Cybersecurity Risks in a Fragmenting Technology World

 

Until recently, the world relied on shared digital foundations. Today, we are witnessing the emergence of a multi-polar technology environment. Instead of a simple East–West split, different regions are shaping their own technology stacks and regulatory approaches. North America leads in cloud and semiconductors; Europe prioritises digital sovereignty and privacy; Asia’s major economies develop domestic cloud, AI, and operating systems; India advances its independent digital public infrastructure, while ASEAN focuses on diversified supply chains and sovereign data frameworks.

 

This multi-directional development is creating divergence across hardware, cloud, cybersecurity standards, and data-governance regimes. The result is not “two internets,” but many partially interoperable ecosystems, each with its own security assumptions and vulnerabilities.

 

Many markets are accelerating national digital capabilities, launching domestic operating systems, local cloud services, and national routing or DNS initiatives to maintain continuity during disruptions. Meanwhile, global restrictions on semiconductors, chipmaking tools, and AI accelerators have prompted several regions to invest heavily in local design and fabrication.

 

While these moves enhance autonomy, they also widen the diversity of technologies used across industries. Indonesian organisations increasingly operate hybrid environments: Western cloud services, Asian-manufactured hardware, European-influenced privacy frameworks, open-source tools, and localised applications. This diversity brings resilience but also introduces cybersecurity blind spots, especially when vulnerabilities emerge across different technology families.

 

The pace of exploitation is also accelerating. During the global MOVEit vulnerability incident in 2023, attackers began mass exploitation less than 48 hours after disclosure, demonstrating how quickly threat actors now weaponise supply-chain vulnerabilities. With exploitation windows narrowing, organisations need significantly faster detection and response cycles.

 

Globally, cybercrime is expected to cost the world more than US$10 trillion annually by 2025, according to estimates highlighted by the World Economic Forum. To put this into perspective, the economic impact of cybercrime would rank as the world’s third-largest economy.

 

In Indonesia, data from the National Cyber and Crypto Agency (BSSN) recorded 330.52 million anomalous cyber activities in 2024, including 2.48 million Advanced Persistent Threat (APT) attempts, 514,000 ransomware attacks, and 26.77 million phishing attempts. These numbers are expected to continue rising as global volatility and technological fragmentation reshape the digital threat landscape.

 

As Indonesia’s national digital infrastructure expands, from data centres to e-commerce platforms and critical services, fragmented technology environments will increasingly shape how organisations assess risk.

 

To manage these challenges, organisations can focus on three practical, outcome-driven priorities:

 

1. Strengthen diversification and supply-chain resilience - with scalability in mind

 

Organisations should reduce dependency on any single region or vendor ecosystem. This includes multi-vendor sourcing, visibility into multi-tier suppliers, and structured monitoring of firmware, components, and third-party service providers.

 

However, not every Indonesian organisation can afford full dual-stack architectures. Mid-sized businesses can start with pragmatic steps: maintaining an SBOM/HBOM for critical systems, documenting sub-vendors, and ensuring alternative suppliers are pre-vetted for essential functions. Even partial diversification improves resilience.

 

2. Build adaptive cybersecurity capabilities at a pace the organisation can sustain

 

Fragmented environments require real-time intelligence, cross-platform technical expertise, and continuous detection and response.

 

Practical initiatives for Indonesian organisations include:

 

• Joining trusted intelligence-sharing communities instead of relying solely on commercial feeds
• Training teams across mainstream OS and cloud platforms, not just one ecosystem
• Automating patching for high-severity vulnerabilities, especially those exploited swiftly in the wild
• Conducting scenario-based exercises to prepare for cross-system outages

 

Adaptive security is not about buying more tools; it is about aligning people, processes, and visibility across different technology stacks.

 

3. Expand ASEAN-focused collaboration and policy alignment

 

As ASEAN deepens digital integration, Indonesian organisations must understand regional standards, cross-border data requirements, and interoperability expectations.

 

Relevant developments include:

 

• The ASEAN Digital Masterplan 2025, which emphasises secure digital connectivity
• The ASEAN CERT information-sharing network, improving cross-border incident collaboration
• Ongoing discussions on harmonising data flow frameworks, especially for finance, logistics, and cloud services

 

For Indonesian companies operating regionally, understanding these frameworks is as important as understanding domestic regulations like the PDP Law and the EIT Law. Public–private intelligence sharing, coordinated incident response, and supply-chain monitoring across borders will be vital.

 

In a world where technology is diverging in multiple directions, cybersecurity strategies must evolve from static control checklists to resilient, intelligence-driven, interoperable models. For Indonesia, the question is no longer whether fragmentation will affect the country but how prepared businesses are to operate confidently within it.

 

By balancing national digital priorities with the connectivity and interoperability that drive economic growth, Indonesia can build a more secure and resilient digital foundation for the decade ahead.

 

END

 

This article has been published on detikinet.com. Read more here.