT 5 as the focus area and testing application security vulnerabilities using OWASP-ZAP according to OWASP TOP 10 best practices. Data processing using Structural Equation Modeling-Partial Least Square can provide information about the effect of programmer information security awareness on application security vulnerabilities. The information becomes input in improving the competence of programmers in the field of information security. As a result of the research, some findings and discussions are given at the end of this article to achieve secure application programming through increasing awareness of information security.
KW - information security awareness
KW - manage security services
KW - vulnerability assessment
UR - http://www.scopus.com/inward/record.url?scp=85129940658&partnerID=8YFLogxK
U2 - 10.1109/ICITE54466.2022.9759867
DO - 10.1109/ICITE54466.2022.9759867
M3 - Conference contribution
AN - SCOPUS:85129940658
T3 - Proceedings - 2022 2nd International Conference on Information Technology and Education, ICIT and E 2022
SP - 280
EP - 286
BT - Proceedings - 2022 2nd International Conference on Information Technology and Education, ICIT and E 2022
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 2nd International Conference on Information Technology and Education, ICIT and E 2022
Y2 - 22 January 2022
ER -