Overview

In recent decades, Indonesia’s digital ecosystem, as it operates throughout all sectors of the national economy, has proved vulnerable to occurrences of cyber incidents. In this regard, the National Cyber and Crypto Agency (Badan Siber dan Sandi Negara – “BSSN”) has affirmed that Indonesia suffered a total of 976,429,996 cyberattacks and 1.65 billion cybersecurity traffic anomalies during the 2021 - 2022 period alone.[1] Among the various initial government initiatives that have been aimed at tackling these challenges, BSSN previously introduced Regulation No. 8 of 2020 on Security Systems for the Organization of Electronic Systems (“Regulation 8/2020”), which broadly addressed various obligations that Electronic Systems Organizers (Penyelenggara Sistem Elektronik – “PSE”) are required to comply with regarding the maintenance of electronic information security through the implementation of Information-Security Management Systems (Sistem Manajemen Keamanan Informasi - “SMKI”). It should be noted that the various SMKI-related PSE mandates that are featured under Regulation 8/2020 were extensively covered in the following edition of Indonesian Law Digest (“ILD”): “Information Security Management Systems: PSE Standards for the Prevention and Mitigation of Cyber Incidents Through Compliance with ISO/IEC 27001”.

......