Melalui penerapan dua strategi utama di atas, selama periode pelaporan tidak ada pengaduan yang diterima Perusahaan mengenai pelanggaran terhadap privasi pelanggan dan hilangnya data pelanggan. Selain itu Perusahaan juga berhasil melindungi data-data penting Perusahaan sebagai salah satu Obvitnas (Objek Vital Nasional) sektor Migas. Seiring dengan perkembangan dunia, pengamanan obvitnas tidak hanya berbentuk pengamanan fisik, tetapi juga pengamanan dari ancaman yang menggunakan teknologi. Pengamanan terhadap Obvitnas termasuk obvitnas bidang minyak dan gas bumi, harus dilakukan secara baik mengacu pada Peraturan Presiden Republik Indonesia No. 82 Tahun 2022 tentang Perlindungan Infrastruktur Informasi Vital (IIV). [GRI 418-1]By implementing the two main strategies described above, no complaints were received by the Company during the reporting period regarding violations of customer privacy and loss of customer data. In addition, the Company has also succeeded in protecting important data of the Company as one of the Obvitnas (National Vital Objects) of the Oil and Gas sector. Along with global developments, obvitnas security is not only carried out in the form of physical security, but also security against threats using technology. Security of Obvitnas, including obvitnas in the oil and gas sector, must be carried out properly by referring to Presidential Decree No. 82 of 2022 concerning Protection of Vital Information Infrastructure (IIV). [GRI 418-1]%u2022 Taking into account the current state of the organisation environment there is a single area of concern at this point in time which needs to be addressed through a short term remediation plans:%u2022 Access Control%u2022 Optimize existing Endpoint Security%u2022 Vulnerability Management%u2022 Patching Management%u2022 Privilege Management%u2022 Backup & Restore%u2022 Authentication Systems%u2022 Assess the current offerings and service provided to the organization in order to determine if the correct sources and level of information are being aggregated and correlated in order to identify advanced cyber threats that are able to bypass traditional solutions.%u2022 Research the feasibility and applicability of implementing the following solutions into the organizational environment:%u2022 Security Operation Center (SOC)%u2022 Blue Team Services & Defensive CapabilityThese solutions may assist in the identification and detection of persistent malware in order to ensure the continuous improvement of cyber and information protection across the organisation.%u2022 Research the feasibility and applicability of implementing the following solutions into the organizational environment:%u2022 Next Generation Technology (Predictive & Cognitive Cyber Security Operations Technology)%u2022 Red Teams Services & Offensive Capability%u2022 Develop an assessment program which includes well defined and relevant metrics and continuously assess the advanced threat detection solution.Short term 6-12 monthsMedium term 13-24 monthsLong term 25-60 monthsPT Pertamina Hulu Energi %u2022 Sustainability Report 235