Publication Search

This paper reviews the dynamics of cybersecurity in Indonesia, focusing on the role of the Indonesian National Cyber and Crypto Agency (BSSN) in Indonesia’s cybersecurity architecture. The conceptual framework used is cyber security to analyze cybersecurity phenomena in Indonesia and multi-level cybersecurity governance as a tool for analyzing the role of BSSN in the field of cybersecurity. A descriptive qualitative approach is the main methodological approach in this study. With this approach, this study attempts to describe the role of BSSN in Indonesia’s cybersecurity architecture. Data collection was carried out through a literature study obtained from BSSN’s main documents, official reports, and related journal articles. The findings show that BSSN has a strategic role in Indonesian cybersecurity. This strategic role is demonstrated by BSSN’s various achievement in cybersecurity, such as the drafting of a national cybersecurity bill, the development of human resources capacity in the cyber field and the establishment of cooperation with various parties, both domestically and internationally.

Tangerang City has the most applications in Indonesia, with 222 applications. All of these applications are supported by more than 100 servers located in the data center of the Tangerang City Communication and Information Agency. The large number of servers and applications that are managed brings up new problems in the midst of increasing complex cyber threats, especially in government data centers. One of them is how to monitor and respond quickly when there is an attack on the existing system. The implementation of a cyber security system based on Wazuh, Shuffle, and YARA is able to monitor threats in realtime and automate responses against attacks. Wazuh acts as a log-based monitoring and detection platform and behavior analysis, Shuffle is used to automate incident response through integrated workflow, and YARA is applied for signature-based malware identification. The PPDIOO (Prepare, Plan, Design, Implement, Operate, Optimize) method used in this research is used as a framework in designing and evaluating the system. From the research conducted, it is expected that Wazuh successfully monitors anomalies that occur on the server which will then be forwarded to Shuffle to automate the next steps to be taken. YARA integrated with Wazuh also successfully detects and quarantines malicious files that enter the server automatically based on the available signature list.

Perang siber adalah suatu kondisi konflik dengan menggunakan perkembangan teknologi informasi dan komunikas dimana menjadi sebuah fenomena sosial dalam relasi internasional yang menjadi masalah serius bagi bangsa-bangsa di dunia dalam membangun stabilitas internasional. Mmenghadapi variasi bentuk perang siber, dibutuhkan adanya proses pembangunan nasional berbasis keamanan siber/cyber security sebagaimana telah dilakukan oleh beberapa bangsa-bangsa di dunia. Perang siber sesungguhnya merupakan bentuk dari perang dunia ketiga yang sudah terjadi. Kekosongan dalam literatur hukum internasional membuat model serangan siber semakin menunjukkan kesiapannya untuk terlibat dalam konflik bersenjata. Konflik siber, yang melibatkan serangan terhadap sistem komputer dan jaringan digital, menimbulkan pertanyaan kompleks mengenai bagaimana prinsip-prinsip hukum humaniter yang ada dapat diterapkan dalam konteks konflik ini. Menggunakan metode penelitian yuridis normatif (legal  study  research) yang bersifat kualitatif dengan pendekatan perundang-undangan, konseptual dan kasus dari bahan primer dan sekunder. Tantangan HHi dalam mengatur konflik siber mulai dari definisi, pelacakan pelaku, perlindungan masyarakat, sampai penyesuaian hukum dengan teknologi baru. Diperlukan pembaruan hukum, peningkatan kerja sama antar negara, dan penguatan cara penegakan hukum agar perlindungan kemanusiaan tetap terjaga di zaman digital. HHI dapat diterapkan pada konflik siber tetapi perlu adaptasi melalui instrumen baru atau interpretasi progresif sebagaimana Kasus Rusia-Ukraina yang menjadi bukti urgensi penyesuaian hukum.

This study analyzes the impact of implementing Indonesia’s Law No. 27 of 2022 on Personal Data Protection (PDP Law) on cybersecurity in the e-business sector. Using a normative qualitative approach through literature analysis, this research examines the regulation’s implications for technical infrastructure, compliance procedures, and human resource capacity development within e-business operations. The findings indicate that although the PDP Law provides a comprehensive legal framework and human-centered principles for personal data protection, its implementation faces technical, operational, and economic challenges, particularly for micro, small, and medium enterprises (MSMEs). These challenges include limited security infrastructure, lack of technical expertise, and high investment costs. Nevertheless, adopting strategies such as multi-layer security architecture, zero-trust security model, privacy by design, and strengthening human resource capacity can enhance consumer trust, industry credibility, and the global competitiveness of Indonesia’s e-business sector. This study contributes to the literature by bridging the gap between personal data protection regulation and cybersecurity practices while offering strategic recommendations for both business actors and regulators.

The rapid growth of e-business in the digital transformation era has brought significant cybersecurity challenges. This study aims to analyze holistic defense strategies to comprehensively protect e-business assets and operations. Utilizing a systematic literature review of 50 reputable scientific publications (2020–2024), the study identifies five key pillars of cybersecurity strategy: (1) multi-layered security architecture, (2) AI-powered threat detection, (3) Zero Trust security model, (4) continuous security monitoring, and (5) human-centric security culture. The integrated implementation of these pillars has been shown to reduce cybersecurity risks by up to 78% and accelerate threat detection by 89%. These findings highlight the importance of integrating advanced technologies, mature processes, and strong security awareness to establish a resilient cybersecurity ecosystem for e-business.

This research explores the crucial role of cybersecurity in building and maintaining digital trust for e-business sustainability. The rapid digitalization era has increased business dependence on digital platforms but also brought cyber risks that can threaten customer trust and operational sustainability. This systematic literature review analyzes recent research (2021–2025) from various academic databases including Google Scholar, IEEE Xplore, ScienceDirect, Scopus, and ACM Digital Library. The research objectives are to identify the impact of cyber incidents on customer trust, analyze digital trust-building strategies, and formulate recommendations for e-business sustainability. Study results show that cyber incidents can reduce customer trust by up to 60% and cause average financial losses of $3 million per incident. However, implementing comprehensive cybersecurity strategies, communication transparency, and rapid recovery can restore trust and enhance business resilience. The research emphasizes the importance of a holistic approach that integrates security technology, risk management, and crisis communication to build a sustainable and trusted e-business ecosystem.

The rapid growth of information technology has driven digital transformation in various sectors, including micro, small, and medium enterprises (MSMEs), the backbone of the Indonesian economy. In response to the challenges and opportunities of digitalization, the Surabaya City Government launched the Peken e-commerce platform on October 31, 2021. This platform aims to help MSMEs market their products online, expand market reach, and increase competitiveness. However, the use of digital systems also presents new challenges, particularly in terms of cybersecurity. Dependence on technology opens the door to various threats that can compromise data confidentiality, integrity, and availability. This study aims to analyze and evaluate information security risks on the Peken Surabaya website using a risk management approach based on the ISO/IEC 27005:2019 standard. The analysis method involves identifying information assets, recognizing potential threats, identifying vulnerabilities, and assessing risk levels based on the likelihood of occurrence and impact. To support the analysis, technical testing was also conducted using the Open Web Application Security Project Zed Attack Proxy (OWASP ZAP) tool. The research results indicate that most of the risks faced by Peken Surabaya are moderate to very high. These risks include Distributed Denial of Service (DDoS) attacks, user data leaks, and the lack of a two-factor authentication (2FA) system. Based on these findings, a risk management strategy was developed using the Risk Modification, Risk Sharing, Risk Retention, and Risk Avoidance approaches. Furthermore, this study recommends security controls based on ISO/IEC 27005 and OWASP Top 10 to enhance system protection. These findings emphasize the importance of implementing international standards-based risk management in maintaining the continuity and security of digital public services, particularly those supporting the MSME sector in the digital era.

This paper analyzes bilateral cooperation between Indonesia and the UK in the field of cybersecurity. Cyber ​​threats are increasingly complex and require a collaborative approach that cannot be addressed independently by each country. Indonesia as a developing economy with high internet faces significant cyber dynamics, while the UK has technological advantages and mature cybersecurity experience. Using a descriptive qualitative analysis approach, this paper examines bilateral agreements, data, and related literature to understand the dynamics of this cooperation. Therefore, this paper shows that this cooperation is based on the strategic interests of both countries in maintaining regional and global security stability, as well as the rampant cyber threats in the current digital era. Indonesia chose the UK as its main partner because of its technological advantages in AI and digital innovation. This cooperation is implemented through personnel exchange mechanisms, technical training, and research and development collaboration.

The 2024 data breach incident at Indonesia's National Data Center (PDN) marked a major crisis in the governance of national cybersecurity. This study examines the causes, threats, proposed solutions, and the roles of both the government and the public in responding to such breaches. The research employs a literature review and media framing analysis, focusing on news coverage and government policy responses. Findings indicate that systemic vulnerabilities, inadequate infrastructure readiness, and human factors are the primary causes of the breach. The resulting threats include economic and social losses, a decline in public trust, and the risk of data misuse. Proposed solutions involve strengthening regulations, enhancing technical capacity, and increasing public awareness through education. The active participation of civil society and swift government response are critical to restoring trust and preventing similar incidents in the future.

Penelitian ini mengeksplorasi peran manajemen risiko digital dalam meningkatkan keamanan siber Industri 4.0. Adopsi teknologi canggih seperti IoT, sistem siber-physical, dan AI berbanding lurus dengan meningkatnya risiko keamanan siber baru, sehingga perlu pendekatan manajemen risiko yang kuat. Tinjauan ini mensintesis penelitian terbaru (2020–2024) dari sumber Google Scholar, IEEE Xplore, ScienceDirect, Scopus, dan ACM Digital Library. Tujuan dari penelitian ini adalah identifikasi strategi utama dalam mitigasi risiko siber, seperti kerangka kerja penilaian risiko yang komprehensif, pemantauan ancaman secara real-time, dan kebijakan keamanan yang adaptif. Studi literatur menekankan pentingnya mengintegrasikan langkah-langkah keamanan siber dalam proses transformasi digital untuk melindungi sistem manufaktur dan infrastruktur kritis. Upaya kolaboratif antara pemangku kepentingan industri, penyedia teknologi, dan regulator sangat penting untuk membangun ekosistem industri yang tangguh dan aman. Hasil studi literatur menunjukkan bahwa manajemen risiko digital yang efektif sangat penting untuk menjaga keberlanjutan dan keamanan data sensitif di era Industri 4.0, serta menghadapi ancaman siber yang terus berkembang.

The cross – border fintech payment industry faces many cybersecurity issues, including the possibility of data theft, fraud and low efficiency due to reliance on conventional intermediaries. Based on decentralized and cryptgrahpic system, blockchain technology can improve the security and efficiency of cross – border payments. The purpose of this study is to see how the implementation of blockchain affects the transparency, speed and cost of transactions. Using literature studies and case analysis, it was found that blockhain technology can reduce the risk of fraud by making institutions transparent and immutable. In addition, it allows for automated payments through smart contracats, scalability, regulation and technology adoption are some of the challenges that still hinder its implementation. The results of the study show that blockchain is an innovation strategy that has the potential to transform payments across the fintech sector, but it requires synergy between technology, policy and industry players for optimal implementation.  

Salah satu bentuk dari pemanfaatan kemajuan teknologi berupa penerapan aplikasi web menggunakan web server untuk berbagi informasi, memberikan layanan, dan menyimpan data. Dibalik kemudahan dalam penggunaan aplikasi web yang dapat diakses darimana pun, terdapat risiko ancaman keamanan siber yang cukup besar dimana aplikasi web dapat menjadi target serangan oleh penjahat siber yang ingin mencuri informasi sensitif atau mengambil alih sistem. Masalah keamanan tersebut dapat diatasi dengan pendekatan reaktif yaitu penerapan sistem keamanan yang mampu mendeteksi dan menganalisa insiden keamanan pada aplikasi web secara cepat dan efektif. Salah satu solusi yang dapat digunakan adalah dengan mengimplementasikan Security Information and Event Management (SIEM). SIEM adalah sistem yang dapat digunakan untuk mengelola log yang dihasilkan dari berbagai sumber data seperti endpoint, perangkat jaringan, maupun firewall, Salah satu aplikasi SIEM yang bersifat open source dan dapat digunakan untuk deteksi serta analisa insiden serangan siber adalah Wazuh. Wazuh adalah perangkat lunak open source yang berfungsi sebagai sistem deteksi berbasis host (endpoint) yang menyatukan kemampuan XDR (External Data Representation). Metode yang digunakan dalam penyelesaian masalah tersebut menggunakan metode Eksperimental, ada 5 tahapan dalam metode eksperimental ini yaitu analisis kebutuhan, desain, implementasi, pengujian, evaluasi. Hasil dari pengujian tersebut dapat di deteksi oleh Wazuh sebagai SIEM untuk memonitoring keamanan server dan deteksi penyerangan.