%202%20(1).png)
Indonesia
With the government sensing that much of Indonesia’s prosperity can be gained by leveraging the digital domain, cybersecurity is emerging as a more pressing concern for government, industry and society. A higher percentage of Indonesian commercial firms than the global average has reported theft of sensitive business information, but cyber-enabled IP theft is still regarded as a relatively low threat.
Jakarta Skyline Part 2 - 2008 CC2.0 Yohanes Budiyanto
Key Facts
.svg)
R&D Investments
Patent Applications
Cybersecurity Agency
Despite structural constraints undermining its innovation sectors, Indonesia maintains a growing knowledge economy, increasing foreign direct investment in tech sectors and rising patent applications. These factors, coupled with Indonesia’s digital transformation over the past ten years, put Indonesia at more risk of cyber-enabled IP theft.
Over the past decade, Indonesia has embraced digital transformation, with the government aiming for the economy to rank seventh globally by 2030. Strategic initiatives have focused on ICT infrastructure, human capital, and AI development. However, policy support remains weak, and Indonesia relies heavily on foreign technology, as domestic R&D investment and incentives for homegrown innovation are limited. Nonetheless, with the continued growth of its skilled labour market, Indonesia’s knowledge economy is becoming a larger part of the national economy. Government statistics estimate that Indonesia’s knowledge sector produced 29.7% of national GDP in 2021. Moreover, Indonesia continues to foster deepening economic ties with advanced economies. That’s injecting increasing amounts of FDI into Indonesia’s manufacturing and tech sectors, facilitating tech transfers and other forms of information exchange.
Indonesia's pragmatic engagement with major powers has led to increased foreign investments, particularly from China, which heightens its risk of cyber-enabled IP theft due to competition for strategic contracts and potential exploitation of its ICT infrastructure. Indonesian officials have accepted investments from all major powers, prompting intense competition from Chinese and Japanese firms to win strategic contracts. Placed against the backdrop of wider strategic competition, that competition incentivises unscrupulous states to employ cyber tactics to secure economic and political gains, making Indonesia a bigger target for cyber-enabled IP theft.
There’s growing awareness of the significance of IP protection and cybersecurity for Indonesia’s prosperity, but resilience to the threat of cyber-enabled IP theft is below average. That’s due to a lack of human capital and resources for law-enforcement agencies to respond to the large number of cyber incidents that affect Indonesian firms, organisations and individuals each year. A Cisco study revealed that one-third of Indonesian small and medium-sized enterprises (SMEs) fell victim to cyberattacks in 2021, resulting in multimillion-dollar losses. About 43% of those businesses reported revenue and recovery costs exceeding US$500,000, and 12% lost more than US$1 million. In the absence of sufficient resources, many cyberattacks aren’t investigated.
While the government has taken steps to address the issue through Presidential Regulation No. 82/2022 on Protection for Vital Information Infrastructure and the 2022 Personal Data Protection Bill, the national response to cyber threats faces challenges. A major hurdle is the fragmented nature of cybersecurity policies and regulations across different ministries and the absence of clear guidelines on responses to data leaks. The umbrella cybersecurity framework called the Cybersecurity and Cyber Resilience Bill has been in draft since 2019 and is yet to be tabled. Among private organisations, however, there’s a growing awareness about the risks of cyberattacks. A survey by Palo Alto Network in 2020 revealed that 84% of Indonesian C-suite executives had increased cybersecurity budgets, surpassing the regional average.
Limited awareness of the value of IP protection among firms and research institutions contributes to the problem. The Ministry of Law and Human Rights lists only about 70,000 SMEs (out of 64 million) that have registered IP (primarily trademarks). The low rate of registrations is attributed by the Directorate General for Intellectual Property to a lack of awareness of the value of IP protection. That leads to lax enforcement of copyright infringement rules. Major Indonesian e-commerce platforms have been on the US Trade Representative’s Notorious Markets List since 2018, with firms suspected of tolerating or facilitating substantial trademark infringements. Nonetheless, Indonesia has the legal framework to protect IP from cyber-enabled theft. The Criminal Code, Law 30 of 2000 on Trade Secrets, and the 2008 Law on Information and Electronic Transaction allow for the theft of trade secrets or cyber-enabled theft to be prosecuted. As IP violations remain widespread, affected and compromised firms and researchers are encouraged to use alternative dispute-settlement mechanisms, such as mediation, negotiation and conciliation.
While Indonesia is a stable democracy, its biggest challenge, particularly when defending against the threat of cyber-enabled IP theft, is corruption. Corruption undermines the ability of law enforcement and the judicial system to enforce laws related to IP and responsible behaviour in cyberspace, and it can be exploited by nefarious foreign actors with interests in Indonesia’s critical resources and infrastructure.
Reported cases of economic cyber-espionage
Name of Incident
