n the wake of a string of widely reported security breaches, analysts have criticized the government for what they see as weak enforcement of laws and regulations to protect personal data.
Acknowledging that the government recognized the importance of cybersecurity, IT and data protection, they argue that regulations nevertheless gave foreign investors “mixed signals” about doing business in the country because of cybersecurity concerns.
“The implementation of the [Personal Data Protection Law] is lagging because of the absence of a supervisory agency for the use of personal data and the technical guidelines for imposing penalties on violating companies related to data leaks,” said INDEF economist Nailul Huda.
“Regulations were supposed to have eased the process of investment,” said executive director of Indonesia Services Dialogue (ISD), Devi Ariyani, arguing that the implementation of rules was too weak.
Deficiencies in IT security had come to light through recent data breaches, noted the CEO of Indonesia Cyber Services, Ardi Sutedja, adding that “this has raised questions from many business colleagues overseas about our ability and competence in curtailing cyberthreats.”
In response to those threats, many companies were taking matters into their own hands, such as by conducting security audits or strengthening security requirements, but “one can actually take into account that our cybersecurity awareness and readiness are [not good], despite [the availability of] global references [on corporate IT security],” Ardi told The Jakarta Post on Wednesday.
“Foreign investors are waiting to see what the government will do to the companies involved in the IT breaches, especially in terms of [enforcing] regulations,” said Nailul.
Share your experiences, suggestions, and any issues you've encountered on The Jakarta Post. We're here to listen.
Thank you for sharing your thoughts. We appreciate your feedback.