Strengthening the security of critical data in cyberspace, a policy review

Abstract

Securing critical data in cyberspace against growing and evolving cyber threats requires a layered approach. It involves strategy, regulations and also policies. Cyberspace is composed of hundreds of thousands of interconnected computers, servers, etc that allow critical infrastructures and data to work. The National Strategy to secure cyberspace is part of our overall effort to protect the Nation. Strengthening the security of critical data in cyberspace aims to protect basic interests of nation-states is related to the three aspects of cyber security, which are confidentiality, integrity and availability. The foundation for the government's cyber security requires assigning clear and unambiguous authority and responsibility for security, holding officials accountable for fulfilling those responsibilities, and integrating security requirements into policies and regulations. Since disruption to the sovereignty of critical data will impact to the economy, then cyberspace security should become the spirit for all Information and Communication Technology (ICT) policies and regulations. This study reviews the Indonesian Government's policies for strengthening crititical data sovereignty and proposes initial recommendation for securing National critical data in cyberspace. It is shown that many cyber security policies and regulations are not properly implemented and enforced yet. This include the fact that even the regulation to store critical data in country, is not implemented yet, raising questions on the awareness of cyber security in Indonesia. The study also include recommendations for necessary actions as well as further studies required.