Nowadays, cybersecurity has become an increasingly prominent issue following the extensive utilization of technology in all aspects of life; henceforth, the emergence of problems related to the sector also has arisen. According to Check Point, Software Technologies Inc., Indonesia becomes the third-most prone country to be potentially threatened by cyber-attacks after the United States and India. To specify further, fintech becomes the most vulnerable sector to cybersecurity threats as there have been many cases of data privacy breaches within the sector. Although the government had established numerous cybersecurity protection initiatives and agencies, such as the National Cyber Security Strategy and the State Cyber and Crypto Agency (BSSN), the threats are still inevitable to be contained as what has been proven as prevalent today. The future of Indonesia's cybersecurity, therefore, lies upon the effectiveness of cooperation between public and private stakeholders to rapidly respond to the recurring cyber threats.
Q1: What are the current main challenges hindering the smooth protection of cybersecurity in Indonesia?
A1: Currently, the ineffectiveness of responses on any cybersecurity threats becomes the main problem of a fragile cybersecurity shield in Indonesia. In the second quarter of 2019 alone, according to Kaspersky, there have been a total of 8.275.318 internet-borne cyber-attacks, in which 28.5% of them account for attacks through the web. However, according to Cisco 2019 Asia Pacific CISO Benchmark Study, most Indonesian companies have had slower downtime (periods where a system is unavailable) in responding to the occurrence of cyber-attacks, which take 24 hours or longer. It accounts for 19% of companies in Indonesia. It is claimed that cybersecurity officers Indonesia have put their concentration on resolving other problems rather than trying to address the challenge as mentioned above in the first place. Consequently, the downtime remains to be unsolved. In addition, the lack of budgets and lack of cybersecurity knowledge/skills in companies might contribute to the fragile cybersecurity protection in Indonesia, as many of them have not been responsive when encountering any cybersecurity threats.
A2: According to research carried out by Telstra, robust security intelligence could become an integral part of reliable cybersecurity protection. To establish adequate cyber intelligence, appoint capable human resources in the field of cybersecurity is necessary as Indonesia currently lacks to be able to respond to the incoming cyber threats, which should be supported by sufficient investment to fund the necessary capital.
Currently, the average score of cybersecurity preparedness is concerning, which is 1.45 out of 5. The vulnerability of cybersecurity to be attacked also increases alongside the decreasing level of readiness to encounter potential threats.
In order to be able to enhance the quality and quantity of cybersecurity experts, an established higher education curriculum concerning the specialty of cybersecurity should be initiated as it has lacked in Indonesia's higher education realm nowadays in spite of the increasing demand for the experts in the field.
Moreover, aside from fostering more skilled cybersecurity officers, there should be the enactment of proper cyber regulations to regulate cyber activities, especially in terms of data privacy protection as the most vulnerable cyber domain in Indonesia that is prone to cyber threats. As numerous cases of privacy data breaches have occurred in recent years, it is crucial to establish clear standards on what could be classified as forms of data privacy violations. However, education on data privacy itself should be carried out in the first place on the more significant part of society to make the regulations becoming effective through IT security awareness.