Publication Search

This paper reviews the dynamics of cybersecurity in Indonesia, focusing on the role of the Indonesian National Cyber and Crypto Agency (BSSN) in Indonesia’s cybersecurity architecture. The conceptual framework used is cyber security to analyze cybersecurity phenomena in Indonesia and multi-level cybersecurity governance as a tool for analyzing the role of BSSN in the field of cybersecurity. A descriptive qualitative approach is the main methodological approach in this study. With this approach, this study attempts to describe the role of BSSN in Indonesia’s cybersecurity architecture. Data collection was carried out through a literature study obtained from BSSN’s main documents, official reports, and related journal articles. The findings show that BSSN has a strategic role in Indonesian cybersecurity. This strategic role is demonstrated by BSSN’s various achievement in cybersecurity, such as the drafting of a national cybersecurity bill, the development of human resources capacity in the cyber field and the establishment of cooperation with various parties, both domestically and internationally.

The rapid digital transformation has had a significant impact on various aspects of life, while simultaneously increasing the complexity of cyber threats faced by nations, including Indonesia. As a country with a high number of internet users, Indonesia is in a vulnerable position regarding cyberattacks that could threaten national stability. This study aims to analyze Indonesia’s national security strategy in responding to cyber threats through a descriptive qualitative approach based on literature review and document analysis. The findings show that Indonesia has implemented various strategic policies, including the establishment of the National Cyber and Crypto Agency (BSSN), the enactment of regulations such as the Personal Data Protection Law, as well as the strengthening of international cooperation, human resource development, and the utilization of security technologies. However, significant challenges such as weak inter-agency coordination, low digital literacy, and limited infrastructure remain major obstacles to effective implementation. This study recommends strengthening governance, increasing institutional capacity, and involving multiple stakeholders to build a national cybersecurity system that is adaptive, inclusive, and sustainable.

The rapid development of information technology has had a significant impact on the pattern of collecting, processing, and storing personal data in the digital era. However, this progress is also accompanied by an increasing threat of cybercrime, one of which is phishing attacks. Phishing is a digital fraud mode that aims to obtain personal data illegally through social engineering and manipulation of electronic systems. This study aims to analyze the form of legal protection for phishing victims in the perspective of Law Number 27 of 2022 concerning Personal Data Protection (UU PDP). Using normative legal methods and conceptual approaches, this study examines the role of state authorities such as the National Cyber and Crypto Agency (BSSN) and the Directorate of Cyber Crime (Dittipidsiber) of the National Police Criminal Investigation Unit in the procedures for handling and prosecuting phishing. The results of the study show that although the PDP Law has provided a clear legal framework, its implementation still faces challenges in technical aspects, institutional coordination, and public digital literacy. Therefore, strong synergy is needed between regulation, supervision, and public education to realize effective and sustainable personal data protection in the digital era.

Information security is one of the key aspects of protecting information assets. Referring to the Regulation of the Ministry of Communication and Informatics No. 4 of 2016, Electronic System Providers (PSE) are required to implement information security to safeguard public interests, public services, state administration, and national defense and security. Therefore, the XYZ Regency Communication and Information Office, as an Electronic System Provider, needs to conduct an evaluation of its information security. This study aims to assess the level of information security at the XYZ Regency Communication and Information Office using the KAMI Index version 5.0 and to provide improvement recommendations in accordance with ISO/IEC 27001:2022 controls. The KAMI Index is used as a standard evaluation tool for assessing information security readiness based on the Regulation of the National Cyber and Crypto Agency (BSSN) No. 8 of 2021. The evaluation results show that the XYZ Regency Communication and Information Office obtained a final score of 248, with a readiness status of "Not Eligible" to meet the ISO/IEC 27001:2022 standard. The maturity level of information security is in the range of Level I to II. Improvement recommendations are provided based on questionnaire results that do not yet meet the ISO/IEC 27001:2022 standards. These recommendations serve as a reference for the XYZ Regency Communication and Information Office to align its information security governance with the ISO/IEC 27001:2022 standard.

In an era of rapid digital transformation, Indonesia faces major challenges in ensuring security, privacy and compliance are maintained. With increasing cyber threats in the country, BSSN and the Government must be more careful about potential large-scale security breaches and must prioritize building strong defense mechanisms to protect Indonesia's digital assets. Therefore, Cyber Security is the main pillar for the progress and sustainability of Indonesia's digital transformation. Then, legal provisions were issued in the form of Criminal Code Legislation and ITE Law no. 11 of 2008. The research method used in writing this article uses a qualitative method with a literature study approach. This research aims to provide an explanation regarding the compilation of national values originating from the 1945 Indonesian Constitution (UUD 1945) and the Unitary State of the Republic of Indonesia (NKRI) regarding security management. Specifically, this research examines the role of security management in dealing with cybercrime and strengthening digital defenses. It is hoped that the results of this research can be used as a reference for further research in increasing readers' insight and knowledge regarding the theme of this article.