Developing Cyber Defense Strategies for Payment System Industry Players

Concerns over cybersecurity have resurfaced among many parties following a ransomware attack on Indonesia's National Data Center (PDN), managed by a government agency. Ransomware is a type of malware that threatens to disrupt or block access to critical data or systems until a ransom is paid.

This incident not only highlights the risks of data breaches and service disruptions but also underscores the urgency for industries, including the payment system sector, to address cybersecurity issues seriously. This industry is currently experiencing rapid growth alongside the adoption of digital payment innovations in Indonesia, which can increase cybersecurity risks.

According to Bank Indonesia (BI), QRIS transactions reached Rp 229.96 trillion in 2023 with 45.78 million active users. The 2024 Global Payment Report also indicates that digital wallets became the preferred choice for online payments in 2023 and are expected to dominate both Point of Sale (POS) and online transactions by 2027.

The Risk in Focus 2024 report by The Institute of Internal Auditors also identifies cybersecurity, human capital, and business continuity as the top three current global risks. The report emphasizes the importance of addressing increasingly complex cybersecurity challenges, worsened by a surge in cyberattacks threatening the financial sector.

The ongoing digital transformation not only brings significant benefits to society but also heightens the threat of cyberattacks that need to be guarded against. Therefore, players in the payment system industry must take decisive steps to reduce these risks. This article will review several efforts that industry players can undertake to strengthen their defenses against cyberattacks and enhance customer protection.

Efforts to Establish Defense against Cyber Attacks

Cybersecurity is no longer just a technical issue; it has become a primary focus in maintaining public trust and safeguarding customer data from potential risks such as leaks or misuse. Effective data protection involves not only implementing advanced technology but also understanding the increasingly complex threats and being prepared to respond to and recover from security incidents swiftly.

Furthermore, building strong defenses against cyber attacks is not only the responsibility of the financial sector but also an obligation for all stakeholders. Protecting digital infrastructure and sensitive data is no longer a choice but a necessity to uphold global economic and financial stability in this digital era.

Therefore, there are at least three ways to build defenses against cyber attacks that can be implemented by players in the payment system industry:

1. Cultivating a Cybersecurity Culture

Increasing awareness of cyber threats among both employees and customers needs to be implemented through structured educational programs. With a better understanding of security practices such as protecting personal data, securing work devices, and recognizing cyber attacks, individuals can become more vigilant and mitigate the risks of cyber attacks.

In addition, conducting regular cybersecurity drills is a proactive step to test response and preparedness against cyber attacks. Through these simulations, organizations can identify weaknesses in their security systems and make necessary improvements to strengthen their defenses.

Finally, regular assessment of cybersecurity risks and the implementation of a Cyber Security Maturity Model help organizations systematically evaluate their security readiness levels. This approach enables organizations to pinpoint areas requiring greater attention to enhance their resilience against increasingly complex and dangerous cyber threats.

2. Disciplined Execution in Responding to Cyber Attacks

Disciplined execution in responding to and recovering from cyber attacks is crucial for a company's success in facing cybersecurity threats. On the technical front, steps such as isolating or disconnecting from the internet to prevent further spread, avoiding shutting down or restarting systems or devices, verifying backup data, and identifying the type of ransomware should be promptly undertaken to restore affected systems.

Meanwhile, on the non-technical side, activating a Cyber Security Incident Response Team (CSIRT) is vital for swiftly and effectively managing attacks. Open crisis communication with all relevant parties is also crucial, where clarity and transparency in information from the company to the public are key to maintaining trust during an attack. These non-technical steps should be executed concurrently to strengthen the mitigation efforts undertaken by the company.

Following an attack, attention shifts to recovery steps, including restoring from reliable backup systems and conducting thorough analysis to understand the source and impact of the attack. Findings from post-incident analysis are used to update security policies and enhance readiness through regular security audits and evaluations of security measures. With this integrated and sustainable approach, companies are expected to be better prepared to face future cyber attacks and minimize potential impacts.

3. GRC-Based Collaboration (Governance, Risk, and Compliance)

Collaboration across stakeholders based on GRC involves regulators such as Bank Indonesia (BI), the Financial Services Authority (OJK), and the government together with the payment system community, including Payment Service Providers (PSPs), Payment Infrastructure Providers (PIPs), vendors, and principals. This allows industry players to share information about cyber threats and attacks, which can strengthen collective security with faster and more effective responses.

Furthermore, compliance with national and international regulations and quality standards is crucial to maintain integrity and trust in the payment system and the financial sector as a whole. Compliance standards include PCI DSS, PCI PIN, ISO 27001, NIST Cybersecurity Framework, GDPR, PBI, and POJK, ensuring stringent security practices are adopted by all parties involved in the payment system ecosystem.

Collaboration between the payment system community and regulators also promotes the development of innovative security technologies to effectively address future cyber challenges. This approach not only strengthens the resilience of payment systems but also enhances the protection of customer data and the integrity of financial transactions.

In building defense against cyber attacks, it is important to foster a culture of cybersecurity awareness and provide ongoing education to both employees and the public. These efforts are reinforced by disciplined execution of formulated security strategies aimed at reducing risks and enhance service reliability. Additionally, collaboration across GRC-based stakeholders is pivotal in creating a secure and trustworthy digital financial ecosystem for the broader community.

Cybersecurity is not the responsibility of a single entity but a shared responsibility. The risks associated with digital transaction security continue to rise alongside the development of national payment system innovations, underscoring the need for industry players to continuously implement serious and sustainable cybersecurity efforts to address evolving threats in the future.