Professional Documents
Culture Documents
Cybersecurity Policy
Developments in
Cyberspace
1. Maintain confidentiality,
2. Ensure integrity, and
Definition 3. Ensure availability of information in cyberspace.
Communication Network
Security Security
Law Number 11 of 2008 concerning
Electronic Information and Transactions."
Article 40, • (2a) The government is obliged to prevent the dissemination and use of Electronic
Information and/or Electronic Documents containing prohibited content in
paragraphs (2a), accordance with the provisions of the legislation.
(2b), (3), (4), and • (2b) In carrying out prevention as referred to in paragraph (2a), the government is
authorized to disconnect access and/or instruct Electronic System Providers to
(5) of the ITE Law disconnect access to Electronic Information and/or Electronic Documents containing
illegal content.
state that: • (3) The government designates agencies or institutions that possess strategic
electronic data that must be protected.
• (4) The agencies or institutions referred to in paragraph (3) must create Electronic
Documents and electronic backup records and link them to specific data centers for
data security purposes.
• (5) Other agencies or institutions not regulated in paragraph (3) create Electronic
Documents and electronic backup records according to their data protection needs.
• In the efforts to identify and detect cyber
threats, provide protection, mitigation, and
recovery, as well as monitoring and control, it
becomes the responsibility of Cybersecurity
public-private Operators to protect security objects.
Cybersecurity Operators represent the
partnership consept embodiment of the public-private partnership
concept because they are not only composed
of government authorities but also private
entities that possess critical infrastructure in
Indonesia.
Law No. 8 of 1999 concerning Consumer
Protection
Article 1, paragraph (1): "Consumer protection is all efforts that ensure legal certainty to
provide consumer protection."
In Article 4, part (a), it states: "The right to comfort, security, and safety in consuming goods
and/or services."
This aspect applies when businesses engage in actions that cause harm to consumers. This
harm takes the form of customer data breaches due to inadequate security measures.
Article 4 of the National Defense Law states,
"National defense aims to safeguard and protect the
sovereignty of the state, the integrity of the territory
of the Unitary State of the Republic of Indonesia,
and the safety of the entire nation from all forms of
Law Number 3 of threats."
2002 concerning
National Defense. The explanation of Article 4 of the National Defense
Law provides an explanation that a threat is any
effort and activity, both domestic and foreign, which
is considered to endanger the sovereignty of the
state, the integrity of the state's territory, and the
safety of the entire nation.
• In the Intelligence Law, Article 6, paragraph (1) states that the
State Intelligence Agency carries out the functions of
Law Number 17 investigation, security, and gathering. Additionally, Article 6,
paragraph (5) of the Intelligence Law states that in carrying
of 2011 out its functions, it must respect the law, democratic values,
and human rights. The Cybersecurity function itself has
concerning components that essentially encompass functions of detection
and identification, protection, mitigation and recovery,
State monitoring, and control of the Cybersecurity ecosystem.
Intelligence
• Article 1, number 4 of the Intelligence Law states that a threat
is any effort, work, activity, and action, both domestic and
foreign, assessed and/or proven to endanger the safety of the
nation, security, sovereignty, integrity of the territory of the
Unitary State of the Republic of Indonesia, and national
interests in various aspects, including ideology, politics,
economics, socio-culture, as well as defense and security.
Law Number 34 of • Article 7 of the TNI Law states that the
2004 concerning main duty of the TNI is carried out through
military operations for war. Cybersecurity
the Indonesian is closely related to incidents of
cyberattacks by both state and non-state
National Armed actors, which have the potential to lead to
a state of war. Therefore, in the potential
Forces realm of Cybersecurity and Cyber
Resilience as one part of military
operations during a state of war, the
authority for controlling Cybersecurity
needs to be implemented by the
Indonesian National Armed Forces.
Law Number 2 of
2002 concerning
the State Police
• Article 15, paragraph (1), letter j of the POLRI Law states,
of the Republic "in order to carry out its duties in general, it is authorized
of Indonesia to establish the National Criminal Information Center..."
Law Number 36
of 1999 • Article 39, paragraph (1) of the Telecommunications Law
states that Telecommunication Operators are obligated to
concerning secure and protect the installations within the
telecommunications network used for telecommunication
Telecommunica services. In the Telecommunications Law, the state imposes
the duty on telecommunications operators to secure and
tions protect the installations within the telecommunications
network, thereby granting the authority and obligation to
telecommunications operators by the state to orderly and
diligently protect their infrastructure.