The Jakarta Post
Indonesian companies plan to increase their cybersecurity budget this year amid the high number of cyberattacks during the pandemic, signalling a growing awareness and commitment in digital safety, a survey by a cybersecurity company shows.
US-based Palo Alto Networks stated that, based on the firm’s survey in February, around 84 percent of Indonesian companies planned to raise their IT budget this year, 44 percent of which would allocate more than half of their IT budget to cybersecurity investment.
The number of companies in Indonesia committed to increasing the IT budget is higher than the ASEAN average of 73 percent.
“Almost all companies in the country have put cybersecurity as their business enabler in this digital era,” said Palo Alto Networks Indonesia country manager Surung Sinamo in a press briefing on July 15. “This shows that we are moving on the right track in terms of digital safety awareness.”
He went on to say that the top reasons these companies increased their budget were to tackle the growing number of sophisticated cyberattacks, upgrade their existing security framework and keep up with competitors.
“Attackers are now using artificial intelligence, so it is important for businesses to start relying on automation such as machine learning for security,” he said, adding that one of Palo Alto Network’s banking clients had seen a 200 percent increase in cyberattacks during COVID-19 compared to usual.
Indonesia recorded more than 88 million cyberattacks during the first four months of the year, with more than half of the cyberattacks being malware and phishing scams, according to the National Cyber and Encryption Agency (BSSN).
In May, three Indonesian e-commerce platforms, including Tokopedia, reportedly experienced data breaches in which their customers' details were stolen, which were then sold on the dark web.
A report by American tech company Microsoft, titled Security Endpoint Threat Report 2019, stated that developing countries, including Indonesia, were most vulnerable to malware and ransomware threats in 2019.
In line with the finding, the survey revealed that most of the companies considered having antimalware and antivirus software as the most important cybersecurity tools.
“Companies are overwhelmed by the complexity of multiple security tools. They need a single platform that can give them integrated protection from cyberattacks,” he said. “But as Indonesian companies increase their cybersecurity investment, there is a willingness to fix this and become more confident.”
However, despite efforts to enhance their security, 44 percent of Indonesian companies still lack confidence in their cybersecurity investments.
Surung said the reason for the lack of confidence was that companies were doubtful in their employees' cybersecurity awareness, or the fact that their security infrastructure was outdated as well as a lack of end-to-end protection.
Palo Alto Network’s survey also showed that companies considered digital payment and e-commerce platforms as the top window for attackers to take advantage of. The reason was both platforms contained much financial data that hackers could immediately use for personal gain, Surung added.
According to Bank Indonesia, electronic transactions increased to Rp 15 trillion (US$1 billion) in May compared to Rp 12.8 trillion in the same period last year. Meanwhile, the central bank recorded e-commerce transactions growing 26 percent during the pandemic.
Surung stated that 39 percent of companies were most concerned about losing their external data such as user information, while 37 percent were worried about internal data loss such as employees’ personal data.
E-commerce platform Blibli.com senior manager of information security Ricky Setiadi told The Jakarta Post on July 17 that malware and phishing attacks were some of the main threats Blibli continuously took precautions for, as both were potential entrance points for further data breaches.
“The COVID-19 pandemic has given rise to cybersecurity risk profiles that diverge from those seen during normal conditions,” he said. “Therefore, we have adapted our budgets to conduct the necessary system and protocol upgrades to address the shift in risk profiles and maintain the integrity of our security systems.”
Similarly, e-wallet provider LinkAja chief technology officer Arman Hazairin said in an e-mail on July 16 that the company also experienced increased transactions during the pandemic, which led to added supervising and preventive measures to increase cybersecurity.
“This means allocating more resources, including funds, people and time, for cybersecurity,” he said.
While e-wallet platform DANA refused to comment on its cybersecurity budget, the company’s communication vice president Steve Saerang said that it was already equipped with an artificial intelligence-based risk engine to analyze unusual transactions and biometric verification as fraud prevention measures.