Anthony Albanese’s first state visit to Indonesia as prime minister saw economics and investment at the top of the agenda, subjects of particular interest to President Joko Widodo. Considering that digital technology is becoming an ever more ubiquitous part of everyday life, cybersecurity should emerge at the top of the agenda in future Australian engagements with Indonesia.
Cybersecurity and technology are among the areas in which there’s strong potential for cooperation between Australia and Indonesia. In 2018, the two countries signed a memorandum of understanding on cyber cooperation that led to regular cyber policy dialogues, allowing officials from multiple agencies to share best practices. In September last year, officials from both sides signed an agreement on cyber and emerging cyber technology cooperation, which committed the parties to, among other things, cooperating on information-sharing on national cyber strategies and coordinating on cyber incident responses.
Mutual interest in advancing cyber cooperation is unsurprising. Cyber engagement is a useful way for Australia to leverage its competitive advantage in cybersecurity research and training by providing Indonesia, a growing trade partner, with the necessary know-how to address challenges in cyberspace. As a major technology hub in Southeast Asia with an internet economy expected to reach $173 billion by 2025, Indonesia is an attractive market and investment target for Australian information and communications technology companies and venture capital.
For Indonesia, cooperation with Australia will allow it to improve its cyber resilience and address major shortcomings that are blocking the country’s effort to become a leading digital economy in Southeast Asia. Despite the rapid growth of its digital economy in the past five years, Indonesia still lacks the talent to support its digital ambitions. Its ICT infrastructure also remains insufficient to connect its 273 million geographically dispersed people.
At the same time, Indonesia suffers from multiple regulatory and organisational challenges and a lack of resources, which leaves the country vulnerable to cyberattacks. Indonesia’s national cyber and encryption agency estimated 888 million attempted hacks in Indonesia from January to August 2021. As recently as January this year, the data of 6 million Indonesian patients was allegedly leaked following a hack targeting the health ministry’s central computer system.
While bilateral mechanisms have emerged to foster cybersecurity and technology cooperation between the two countries, the framework is still at a nascent stage and there’s plenty that could be done to deepen cooperation.
Officials have started laying the groundwork to cooperate on a full range of cybersecurity-related issues, such as cybercrimes. It may be useful to work towards the initiation of joint training, official exchanges, and even threat information sharing. Considering the vulnerability of Indonesia’s critical infrastructure to data breaches, officials could conduct joint drills to help test cyber responses. Meanwhile, exchanging threat information will allow both the Australian and Indonesian governments to better understand their threat environments and work together to guard against cyberattacks.
Cybersecurity cooperation requires a whole-of-society approach that involves governments, firms and researchers in both countries working together to fill key capability gaps. It is fundamental that officials continue to facilitate links between businesses and research institutions to help sustain Australia’s relationship with Indonesia in the cyber domain.
Private cybersecurity firms from both countries should be encouraged to work together to combat cybercrimes and foster a more secure digital environment, particularly in Indonesia. Collaboration can come either in the form of practical sharing of intelligence or technical data or through ‘normative alliances’ advocating for changes in the ways companies deal with cybersecurity vulnerabilities. Encouraging collaboration between cybersecurity firms in Indonesia and Australia would also help ensure that an indigenous Indonesian cybersecurity community can become an effective force in the fight against cybercrime.
Deepened government engagement with—and among—research institutes, universities and vocational schools is also necessary. It was reassuring to hear Albanese announce that more specialised scholarships would be awarded to Indonesian postgraduates wanting to study subjects related to Indonesia’s G20 priorities, including digital transformation and the transition to sustainable energy.
Building on that, grants can be provided to encourage research collaboration. Indonesian researchers already have access to grants provided under Australia’s Cyber and Critical Tech Cooperation Program. However, more targeted grant programs—akin to the Australia–India Cyber and Critical Technology Partnership—focused on specific areas relevant to Australian and Indonesian cyber interests may be a useful way to foster research collaboration between Australian and Indonesian universities and researchers.
Beyond grants, Australian companies and universities should also consider working with their Indonesian counterparts to deliver scholarships and training programs to vocational schools and universities to help develop Indonesia’s digital talent. Notably, Chinese ICT firms are ahead of their Australian and other Western counterparts in investing in training in Indonesian universities.
More broadly, there are plenty of opportunities for Australian and Indonesian investors to expand collaboration in areas from telehealth to research and development. With growing mutual interests in each other’s digital economies, it is not just Australian companies investing in Indonesia—some Indonesian start-ups are also looking to invest in Australia. Indonesian e-commerce giant Bukalapak recently opened its first international R&D centre in Melbourne to tap into the city’s expanding tech opportunities.
In January 2018, Australia and Indonesia convened their first digital conference, which provided officials, industry professionals and tech specialists with a platform to share ideas, network and forge connections. As borders reopen, these kinds of events could be reconvened.
Finally, at the government level, it’s also necessary to boost cooperation in pushing for norms of responsible state behaviour in cyberspace. As two middle powers with burgeoning digital economies, Australia and Indonesia are both committed to a secure, stable and peaceful ICT environment. Beyond the threat of cybercrime, there’s the increasing threat of state-sponsored cyberattacks for political and economic gain, many perpetrated by great powers. Working with like-minded middle powers such as Japan and South Korea to call for states to commit to responsible behaviour in cyberspace could be the next stage in Australia–Indonesia cyber cooperation, particularly in multilateral forums. Calling for states to refrain from sponsoring cyber-enabled intellectual property theft at this year’s G20 summit in Indonesia could be an excellent place to start.
Both Australia and Indonesia want to deepen their economic engagement and, with the entry into force of the Indonesia–Australia Comprehensive Economic Partnership Agreement in 2020, there are indications that the two countries are on this trajectory. But to foster trust in the economic relationship, it is also necessary to build mutual cyber resilience.