Information Security Governance for Hybrid Lending with NIST Cybersecurity Framework (Case study: PT. Amartha Mikro Fintek)

Abstract

In fintech world, hybrid lending system that integrates digital technology in the Security process require an effective Information Security management approach to Protect sensitive data and ensure business operational continuity. This research analyzes the implementation of Information Security Governance based on the NIST Cybersecurity Framework in the context of a hybrid lending system. This framework involves the development of a core framework consisting of Identify, Protect, Detect, Respond and Recover. Each level describes an organization's evolution in identifying, assessing, and managing Information Security risks. The implementation results show that by following the NIST Cybersecurity Framework, organizations can increase Security awareness, consistent policy implementation, and Respond more quickly to Security incidents. This research provides recommendations for strengthening Information system Security in the Hybrid lending sector by utilizing the latest technology and integrating continuous learning in Security strategy. Thus, this research aims to make a significant contribution to the development of best practices for Information Security management in the ever-developing digital era.