Indonesia continues to advance its digital systems, with more citizens coming online, using mobile payments, and accessing government services remotely. These developments create new opportunities for national growth while also introducing risks that require focused attention.
The Indonesian cybersecurity market is expanding rapidly as both public and private sectors strengthen their defenses. Cyber protection is increasingly positioned at the center of national development priorities. Events such as IndoSec provide a forum for experts to examine these changes and share practical approaches forward. Together, these efforts help build more resilient foundations that can keep pace with Indonesia’s ongoing digital transformation.
The Digital Indonesia Roadmap ran from 2021 to 2024 with four main targets. These included updated digital infrastructure, improved government services online, support for small and medium businesses, and better skills for people. Initiatives under the plan reached distant islands with better broadband. Real-time payment options like BI-FAST and QRIS became common for daily use. The changes connected more parts of the economy. They also showed the importance of guarding the systems that millions depend on each day.
‘Making Indonesia 4.0’ started in 2018, aimed at updating manufacturing in five areas: food processing, textiles, automotive, chemicals, and electronics.
The goal is to raise the manufacturing industry’s contribution to GDP, generate new employment opportunities, and push Indonesia into the top ten global economies by 2030.
From 2026, Indonesia steps up its digital sovereignty efforts. The focus is on local data handling, home-grown AI capabilities, and less dependence on outside providers. The National AI Roadmap from 2025 supports ethical AI use in healthcare, farming, and public services. A draft law on cybersecurity and resilience strengthens supervision. The Personal Data Protection Agency prepares to start full operations around 2026. These actions keep digital growth under local oversight. They still allow careful ties with global partners.
Attackers now apply artificial intelligence for sharper strikes. In Indonesia, automated phishing and deepfake tricks have begun to appear more often. Malware adjusts itself to slip past standard tools, enabling criminals to pull public data and create messages that feel personal. Reports place Indonesia high on lists of targets because of its large online population. These methods change fast and leave older defences behind.
Organizations often rely on outside suppliers for cloud storage, software fixes, and data services. One weak point can affect many connected systems. The 2024 breach at the temporary National Data Center illustrated how supply-chain gaps can halt government operations on a major scale. Attackers used flaws in vendor systems to get inside. More connected platforms mean one supplier failure can spread fast. The problem grows as critical operations share the same tools.
Ransomware incidents reached about 130 unique cases in Indonesia during 2024. Groups like LockBit 3.0 and Brain Cipher version asked for large payments and stopped daily operations in several places. Manufacturing plants and information services took the biggest blows. Attackers now use file encryption with data theft to increase the stakes. This change from basic lockdowns to double-extortion methods pushes organizations to review their backup procedures and response readiness.
December 2025 saw the National Cyber and Crypto Agency sign a five-year agreement with the Ministry of National Development Planning. The deal puts cybersecurity inside major development projects. Work includes joint risk reviews, training sessions, and protection of key infrastructure. This agreement ties security work directly to economic targets and supports steady advances at different government levels.
Presidential Regulation No. 47 of 2023 introduced the national cybersecurity strategy. It lists 8 main areas that range from governance and risk handling to working with other countries. The approach treats resilience as a continuous effort instead of a single project. BSSN leads the rollout. Real success needs input from other ministries and private groups. The focus stays on systems that survive attacks and return to normal without long delays.
The Personal Data Protection Law finished its transition phase in October 2024. Companies now follow clear rules on data gathering, consent, and reporting breaches. Fines and legal penalties apply. The Personal Data Protection Agency takes charge from around 2026. This setup makes data safety a standard duty for every organization and gives people stronger control over their information.
Digital payment systems and fintech services have expanded access to financial services for millions of Indonesians who previously lacked it. These platforms process transactions and store sensitive information on a large scale, making security a critical priority.
As many financial inclusion experts emphasize, maintaining strong cybersecurity is essential to preserving public trust. In response, banks and fintech providers continue to strengthen their defenses through real-time monitoring, enhanced authentication measures, and other safeguards designed to protect customer funds and data.
Power installations and production sites of ‘Making Indonesia 4.0’ use linked sensors and networks. A single breach can halt output or create safety issues. Firms now set strict access rules and run regular checks. Such measures open space for domestic security firms and cut the chance of costly interruptions
Public agencies and telecom providers form the backbone of national services. Past attacks showed how quickly portals for education or immigration can go down. Telecom operators upgrade their defences to manage heavier traffic. Closer coordination between BSSN and these sectors fills gaps and speeds up recovery.
Medical facilities manage sensitive patient records, while tourism businesses handle large volumes of booking and payment data. As data protection requirements become stricter, both sectors face growing pressure to strengthen their security practices. Secure systems help prevent breaches that could affect patients, travelers, and service providers alike. Continued investment in cybersecurity supports better service delivery, protects user trust, and contributes to the long-term growth of the tourism sector.
As Indonesia’s digital economy continues to expand, strengthening cyber resilience has become a shared priority across government, industry, and critical sectors. IndoSec, Indonesia’s leading cybersecurity summit, brings together policymakers, business leaders, and cybersecurity professionals to collectively address the country’s most pressing security challenges through practical discussion and knowledge exchange.
Sessions explore real-world incidents, regulatory developments, emerging technologies, and evolving threats, helping participants understand how cybersecurity strategies must adapt to a rapidly changing environment.
More importantly, the summit creates opportunities for collaboration. By connecting stakeholders from across the cybersecurity ecosystem, IndoSec helps align priorities, encourage partnerships, and promote practical solutions that can be implemented beyond the event itself. Discussions span topics ranging from AI-driven threats and cyber resilience to supply chain security and national preparedness.
Register today!
