Public and managed clouds are now a part of the enterprise IT landscape. What’s new is an increasing recognition that public clouds like A Microsoft Azure have matured to the point that they are ready to handle even business-critical workloads.
These capabilities will have an impact on the security vision of enterprise organizations, and the construction of their IT strategies. How will the IT infrastructure scale and evolve over the next three to five years? How can the best use be made of the capabilities of public and managed clouds, while ensuring that the resulting hybridized infrastructure remains reliable and, above all, safe?
Cybersecurity incidents continue to be a huge concern, with increasing numbers of large organizations suffering the financial, reputational, and sometimes legal consequences. Corporate security must be agile and intelligent enough to fight against current and future threats, and must also have the scalability and the flexibility to adapt and evolve alongside your hybridized cloud environment, incorporating both public and private cloud functionalities.
The National University of Singapore (NUS) School of Computing recently hosted the inaugural Critical Infrastructure Defence Exercise (CIDeX), which was organised by the Digital and Intelligence Service (DIS). Over 100 people from the DIS and 16 other national agencies working in the Critical Information Infrastructure (CII) sectors took part in the cyber defence exercise.
The largest Operational Technology (OT) Critical Infrastructure defence exercise, CIDeX is supported by the Cyber Security Agency of Singapore (CSA), iTrust/SUTD, and the National Cybersecurity R&D Laboratory (NCL).
CIDeX is designed to train and strengthen the Whole-Of-Government (WoG) cyber capabilities to detect and address cyber security threats to Information Technology (IT) and OT networks that control the operations of critical infrastructure.
Over the course of the two days, members of the Blue Teams, which included individuals from the national agencies acting as cyber defenders, guarded the exercise’s digital infrastructure, which included an enterprise IT network and three OT testbeds that replicated a water treatment plant, a water distribution plant, and a power grid system, from real-time simulated cyber-attacks launched by a composite Red Team made up of DIS and CSA personnel.
Attacks on the IT network and OT testbeds were included in exercise scenarios. These attacks included poisoning the water treatment plant, stopping water distribution, and cutting off the power supply—all of which intended to disrupt operations and have a negative impact on the way of life. By using cyber tools to track, identify, and block Red Team cyberattacks, participants improved their technical knowledge and intuition for defending cyber networks.
In order to strengthen and perfect their cyber defence competencies prior to the exercise, the participants completed a three-day hands-on training course at the Singapore Armed Forces (SAFexpanded )’s Cyber Defence Test and Evaluation Centre (CyTEC) at Stagmont Camp.
Alongside the exercise, Defence Cyber Chief (DCC) Brigadier-General (BG) Edward Chen and CSA’s Deputy Chief Executive (Development), Gaurav Keerthi, inked a Joint Operations Agreement (JOA) between the DIS and CSA. A framework for collaboration and cooperation in joint operations and capability development is established by the CSA-DIS JOA, which will help create a secure national cyberspace.
The DIS is aware of the need of cultivating close cooperation with CSA and other national agencies in safeguarding Singapore’s cyberspace, according to BG Edward, who emphasised the need for close partnership in securing Singapore’s cyberspace.
He acknowledged that the Joint Operations Agreement between the CSA and the DIS is a significant step in broadening their alliance and institutionalising their existing collaboration in areas like joint cyber training. They give the national cyber defenders a forum to practise together and improve their capacity to defend Singapore’s critical infrastructure systems by cooperating on massive cyber exercises like CIDeX.
Furthermore, CSA’s Deputy Chief Executive Gaurav remarked that cybersecurity is a collaborative effort, and the CSA welcomes the Digital and Intelligence Service to this team. The CSA has a long history of collaboration on national cyber defence with MINDEF/SAF.
Exercises like CIDeX guarantee that everyone is ready for cyber crises and emergencies. The CSA-DIS Joint Operations Agreement confirms SAF’s sustained assistance for Singapore’s cyberspace defence.
OpenGov Asia recently reported that the DIS had been launched by the Service of the Singapore Armed Forces (SAF). As the SAF’s fourth military service or branch, it is responsible for defending the nation from evolving and intricate digital and electronic threats in cyberspace.
The SAF’s existing command, control, communications, computers, and intelligence (C4I) and cyber capabilities are combined and integrated into DIS, according to the Ministry of Defence (MINDEF). DIS consists of a Service Headquarters (HQ), a Digital Ops-Tech Center, four Commands, and a few Joint and Cyber Staff departments.
The National Commission for Women (NCW) recently launched the fourth phase of the Digital Shakti Campaign, a pan-India project to digitally empower and upskill women in cyberspace. In line with its commitment to creating safe spaces for women and girls online, Digital Shakti 4.0 is focused on training women with digital skills and enabling them to stand up against any illegal/inappropriate activity online. NCW launched it in collaboration with CyberPeace Foundation and a social networking giant.
According to a press release, while addressing the audience the NCW Chairperson, Rekha Sharma, highlighted the efforts of the commission to empower women in every sphere across the nation. This new phase will prove to be a milestone in ensuring safe cyber spaces for women. Digital Shakti has been accelerating the digital participation of women by training them to use technology to their advantage and to keep themselves safe online. The project will continue to contribute towards the larger goal of fighting cyber violence against women and girls and making the Internet a safer space for them, Sharma said.
The launch was followed by an interactive panel discussion titled, “Safe Spaces Online Combatting Cyber-Enabled Human Trafficking and Combatting Other forms of Online Violence”. It offered a platform for experts from the industry, government, and academia to share opinions and address the issue of women’s safety online from several aspects and provide a holistic approach to ensure better cybersecurity for women.
Launched in June 2018, Digital Shakti aims to raise digital awareness among women in India and build resilience, and fight cybercrime in the most effective ways. Through this project, over 300,000 women have been made aware of cyber safety tips and tricks, reporting and redressal mechanisms, data privacy, and emerging technology. The third phase of the programme was started in March 2021. In this phase, a Resource Centre was also developed under the project to provide information on all the avenues of reporting in case a woman faces any cybercrime.
The government has launched several initiatives over the past few years to help increase the rate of digital literacy among all citizens as well as government officials. Earlier, OpenGov Asia reported that an e-learning portal for the Department of Posts was launched to enhance the competencies of about 400,000 rural postal service and departmental employees by providing them access to standardised training content online or in a blended campus mode. This will enable them to effectively deliver several government-to-citizen (G2C) services for enhanced customer satisfaction. The training videos and quizzes on the portal are available in 12 Indian languages.
After completing the final summative assessment, a system-generated course completion certificate will be sent to the trainee’s registered email ID automatically. Trainees can also submit feedback, ratings, and suggestions for all learning content.
To support more efficient, affordable, open, and inclusive cross-border payments, Bank Indonesia (BI), Bank Negara Malaysia (BNM), Bangko Sentral ng Pilipinas (BSP), Monetary Authority of Singapore (MAS), and Bank of Thailand (BOT) have decided to improve and heighten their cooperation on payment connectivity.
During the recently held G20 Leaders’ Summit, a Memorandum of Understanding (MOU) on Cooperation in Regional Payment Connectivity (RPC) was signed. The event emphasised the value of concrete joint collaborative action in addressing global challenges. The Governors of the five central banks were acknowledged for their dedication to making ground-breaking discoveries that will hasten regional payment connectivity.
The RPC is anticipated to play a significant role in promoting inclusive growth and speeding up the regional economy’s recovery. By implementing cross-border payment connectivity, the region’s financial ecosystem will become more inclusive and support cross-border trade, investment, financial deepening, remittance, tourism, and other economic activities.
The ability to participate in global markets is especially advantageous for micro, small, and medium-sized businesses. Several modalities, including QR codes and fast payments, will be used in the collaboration.
With the G20’s establishment of its Roadmap for Enhancing Cross Border Payments, accelerating economic and financial digitalisation has become a global initiative. The initiative is also consistent with Indonesia’s G20 Presidency priority agenda in digital transformation, including through payment systems in the digital era, as demonstrated by the coordinated efforts of Indonesia, Malaysia, Philippines, Singapore, and Thailand to pursue enhanced cross-border payment connectivity.
This payment connectivity initiative may be expanded in the future to include additional regional nations as well as potential partner nations outside the region. The Association of Southeast Asian Nations (ASEAN) chairmanship of Indonesia will begin with this milestone in 2023.
This partnership also advances ASEAN’s common goal of establishing interconnected payment systems that will make cross-border payments quick, easy, and more reasonably priced. This initiative lays the groundwork for expanded ASEAN participation soon, strengthening interregional economic ties in line with ASEAN’s pragmatic approach to deepen integration through mutually beneficial arrangements based on readiness.
Meanwhile, on the sidelines of the recently concluded 7th Singapore International Cyber Week, the United States and Singapore held the inaugural United States-Singapore Cyber Dialogue (USSCD).
Representatives from a variety of agencies from both countries attended the dialogue, which was co-chaired by the chief executive of Singapore’s Cyber Security Agency (CSA), David Koh, and Nate Fick, ambassador at large for cyberspace and digital policy for the United States.
Officials discussed supply chain security, regional cyber capacity building, cyber talent and workforce development, developments in multilateral and regional fora, information sharing, protection of critical information infrastructure, countering ransomware, and fighting digital scams during the dialogue.
The next USSCD will take place in Washington, DC, and a working group on the intersection of technology and cyber will be established between the CSA and the US Office of the National Cyber Director.
The USSCD will act as a forum to regularly discuss practical cooperation between officials from both countries’ operational and technical government agencies, as well as cyber policy officials.
As cybersecurity has emerged as a critical tool for both nations to take advantage of the advantages of digitalisation to grow their economies and improve the lives of their citizens, Singapore and the United States have a strong shared interest in enhancing their cyber and digital security cooperation.
The Hong Kong Productivity Council (HKPC) released the results of the HKT Hong Kong Enterprise Cyber Security Readiness Index 2022. The Overall Index rose for the second successive year and surpassed 50 for the first time since the Index began in 2018 to 53.3 (maximum being 100), up 3.7 from last year. SMEs led the surge again, rising from 3.1 to 50.7. The Overall Index consists of four areas: Policy and Risk Assessment, Technology Control, Process Control, and Human Awareness Building.
In 2022, Process Control performed the best at 73.1 following a surge of 14.4 due to improvements being observed in both privileged access management and data backup management. However, Human Awareness Building remained an area of concern with a drop of 2.5 to 25.1.
By sector, Financial Services (65.7) continued to be the most vigilant at the Managed level, joined by Information and Communication Technology (61.1) which posted the highest increase of 8.9. Manufacturing, Trading and Logistics (57.5) also went up by 8.5.
The survey also found that nearly two-thirds (65%) of the enterprises surveyed have encountered cyber security attacks in the past 12 months, up 24 percentage points from last year. Phishing attacks were the most common type of cybersecurity attack being encountered by nearly all enterprises (94%); a significant uplift of 12 percentage points compared with last year. Email phishing (83%), particularly, was the most frequently used ploy with vishing (voice phishing) (32%) and spear phishing (28%) emerging.
This year, the survey continued to explore the opinions and deployments of the surveyed enterprises on managed security services (MSS) as well as their plans to enhance cyber security. It found that nearly half (49%) of enterprises surveyed have subscribed to MSS.
Concurrently, 31% of those not using MSS currently and planning to enhance cyber security said they would consider using the service in the next 12 months. Moreover, 48% of enterprises surveyed said a lack of IT support and management staff is their biggest challenge in cyber security management, up 3 percentage points compared with last year.
Moreover, the top three most important cyber security services selected by surveyed enterprises included firewalls/internet (62%), emails (56%) and solutions on remote access (50%), of which solutions on remote access were up 6 percentage points from last year, indicating higher demand due to the pandemic and the increased adoption of flexi-work location policy.
Among those enterprises with plans to enhance their cyber security, 69% of them plan to enhance cyber security in remote access management solutions, up 16 percentage points compared with last year, reflecting that enterprises deem the provision of a secure environment in a hybrid workplace to be critically important. In addition, 57% of those enterprises with plans to enhance their cyber security would strengthen cyber security training, surging by 11 percentage points compared with 2021.
The General Manager, Digital Transformation of HKPC stated that the Overall Index continued to rise, indicating that enterprises are attaching more importance to cyber security and investing more resources in it which is encouraging. However, he noted that staff security awareness remains the most difficult area to improve. This may be related to the continuous need to strengthen their security awareness as cyber-attacks increase in variety, volume and complexity, especially phishing attacks.
Therefore, enterprises must regularly conduct cyber security training and update the content to increase staff participation in the cyber security planning of the companies and improve their cyber security behaviours and awareness.
To help with this, the HKPC provides both relevant training courses and organises various activities as well as phishing drill services for enterprises to enhance employees’ ability to prevent and respond to such attacks. To enhance cyber security readiness to the Managed level, Hong Kong companies must formulate a comprehensive cyber security plan, allocate appropriate resources and implement it effectively.
Meanwhile, the Head of Commercial Solutions and Marketing, Commercial Group, HKT stated that recently, enterprises have been proactively seeking to drive digital transformation, the pace of which has been further accelerated as more companies implemented hybrid and remote work arrangements during the pandemic.
As cyber-attacks grow continuously more complex, enterprises must ramp up their cyber security strategies and execution. Faced with a shortage of relevant local talent, there has been an increased demand for managed cybersecurity services.
A wide array of managed cybersecurity service providers are currently available on the market. When choosing an appropriate partner, enterprises must consider whether the service provider possesses all-around accreditation and is capable of comprehensive support, including ISO 27001 and the top professional cyber security accreditations.
It is also important for the service provider to offer 24/7 monitoring and assistance across all geographic regions and time zones and has access to intelligence and information on the latest developments of global cyber security threats. On top of catering for large corporations, SME-targeted solutions offer greater agility in terms of operation and budget planning, which may prove more suitable for their needs.
In terms of cyber security support, local enterprises can browse HKPC’s Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) website to conduct the Check Your Cyber Security Readiness online self-assessment and download the recently published Incident Response Guideline for SMEs.
In addition, the HKPC’s cyber security consultants also provide SMEs with cyber security and privacy assessments, as well as vulnerability scanning and penetration testing services.
Conducted independently by HKPC, supported by HKCERT and sponsored by HKT, the survey assesses the readiness of Hong Kong enterprises in tackling current cyber threats. In the survey, telephone interviews with 367 enterprises covering six industry categories were conducted in September 2022.
The Minister of Information and Communications (MIC), Nguyen Manh Hung, recently answered questions from legislators about digital transformation and the government’s fight against fake news.
Digital transformation has been identified by the Party and State as a new mode of development helping accelerate national industrialisation and modernisation. However, several issues regarding regulations, management, culture, human resources, enforcement, and budget pose a hindrance to growth. Hung claimed that if Vietnam doesn’t quickly address these problems, it will not only fail to capitalise on the chances of digital transformation but also face considerable risks during this process.
He noted that digital platforms are a breakthrough measure for promoting national digital transformation. As digital data is considered a type of resource, MIC has focused on developing digital platforms. This year, 52 digital platforms at the national level have been put into use; they have recorded hundreds of millions of downloads so far, he said.
Countries across the world view talent as the fundamental resource and the decisive factor in the mastery and application of science and technology. To boost human resources in this field, it is necessary to develop digital universities, which will be a measure for quickly creating digital technology human resources, Hung explained. MIC has also announced plans to form online training platforms for different groups of learners. Among those platforms, the resource platform “One Touch” has been running for six months, and about ten million Vietnamese people have used it to study, according to Hung.
Regarding the fight against fake news in cyberspace, Hung said that authorities have issued regulations stipulating acts and responsibilities of relevant sides, reduced the time limits for Internet service providers to remove fake news and harmful content (from 48 to 24 hours), and increased fines for fake news spreading by three-fold. However, the fines are equivalent to just one-tenth of those in other countries.
In the time ahead, MIC will urge the government to consider heavier fines to deter acts of spreading fake news, he said, noting the most fundamental solution is that the entire society, from ministries, sectors and organisations to individuals and families, takes an active and proactive part in this work.
In 2020, Vietnam approved a National Digital Transformation Programme by 2025, with an orientation toward 2030. The strategy helps accelerate digital transformation through changes in awareness, enterprise strategies, and incentives toward the digitalisation of businesses, administration, and production activities.
The programme targets businesses, cooperatives, and business households that want to adopt digital transformation to improve their production, business efficiency, and competitiveness. The plan aims to have 80% of public services at level 4 online. Over 90% of work records at ministerial and provincial levels will be online while 80% of work records at the district level and 60% of work records at the commune level will be processed online.
An organisation’s functions could be severely impacted by even a single incident. Organisations need rapid data recovery from the cloud, the edge and on-premises in the event of any type of disaster, be it a natural disaster, hardware failure, data breach or ransomware attack.
The knowledge that one is as well-prepared as possible provides some solace in the face of unforeseen calamities. With the right disaster recovery tools and procedures, it can quickly and easily restore data and workloads.
Hence, organisations need a plan to immediately get back to business as usual in the event of an interruption. Given the fast-paced nature of today’s IT environments, it is crucial to maintain a state of perpetual readiness.
Many businesses and organisations are left exposed to critical events – either man-made or natural disasters – as most fundamental systems have been shifted toward IT structures and applications.
While we can manage physical defence by using survival kits – which include emergency supplies, security, and insurance – not all firms can genuinely claim to have all bases covered. Especially in an increasingly digital landscape, where threats are virtual!
It may seem obvious to have an established disaster recovery plan, but due to the complexity of the outdated replication and recovery procedures, this is often overlooked. People might assume there is one and may have even talked about it but may overlook the most crucial step – documenting the plan.
Creatively assessing the possibilities for affordably safeguarding the data in a location apart from those dangers is vital. Despite data centres’ high level of security and frequent remote locations, creating a plan is now simpler than ever to implement using a cloud-based method.
The OpenGov Breakfast Insight on 10 November 2022 at InterContinental Singapore with Singapore’s top public sector leaders offered the most recent information on the benefits of disaster-proofing an organisation through speedy and efficient data security and recovery.
The Needs for Data Backup and Recovery
Mohit Sagar, CEO & Editor-in-Chief, OpenGov Asia believes that plans for catastrophe recovery must be in place for organisations adding that the traditional backup strategies have focused mostly on the first part of the backup and recovery process.
“The backup’s objective is to generate a copy of the data that can be retrieved in the case of a primary data failure,” Mohit explains. “A primary data failure might be the result of a hardware or software malfunction, data corruption, a hostile attack (virus, malware) or accidental deletion on the part of the user.”
Backup copies enable data to be restored from a previous point in time, assisting the organisation in recovering from an unanticipated event.
Data protection demands a secondary copy be stored in case the primary copy is lost or corrupted. This additional media can be as basic as an external drive or USB stick or as complex as a disc storage system, cloud storage container, or tape drive.
To achieve the best outcomes, backup copies should be made on a consistent, regular basis to reduce the amount of data lost between backups. The longer the time between backup copies, the greater the risk of data loss when recovering from a backup. Keeping several copies of data gives the security and flexibility to restore to a point in time that was not impacted by data corruption or malicious attacks.
In addition, a single accident or mishap might completely interrupt company operations, with significant consequences. According to reports, 93% of organisations that do not have disaster recovery coverage and experience a big data loss go out of business within a year.
However, with the correct tools and disaster recovery methods, organisations can restore their data and workloads fast and easily. Through advanced technologies, policies and standards, establishing layers of infrastructure protection and controls increases resiliency and security posture.
Monitoring the environment and intelligently managing data, via a single interface, is one of the disruptive solutions to ensure the best visibility across the data to quickly identify risk exposure and coverage, data availability and business continuity across on-premises and cloud settings.
“When the unexpected happens, you must be able to swiftly restore your organisation’s operations. It is paramount to constantly be prepared, especially given the rate of change in today’s IT landscape,” advises Mohit.
According to Paul Lancaster, Director, Sales Engineering, Commvault, data is the competitive advantage in the modern digital economy. It generates corporate strategy, directs operational effectiveness, and forecasts consumer behaviour. “Data needs to be kept safe while still being always available.”
The problem is that the data is always changing and evolving as it expands, changes, and fragments into digital bits and bytes. Hence, the degree of an organisation’s success is directly correlated with how well they handle its data.
“In this situation, Commvault is useful. We support businesses in doing incredible things with their data. No matter where the data is located or how it is organised, our Intelligent data services can help these organisations become more efficient by changing how they protect, store, and use data,” Paul explains.
He advised organisations to always be prepared when calamity hits or whenever fraudsters attempt their best shot. Organisations should also be ready to take advantage of opportunities as they present themselves.
Further, Commvault offers flexibility in the deep integrations to:
- Connect (to Snaps/Replication via Intellisnap)
- Converge (roll new cyber harden backup infrastructure/stores with HSX)
- Cloudify (optimised stores for the cloud storage resources)
- Re-purpose (reuse existing open assets that still have a service life to the payoff from the prior investments)
Paul elaborated that their Control Plane offers comprehensive workload coverage coupled with key data management services to extend self-service roles so users can quickly and securely search and restore data. Data engineers working on a new analytics application can quickly call up a database clone to accelerate a new project.
Through hybrid cloud adoption, users can leverage cloud-based storage and realise the benefits of agile management, limitless scale, and cost savings of the cloud.
Commvault offers a comprehensive solution with deeply integrated workloads to simplify and future-proof. “We make the past more accessible and adaptable to the future faster and we span the solution across the customer’s full needs.”
Marcus Tan, Head of the Cybersecurity Department, Institute for Infocomm Research (I2R), A*STAR believes that business continuity refers to an organisation’s preparedness to keep delivering products and services at predetermined, acceptable levels despite a crisis.
“Business continuity plans detail how a company will operate during and after a disaster,” says Marcus. “It may include contingency plans explaining how the company will continue to operate even if it must relocate. In addition, smaller interruptions, or minor disasters, such as protracted power outages, may also be included in business continuity planning.”
On the other hand, recovering from a catastrophic incident, such as a natural disaster, fire, act of terrorism, active shooter, or cybercrime, is referred to as disaster recovery. Recovery from a disaster entails the steps an organisation takes to respond to an incident and resume normal operations as fast as possible.
“Disaster Recovery is an organisation’s plan for resuming normal operations following a catastrophic event. This is an essential part of the Business Continuity Plan,” Marcus elaborates. “And, importantly, strategies should align with the organisation’s goals.
There are various issues to be considered in terms of protection and recovery strategy. These are compliance requirements, budget, insurance coverage, resources (people, physical facilities), management’s risk appetite, technology, suppliers and data and data storage, among others.
Business Impact Analysis is the systematic process to determine and evaluate the potential effects of disruption to business operations resulting from disaster, accident, or emergency.
Risk Assessment, on the other hand, involves having to identify, examine, measure, and mitigate/transfer risks. Hence, it is important to identify critical business functions to keep the organisation going during a disruption.
The purpose of the Disaster Recovery Plan is Getting Ready (pre-disaster), Continuity (during a disaster), and Recovery (post-disaster).
Some of the key considerations of the Disaster Recovery Plan are identifying critical business processes to continue the minimum desired level of operations during disruption. It would also identify key data, storage, network and apps to support critical business processes.
There must be also a consideration of compliance with regulations, recovery point objective, recovery time objective, establishing management succession, reporting structure, roles in the event of a disaster, and budget.
A Disaster Recovery Plan should be updated when a significant change to system architecture occurs; and if it has changed in system dependencies and recovery personnel as well.
“Tools are great for making your job easier, but they can never take the place of doing the things we need to do,” Marcus concludes.
Chua Chee Pin, Area Vice President – ASEAN, Hong Kong, Japan, Korea & Taiwan, Commvault highlighted that data is getting more and more in demand. “The balance between data democracy and security is so important, hence protecting your organisation’s data is complex.”
Everyone is now aware of the significance of data, both in their professional and personal life. Digitisation, cell phones, and Internet of Things (IoT) sensors all contribute to the ever-increasing amount of data. Utilising this knowledge is crucial for both company competitiveness and empowering individuals in their daily lives.
“Commvault’s data management and protection unify and safeguard data at scale across on-premises, hybrid, and multi-cloud environments for all workloads,” claims Chee Pin. “Advanced detection, multi-layer protection, and rapid recovery against security threats, such as ransomware and data breaches.”
Mohit highlights the importance of a digital partner. External partners can be a pillar of support while facing digital transformation procedures. They are available to assist every organisation with any project based on their demands.
“They can guide you through a much broader and more sophisticated process, as they possess the necessary expertise and experience,” Mohit opines. “Partnerships can save the organisation from making unneeded errors, thus saving time and money.”
During the pandemic, the financial crisis compelled everyone to seek money in diverse ways. Monthly earnings for hackers can range from millions to billions of rupiah due to the high value of illegal personal data. In addition, hackers are motivated by social and political issues. Not only does the hacking violate social norms, but it also has the potential to incite public unrest.
Security gaps on business or governmental websites make it simple for a hacker with ulterior motives to access people’s personal information. The lack of knowledge regarding digital data security and the absence of clear laws regarding digital crimes enable these individuals to continue their bad practices. Therefore, the government desires to strengthen its cyber security.
The website lapor.go.id, the government’s official information system that accepts online aspirations and complaints from the public, is another option for expressing aspirations. In addition, the House of Representatives and the Government of Indonesia have adopted the Bill for the Protection of Personal Data (PDP). It will then be forwarded to the President for ratification and publication in the State Gazette.
Indonesia is the fifth ASEAN nation to have a comprehensive legal framework for the protection of personal data, according to the Minister of Communication and Information, Johnny G. Plate. He emphasised that the PDP Law’s implementation will uphold citizens’ rights in line with the Republic of Indonesia’s 1945 Constitution.
Ratifying the PDP Bill is concrete proof that the Constitution’s mandate has been carried out. The PDP Bill will expand the scope of the government’s authority and role in enforcing and regulating the obligations placed on all public and private parties who process personal data.
Ratifying the PDP Law, according to the Minister, would boost confidence in and recognition of Indonesia’s leadership role in global data governance. He claimed that Indonesia would be the sixth ASEAN nation to have a comprehensive legal framework for protecting personal data.
Therefore, businesses and governments alike need to contribute to improving the infrastructure for handling digital data. Businesses and government agencies that deal with customers’ private information must exercise extreme caution and accountability when handling this information.
Data owners can also increase their knowledge of digital data security by taking measures like not reusing passwords, being wary of sharing personal information and avoiding questionable websites and apps. Privacy should be respected on both sides, especially when dealing with sensitive information.
In addition, Minister Johnny has commended the work of the Indonesian Parliament in passing the PDP Law. Many interested parties are waiting for the court’s decision on the PDP Bill because of its importance. The government, the police, the private sector, the internet, the platforms, the social media, and the people of Indonesia all play a part.
There will be more than 70 articles in the PDP Law, which will be broken down into roughly 15 chapters. Personal data of Indonesian users, including its collection, storage, processing, and transfer, will be the subject of these articles and chapters, which will also provide a thorough discussion of data ownership rights and limitations.
Minister Johnny has extended an invitation to all residents to participate in the development of the nation and state, arguing that the entire ecosystem of communication and IT can serve as an example and source of motivation toward the goal of digital transformation.