Kadin Indonesia for Communication and Information Technology organised an FGD with the theme ‘Indonesia's Cybersecurity Insight: Addressing Industry Challenges and Limitations’ on 28 June 2024.
The objectives of this FGD were:
- To gather insights, knowledge, and experiences on cybersecurity from industries that are frequently targeted by attacks, especially from the Finance and Financial Technology (Fintech) sectors, to gain a broader understanding of the challenges and effective solutions in addressing cybersecurity issues.
- Exploring the perspectives and understanding the challenges and innovations faced by cybersecurity industry players in Indonesia, to gain an in-depth insight into the dynamics and latest advancements in the sector.
- Identify and understand common cybersecurity challenges faced by various industry sectors in Indonesia, such as Manufacturing, Construction, and Healthcare, to gain comprehensive and strategic insights in addressing these issues.
- As a means of facilitating the industry to provide a comprehensive evaluation of current cybersecurity in Indonesia
Indonesia's rapid digital modernisation and transformation has significantly increased cyber risks to the country's physical and financial infrastructure. A report from the National Cyber and Crypto Agency (BSSN) recorded nearly 404 million traffic anomalies or domestic cyberattacks from January to December 2023. Most of these attacks consisted of malware activity (44.47%), trojans (33.28%), information leaks (9.36%), and other types (12.89%).
Therefore, protecting critical assets, business activities, and network systems from cyber threats is now a top priority for all stakeholders. Business and industry players in Indonesia are increasingly sensitive to cyber risks and threats, especially from devices connected through the Internet of Things (IoT) and the use of cloud computing systems for data storage, which further expands the possibility of cyber attacks. This has raised awareness among business and industry players that safeguarding digital assets is a critical need to ensure the sustainability of industry and business operations, protect sensitive company data, and maintain the trust of customers and stakeholders. Therefore, industry and business players are starting to consider cybersecurity as an integral part of risk management and are starting to increase investments to prevent threats and as steps in strengthening security systems, especially in threat detection strategies and follow-up responses after cyber attacks.
However, while cybersecurity awareness is increasing, it is not yet widespread across business and industry sectors. The information and communications technology (ICT) and financial sectors tend to have higher awareness due to more potential cyber incidents than the transport, energy, healthcare, manufacturing and construction sectors, making the financial sector one of the most vulnerable sectors and a benchmark for other sectors. Different business sectors face different cybersecurity challenges, ranging from ransomware and phishing attacks to advanced persistent threats (APTs).
In addition to supporting this, the Government issued several regulations on various cybersecurity-related laws and regulations, such as Presidential Regulation No. 47 of 2023 on National Cybersecurity Strategy and Cyber Crisis Management, BSSN Regulation No. 4 of 2021 on Guidelines for Information Security Management of Electronic-Based Government Systems, Law No. 11 of 2008 on Electronic Information and Transactions (ITE Law), and the National Medium-Term Development Plan (RPJMN) 2020-2024. While these regulations provide top-level guidance, additional technical details are required for full implementation. Currently, the Indonesian government, specifically BSSN, is developing more detailed implementing regulations related to data protection and cybersecurity.
Understanding the perspectives of Indonesian businesses on cybersecurity, including awareness as well as the limitations and challenges faced by industry players, is one of the urgencies in improving national cyber resilience. The business and industry sector plays an important role in the cybersecurity landscape as it is often the target of cyberattacks and has the responsibility to protect corporate data and assets. By comprehensively understanding the views of businesses and industries, it is possible to tailor strategies and initiatives to meet specific needs and concerns. This approach can also lead to more effective measures in strengthening Indonesia's cybersecurity position.
