Indonesia to boost cybersecurity in healthcare sector

British Embassy Jakarta invites bids to help create a Health Data and Cyber Security Coordination Group to boost cybersecurity in the country.

The British Embassy in Jakarta is working to boost cybersecurity in Indonesia with the creation of a health ministry Computer Emergency Response Team and a Health Data and Cyber Security Coordination Group.

The establishment of a health ministry Computer Emergency Response Team (CERT) and a multi-agency Health Data Protection and Cyber Security Coordination Group, will act as a focal point for strategic risk management relating to healthcare data and systems, an area "which is currently lacking and undermines operational planning and incident response capability," according to the embassy. 

CERTs usually provide a combination of reactive services (e.g. alerts, warnings, incident response coordination) and proactive services (e.g. announcements, security assessments, development of tools).  The Strategic Coordination Group will agree a terms of reference with key government stakeholders and support in setting up appropriate cross departmental governance structures focused on incident response strategies and threat intelligence sharing.

The embassy said in a statement: "Bids are welcomed from not-for-profit organisations including academia, NGOs, inter-governmental organisations and not-for-profit arms of commercial entities.

"Many capacity building projects cannot be fully delivered by a single implementer as the capability and skills required may only be found in a consortium. We therefore welcome bids from consortia, with a clear non-for-profit prime or lead implementer. Commercial organisations are permitted to join consortia as part of a bidding team. However, the commercial element of the proposal, which would be sub-contracted by the not-for-profit, must be proportionate."

Cybersecurity in Indonesia 

In 2019, the Indonesian National Cyber and Crypto Agency (BSSN) reported 290 million cases of cyberattacks. That was 25% more than the previous year, when cybercrimes had caused losses of USD 34.2 billion for Indonesia. The Covid-19 pandemic in 2020 triggered a significant increase in phishing attacks, malspams and ransomware attacks, adding to the urgency of establishing a well-functioning infrastructure for cybersecurity in Indonesia.

According to the Centre for Indonesian Policy Studies, Indonesian cybersecurity laws and regulations created fragmented responsibilities across different ministries and they remain ineffective in preventing cyberthreats and cybercrime. A comprehensive regulation on cybersecurity is urgently needed in Indonesia.

The Indonesian parliament has been discussing an overarching Cybersecurity Bill but the process did not involve the private sector. As a result, the Bill contained provisions that were overly cumbersome and costly for businesses, requiring certifications, accreditations, and approval from BSSN for developing services and products. Local content requirements added further risks to Indonesia’s cybersecurity. The Bill was heavily criticized and later withdrawn from the parliamentary agenda in 2020 and 2021.



Featured Articles

BlueVoyant's Tom Moore Talks Legal Procedure Following Hack

BlueVoyant's Tom Moore explains how companies should act with legal council following a cyber attack

GDPR: Studying the World's Strictest Security Law 6 Years On

We take a look at the history, impact, and future of GDPR to see how it has effected the cyber sphere six years after its enactment

Banking Titan Baird Gives 9 Pointers for Cyber Investors

Investment bank Baird have made nine observations from RSA Conference that investors should consider when investing in today’s cyber market

OpenText's Pillr Buy Show Acquisitions Still in its Strategy

Cyber Security

Zoom Prepares for Quantum World with Post-Quantum Encryption

Cyber Security

Tenable: Security Expertise Gap Threatening Cloud Expansion

Operational Security