From Vulnerability to Resilience: Building Indonesia's Cyber Defences in the AI Era

Written By Ethan Koh

In the AI era, securing Indonesia’s digital future is no longer optional—it’s essential.

Indonesia’s digital economy is expanding rapidly, unlocking new opportunities for businesses and innovation. But with this growth comes an important question: How can Indonesia safeguard its digital future against rising cyber threats? As ransomware attacks target critical sectors and phishing scams become more sophisticated, strengthening cybersecurity is more than just a necessity—it’s a step toward long-term resilience.

As highlighted in the AIBP report “Cybersecurity in ASEAN: Navigating the Evolving Threat Landscape,” sophisticated attacks and widespread vulnerabilities demand a proactive, AI-driven defence approach. 

Read more on Cybersecurity in ASEAN: Navigating the Evolving Threat Landscape

Escalating Cyber Threats in Indonesia

Indonesia, Southeast Asia’s largest digital economy, is experiencing a transformation driven by technological advancements. The rise of the platform economy and the urgency for digitalisation, catalysed by the pandemic, has allowed Southeast Asia, particularly Indonesia, to leapfrog into the modern digital age. With over 400 million internet users across the region, Southeast Asia has become one of the fastest-growing digital populations globally. According to the APJII, as of 2024, Indonesia boasts 221 million internet users, representing a 79.5% penetration rate. This rapid growth positions Indonesia as a critical hub within the global digital landscape. 

However, as Indonesia’s digital landscape continues to grow rapidly, the need for robust cyber security measures has never been more pressing. According to the 2024 AIBP Cybersecurity in ASEAN Survey, 43.7% of respondents identified cyber security and privacy concerns as the primary barriers to digital transformation. This statistic is particularly relevant for Indonesia, where digitalisation is advancing rapidly. With the growth of Indonesia’s digital economy, the need to address these concerns is critical for fostering a secure and resilient digital environment. This robust growth is fuelled by increased demand for IT services and software solutions, aligning with Indonesia's initiatives to strengthen its cyber security framework amid rapid digital transformation. 

Phishing Attacks & Social Engineering

In Indonesia, phishing attacks and social engineering have emerged as significant cyber security threats, particularly given the country's growing reliance on digital platforms. According to the AIBP Cybersecurity in ASEAN Survey, 42.9% of respondents identified these issues as their primary concern. Phishing remains a potent threat, especially when attackers tailor messages to Indonesian cultural cues and current events. Such attacks prey on human error and trust, tricking employees or consumers into divulging credentials or clicking malicious links. Attackers then escalate their strikes – a ransomware assault might “commence with a phishing email and escalate to the deployment of encrypting malware,” combining tactics for maximum. Indonesian companies, like many in ASEAN, are grappling with this human factor, when technology defenses alone won’t suffice if people are the weakest link.

“To secure user devices, employees must be made aware and educated that cyber security is not IT's problem, it is everyone's problem. Tools are just tools, they are all the same fundamentally.” —Anindio Daneswara, SVP, Group Head of ICT, Semen Indonesia.

Ransomware Attacks: Disruptions and Losses

Indonesia has witnessed a sharp increase in ransomware attacks, particularly in 2024, with a 70% rise in incidents primarily impacting the healthcare, education, and government sectors. According to the 2024 AIBP Cybersecurity in ASEAN Survey, the second major concern is malware and ransomware attacks, which were flagged by 37% of respondents. Notably, the emergence of ransomware groups like Brain Cipher has heightened concerns in Indonesia, as these attackers not only disrupt but also demand ransoms through cryptocurrencies like Monero, threatening data leaks if their demands are not met.

Strengthening the Foundation: Indonesia’s National Cyber Security Strategy

Indonesia’s national cybersecurity strategy reflects a concerted effort to address escalating cyber threats through legislative reform, institutional coordination, and regional cooperation. At its core lies the National Cyber and Crypto Agency (BSSN), which centralizes cybersecurity governance, incident response, and threat intelligence sharing across government and critical infrastructure sectors. The agency’s mandate includes establishing standardized security protocols, conducting cybersecurity audits, and orchestrating cross-sectoral drills to simulate large-scale cyberattacks.

Legislative Framework and Strategic Priorities

A dual legislative approach underpins Indonesia’s strategy. The proposed Cyber Security and Resilience Bill (RUU KKS) aims to unify fragmented regulations, delineate public-private cybersecurity responsibilities, and enforce mandatory incident reporting mechanisms. Complementing this is the Personal Data Protection (PDP) Law, modelled after the EU’s GDPR, which imposes stringent obligations on data controllers. Violations involving unauthorized data collection or breaches can incur fines up to IDR 6 billion (≈USD 430,000) and imprisonment for 4–6 years, incentivizing organizational compliance. The law mandates breach notifications within 72 hours and requires data protection officers for entities processing high-risk personal data.

Presidential Decree No. 47/2023 further institutionalised a National Cyber Security Strategy focused on three pillars:

  • Digital Economy Protection: Safeguarding financial systems, e-commerce platforms, and digital IDs through enhanced encryption and anti-fraud measures.

  • Cyber Resilience Building: Implementing a Cyber Crisis Management Framework for rapid response to sector-wide disruptions, such as ransomware attacks on energy grids.

  • Global Cyber Governance: Advocating for ASEAN-wide cybersecurity norms and participating in cross-border cybercrime task forces.

In addition, Indonesia leverages ASEAN’s Cybersecurity Cooperation Strategy to harmonize threat intelligence sharing and conduct joint exercises like the ASEAN-Singapore Cyber Blueprint Initiative. Domestically, the government mandates ISO/IEC 27001 certification for state-owned enterprises and enforces sector-specific guidelines for banking (POJK 38/2016) and telecommunications (MCI Circular 3/2023). These measures aim to institutionalize risk assessments and real-time monitoring systems, though adoption rates vary significantly between urban and rural regions.

The AI-Powered Shield: Leveraging Artificial Intelligence for Cyber Defence

Amid these challenges, Indonesia is turning to artificial intelligence (AI) as a force-multiplier for its cyber security defenses. The government recognizes that AI and machine learning can help detect and respond to threats faster than overburdened human teams. Indonesian enterprises recognize the competitive advantage of AI-driven innovation. Across ASEAN, 78.5% of businesses agree that investing in AI is crucial to stay competitive over the next three years​, a sentiment echoed in Indonesia’s fast-growing digital sectors.

Companies are exploring AI-powered strategies like zero-trust security models and advanced identity management to strengthen defenses​. Besides that, the Indonesian government is also partnering with global tech leaders to infuse AI into cyber security. Microsoft Indonesia, for instance, has been working closely with public and private organizations to introduce AI-driven security tools. AI can shift through millions of events and identify the telltale signs of a breach (such as abnormal user behavior or malicious code signatures) far faster than a human. 

“To truly innovate, we need to leverage AI, machine learning, and even generative AI to strengthen security and automate the management of these critical areas. By using intelligent systems, we can detect vulnerabilities faster, streamline access controls, and modernize legacy applications.” ——Radito Ghifiardi, Vice President - Head of Security Strategy & Architecture, Indosat Hutchinson Ooredoo

However, cyber criminals are also weaponizing AI to create more complex, hard-to-detect attacks​. This points to an AI arms race: defenders must use AI to counter attackers who use it to probe systems and craft phishing lures at scale. The Indonesian authorities have begun tapping AI for tasks like filtering fake news and extremist content as well (through BSSN’s information control initiatives​), showing the versatility of AI in broader cyber defense beyond just network security.

In the coming years, AI will play a growing role in Indonesia’s cyber defences. Security leaders are already envisioning a future where AI is deeply embedded. Enhanced threat detection and response was a top strategic goal for organizations’ security programs​– a goal closely tied to AI and automation. Forward-looking executives predict that in the next couple of years, a majority of security operations could be automatically run by 60–70% AI/ML, handling routine threats so that humans can focus on governance and complex decision-making. For Indonesia, government-driven AI adoption is not about replacing the human element but amplifying it. By automating repetitive tasks (like scanning for vulnerabilities, correlating incident data, or monitoring user behavior), AI can free up scarce cyber security personnel to concentrate on strategy and critical incident response. It can also provide a level of 24/7 vigilance that is humanly impossible to achieve at scale. 

The Road Ahead: From Awareness to Action

The urgency for Indonesian businesses and policymakers is clear. Cyber threats pose a real and present danger to Indonesia’s ambitions as a thriving digital economy. Yet, as this article has outlined, there is also a roadmap to resilience. By acknowledging the challenges – from ransomware and data breaches to talent gaps – and then proactively implementing solutions – stronger policies, AI-powered defenses, and cross-sector collaborations – Indonesia can turn its vulnerability into strength. The journey from vulnerability to resilience is already underway. Companies are rethinking their security strategies, government agencies are tightening regulations and seeking innovative tools, and public-private forums are fostering the exchange of best practices. What’s needed now is sustained momentum and leadership. 

AIBP’s latest report, "Cybersecurity in ASEAN: Navigating the Evolving Threat Landscape", offers critical insights into how enterprises across the region, including Indonesia, are addressing cyber  security challenges. 

🔗 Download the full report here: [Link]

About ASEAN Innovation Business Platform (AIBP)

AIBP serves as an avenue for public and private organisations in Southeast Asia to access information about enterprise growth and innovation. With a current network of over 30,000 stakeholders in Southeast Asia, AIBP continues to develop ecosystems by engaging in activities which create value-adding information for our stakeholders seeking to make transformative impacts within their organisations. For additional information about AIBP, please visit www.aibp.sg


Ethan Koh
Previous

Strengthening Cybersecurity in the Philippines
Next

The TNT (Trump's New Tariffs) Impact on AI