Beruflich Dokumente
Kultur Dokumente
Indonesia
Abstract
The purpose of state defense is to protect and to save the integrity of the Unitary State
of the Republic of Indonesia, the sovereignty of the state, as well as its security from all
kinds of threats, whether they are military or non-military ones. One of the non-
military threats that potentially threatens the sovereignty and security of the nation-
state is the misuse of technology and information in cyberspace. The threat of
irresponsible cyber attacks can be initiated by both state and non-state actors. The
actors may be an individual, a group of people, a faction, an organization, or even a
country. Therefore, the government needs to anticipate cyber threats by formulating
cyber security strategies and determining comprehensive steps to defend against cyber
attacks; its types and the scale of counter-measures, as well as devising the rules of law.
Relations studies, power is one of the The Shapes of Cyber Threats and
most used concepts (a mainstream Attacks
concept) as well as the most controversial
and hard to define (Perwita & Yani, 2006, On 6 September 2007, Syrias
p. 13). nuclear power development facility was
bombarded by Israels aircraft. One of the
In this article, the authors discuss the issues that became the news was Syrias
following questions: inability to prevent or operate its armed
forces against such attack. There were
1. How the cyber security policy and many opinions and analysis on this. One
regulations implemented in of them said that it was because Israel had
Indonesia and what are the disarmed Syrias radar and military
obstacles? force by using information technology. In
2. How is the implementation of other words, Syria experienced a cyber
cyber security-related policy and attack (Clarke & Knake, 2010, p. 5).
regulations in Indonesian in The significant development of
anticipating cyber attacks? information technology has changed the
3. What steps should be taken by the worlds face and shifted our
government of Indonesia to understanding on whats understood as a
anticipate cyber threats and nations power, as well as showing us a
attacks? diffusion of that understanding (Nye Jr,
2011, p. 1). A nations power is neither just
This research uses a about how big the economy is nor how
multidisciplinary as well as strong the military is, but it is also about
interdisciplinary research design with a the values it offers to the world, and one
descriptive analytical method to describe of them is its mastery of technology. In the
the situation, condition, and all problems 21st century, almost all activities, from
by using literature study to get a deeper personal ones to official ones, rely on the
understanding. use of information technology. Israels
attack on Syria was one of the examples of
This article is structured into two the advanced use of information
parts: the first discusses the concepts technology to support military activities.
related to cyber security, while the second
analyzes the cyber security policy and its The use of information technology
implementation in Indonesia. The first for destructive purposes is a threat to a
part talks about the shapes of cyber countrys national defense. The threats
threats and attacks, then argues about the can either be military or non-military ones.
role of cyber security in national security. Military threats to national defense are
The second part discusses cyber security threats to defense and security, while non-
governance, related legislations and military threats to national defense are
regulations, current policy, and related threats to the ideological, political,
obstacles in Indonesia, then analyzes the economic, social, and cultural resilience of
development of cyber defense, the a country. Sooner or later, the advance of
implementation of cyber security technology will affect our cultural
regulations, and three steps to strengthen convention, socio-cultural institutions and
cyber security in Indonesia. (from socio-political perspective) our
64 Cyber Security Policy and Its Implementation in Indonesia
1998, p. 18). The objective of national 2010 to coordinate cyber security, focusing
cyber security is the protection, on the expertise and the practice in the
domination, and control of data and field of information and technology. The
information. National cyber security is Directorate of Information Security has
closely related to information operation, the tasks of policy formulation and
which involves various parties such as the implementation, training, monitoring,
military, the government, state-owned evaluation and reporting in the field of
enterprises, academia, private sectors, information security governance. Lastly,
individuals, and the international world. ID-SIRTII was established by the
The continuity of information operation government based on Regulation of the
does not only rely on cyber security itself, Minister of Communication and
it also depends on physical security, Informatics No. 8 of 2012 to handle
which is related to all physical elements security on internet infrastructure.
such as data center buildings, disaster
recovery system, and transmission media. Meanwhile, there are two
community organizations involved in
Cyber Security Governance in Indonesia cyber security in Indonesia. Acting as a
supporting institution, Indonesia
In terms of cyber security, Communication Emergency Response
Indonesia already has a system and Team (ID-CERT) is an organization that
strategy of cyber security conducted by works with the government in special
government agencies and also the official cases to support the development of cyber
community. Cyber security policy is security in Indonesia. In addition, ID-
coordinated by the Ministry of CERT also functions as a supporting
Communication and Informatics (MCI). institution for government organizations
There are three government organizations (Setiadi, Sucahyo, & Hasibuan, 2012, p.
involved in cyber security in Indonesia, 111) such as the ID-SIRTII. Another
which are Information Security community organization is the Indonesia
Coordination Team, Directorate of Academic Computer Security Incident
Information Security, and Indonesia Response Team (ID-ACAD-CSIRT), the
Security Incident Response Team on organization for the universities that want
Internet Infrastructure (ID-SIRTII). to focus on the development of security in
The Information Security Indonesia. ID-ACAD-CSIRT currently has
Coordination Team was formed in April 40 members of academic CSIRT
universities.
68 Cyber Security Policy and Its Implementation in Indonesia
occur. The team also coordinates with 2. Some internet services that have
related parties at home and abroad when servers located abroad,
it needs to secure the network. The team
also provides information when threats 3. Lack of a secure system in
and disruptions come up. Finally, ID- Indonesia,
SIRTII also works on devising work plans 4. The absence of law that
(Article 9 of the Regulation of the Minister specifically addresses and
of Communication and Informatics No. regulates attacks in cyber world,
No.29/PER/M.Kominfo/12/2010).
5. The frequent happenings of cyber
According to Hasyim Gautama, crime that render it hard to handle,
the framework of cyber security law in
Indonesia was based on Law No. 11 of 6. The issues with the governance of
2008 on Electronic Information and national cyber security institutions,
Transaction, Government Regulation No.
82 of 2012 on the Implementation of 7. Weak awareness of international
Electronic System and Transactions, as threats of cyber attacks that can
well as ministerial circulation letters and paralyze a states vital
minister regulations (Ardiyanti, 2014). infrastructures, and
In addition, the policy governing the ICT telecommunication and informatics has
system requires an information system five cyber security policy agendas in
and event management which can developing a secure cyber environment.
monitor security incidents on the network. They are doing it by implementing Ends-
It also needs network security assessment Ways-Means strategy model, which
that controls and measures security. focuses on targets, priorities, and
measured actions. The five policies are
The Development of Cyber Defense in (Ardiyanti, 2014, p. 2):
Indonesia
1. capacity building,
The Law No. 3 of 2002 on State
Defense states that the purpose of state 2. policy and legal framework,
defense is to protect and save the
sovereignty and territorial integrity of the 3. organizational structure,
Republic of Indonesia and the safety of 4. technical and operational
the nation from all kinds of threats, measures, and
whether military or non-military ones.
Indonesia needs to improve its soft and 5. international cooperation.
smart power in defense to anticipate cyber
war through deterrence strategy as well as The ministry functions as the
through the prosecution and recovery of national information security regulator
cyber defense. This will support cyber and the policies implemented will become
security national strategy as promoted by a reference in formulating the national
the MCI (Ardiyanti, 2014, p. 1). strategys road map of cyber security.
is called Siberoc, which coordinates with and would consistently do so until the
Malaysias information security beginning of ASEAN Community in 2015.
institutions such as Malaysian Computer
Emergency Response Team (MyCERT). The Implementation of Cyber Security
Meanwhile, Singapore excels in its human Regulations in Indonesia
resources, having the highest number of The way cyber security is handled
information security experts in ASEAN in the framework of state defense is still
(The Ministry of Defense of the Republic sectoral, not well-coordinated nor
of Indonesia, 2013, p. 17). integrated yet. As the MoD general
Indonesia and ASEAN have been secretary Eris Herryanto (2011) explained,
consistently partnering in security sector the cyber defense concept that was
because ASEAN has given some implemented by the MoD and the
contribution to Indonesia to deal with Indonesian National Armed Forces is still
cyber threats. In ASEAN Regional Forum sectoral, not comprehensive as a unity
(ARF), Indonesia and ASEAN work (Herryanto, 2012).
together in tackling cybercrime by Therefore, the MoD established a
improving security level in states cyber cyber defense operation center team to
sector. tackle cyber crime as well as to secure and
Indonesia has been doing its part to protect the nation in the cyber world.
in cyber security by establishing bilateral The establishment of Cyber Defense
and multilateral cooperation in Operation Center in the national cyber
international regional organizations, such security policy is intended to build a
as ASEAN. In 2006, the ARF focused on universal defense system, which involved
cybercrime threats and the meetings all citizens, territory, and other national
theme was Statement on Cooperation in resources, and to uphold the states
Fighting Cyber Attack and Terrorist sovereignty, as well as to protect the
Misuse of Cyber Space. A workshop on territory integrity and the security of the
this was held during a meeting in entire nation from cyber threats.
Vietnam in 2012 (ASEAN Secretariat, One of the alternative policies is to
2013). put cyber security in defense context.
Previously, in a conference held in Some policies that have been
Kuala Lumpur, Malaysia, on January 13th- implemented are in defense context, as
14th, 2011, the attendants agreed to form a well. The Cyber Defense Operation Center,
community to improve cyber security in as has been explained above, is one of
South East Asia region. As a result, them. The Center has a working team
ASEAN-CERT was established. In a established in 2010 that composed a plan
conference in Mactan Cebu, Philippines, to form an information security incident
on November 15th-16th, 2012, they all management team.
agreed to continue the development of Three Steps to Strengthen Cyber
CERT and to support its tasks (ASEAN Security
Secretariat, 2013).
In order to strengthen cyber
Consequently, along with other security, the Indonesian government shall
ASEAN countries, Indonesia was adopt the following three steps:
committed to develop its cyber security
Journal of ASEAN Studies 75