Share this article on:
How can Canberra and Jakarta advance efforts to bolster cyber security cooperation?
Earlier this week, Prime Minister Anthony Albanese met with Indonesian President Joko Widodo for the Annual Leaders’ Meeting in Bogor.
In a joint communique, the pair reaffirmed their commitments to deepening cooperation under the five pillars of the bilateral Comprehensive Strategic Partnership (CSP) launched in 2018:
The pair stressed the importance of supporting ASEAN centrality amid growing instability in the region, with Australia renewing its support for the ASEAN outlook on the Indo-Pacific.
This was in addition to a bilateral commitment from Prime Minister Albanese and President Widodo for greater defence and security cooperation.
This would include supporting regional security and stability via the annual Australian and Indonesian Foreign and Defence Ministers Meeting (2+2) and plans to enhance military engagement.
But according to Gatra Priyandita, an analyst at ASPI’s International Cyber Policy Centre, Australia and Indonesia should explore opportunities to further strengthen cyber cooperation.
“Considering that digital technology is becoming an ever more ubiquitous part of everyday life, cyber security should emerge at the top of the agenda in future Australian engagements with Indonesia,” he writes.
Priyandita acknowledges existing initiatives, including a memorandum of understanding on cyber cooperation signed in 2018, and a recent agreement promoting information-sharing and incident responses.
He notes such initiatives offer mutual benefits to the regional partners, enabling Australia to “leverage its competitive advantage” in the cyber security space to broaden trade relationships, with Indonesia reaping the rewards of greater cyber resilience.
“Despite the rapid growth of its digital economy in the past five years, Indonesia still lacks the talent to support its digital ambitions,” he writes.
“Its ICT infrastructure also remains insufficient to connect its 273 million geographically dispersed people.
“At the same time, Indonesia suffers from multiple regulatory and organisational challenges and a lack of resources, which leaves the country vulnerable to cyber attacks.”
However, Priyandita claims bilateral mechanisms and technology cooperation between Australia and Indonesia is “nascent”, adding “there’s plenty that could be done to deepen cooperation”.
He suggests the countries consider initiating joint training, official exchanges, and threat information sharing.
“Considering the vulnerability of Indonesia’s critical infrastructure to data breaches, officials could conduct joint drills to help test cyber responses,” he writes.
“Meanwhile, exchanging threat information will allow both the Australian and Indonesian governments to better understand their threat environments and work together to guard against cyber attacks.”
This push, Priyandita notes, should be supported by a “whole-of-society approach” involving governments, firms and researchers tasked with filling capability gaps.
“It is fundamental that officials continue to facilitate links between businesses and research institutions to help sustain Australia’s relationship with Indonesia in the cyber domain,” Priyandita continues.
“Private cyber security firms from both countries should be encouraged to work together to combat cyber crimes and foster a more secure digital environment, particularly in Indonesia.”
According to Priyandita, this could include practical sharing of intelligence and technical data or “normative alliances”, which aim to revamp the incident response culture.
“Encouraging collaboration between cyber security firms in Indonesia and Australia would also help ensure that an indigenous Indonesian cyber security community can become an effective force in the fight against cyber crime,” he adds.
Priyandita welcomes Prime Minister Albanese’s commitment to bolstering cross-institutional scholarships across Australia and Indonesia, but calls for the consideration of a new grants program to encourage research collaboration
“Indonesian researchers already have access to grants provided under Australia’s Cyber and Critical Tech Cooperation Program,” he observes.
“However, more targeted grant programs — akin to the Australia–India Cyber and Critical Technology Partnership — focused on specific areas relevant to Australian and Indonesian cyber interests may be a useful way to foster research collaboration between Australian and Indonesian universities and researchers.”
Further, Canberra and Jakarta could explore opportunities to encourage joint projects between Australian stakeholders and their Indonesian counterparts to deliver scholarships and training programs to vocational schools and universities.
This could help counter investment from Chinese ICT firms, which he warns are “ahead of their Australian and other Western counterparts”.
Finally, Priyandita stresses the importance of joint efforts to promote “norms of responsible state behaviour” in the cyber domain.
“As two middle powers with burgeoning digital economies, Australia and Indonesia are both committed to a secure, stable and peaceful ICT environment,” he observes.
“Beyond the threat of cyber crime, there’s the increasing threat of state-sponsored cyber attacks for political and economic gain, many perpetrated by great powers.
“Working with like-minded middle powers such as Japan and South Korea to call for states to commit to responsible behaviour in cyber space could be the next stage in Australia–Indonesia cyber cooperation, particularly in multilateral forums.”
This could involve addressing cyber-enabled intellectual property theft at the G20 summit in Indonesia.
“Both Australia and Indonesia want to deepen their economic engagement and, with the entry into force of the Indonesia–Australia Comprehensive Economic Partnership Agreement in 2020, there are indications that the two countries are on this trajectory,” Priyandita writes.
“But to foster trust in the economic relationship, it is also necessary to build mutual cyber resilience.”
[Related: Hackers have stolen £4m from UK law firms in ransomware campaign]