menu close EventsNewsContact Us search close
Global Site close
ArgentinaArubaBarbadosBoliviaBrazilCanadaCayman IslandsChileColombiaCosta RicaCuracaoEl SalvadorGuatemalaHondurasMexicoParaguayPeruPuerto RicoSaint MartinSurinameUnited StatesUruguayVenezuela
AustraliaCambodiaChinaHawaiiHong KongIndiaIndonesiaJapanMacauMalaysiaMaldivesMongoliaMyanmarNew ZealandPakistanPhilippinesSingaporeSouth KoreaSri LankaTaiwanThailandVietnam
AlbaniaAndorraArmeniaAustriaAzerbaijanBelgiumBulgariaCroatiaCyprusCzech RepublicDenmarkEstoniaFinlandFranceGeorgiaGermanyGreeceHungaryIrelandItalyKazakhstanLatviaLithuaniaLuxembourgMaltaMoldovaNetherlandsNorwayPolandPortugalRomaniaSerbiaSlovakiaSloveniaSpainSwedenSwitzerlandTajikistanTurkeyUkraineUnited KingdomUzbekistan
AlgeriaBahrainEgyptGhanaJordanKenyaKuwaitLebanonLiberiaMauritiusMoroccoMozambiqueNigeriaOmanQatarSaudi ArabiaSenegalSierra LeoneSouth AfricaTanzaniaTogoTunisiaUgandaUnited Arab EmiratesYemen
Services
close Services
Tax
GRC
Services
Insights
About Us
close About Us
About Us
Careers
EventsNewsContact Us
search close
home Insights

Crowe Adds World-Class Incident Response Services

Cybersecurity
| 1/20/2025
Crowe World-Class Incident Response Services
Download

Read Time: 5 minutes

According to the Indonesia Financial Services Authority (OJK), a cyber incident is defined as any threat, activity, or action that results in the failure of an electronic system. In case of such an incident, organizations are required to submit an initial notification report within 24 hours of discovering the incident and detailed cyber incident report within the next 5 days.

Incident response planning is essential for helping businesses protect their data, finances, and operations after an incident. Without a clear plan, organizations risk delays in responding to attacks, increased costs from downtime, and potential penalties for not meeting regulatory requirements. Beyond preparation, knowing when and how to report a cyber incident is equally important, as it ensures compliance with regulations, minimizes damage, and helps maintain stakeholder trust.

Key Cyber Incident Regulations in Indonesia

Cyber incidents in Indonesia are regulated by several key authorities, each with its own reporting and compliance requirements, including:

  • OJK Circular Letter (POJK) No. 29/SEOJK.03/2022 on Cyber Security and Resilience for Commercial Banks.
  • BSSN Regulation No. 1 of 2024 on Cyber Incident Management.
  • Bank of Indonesia (BI) Regulation No. 2 of 2024 on Information System Security and Cyber Resilience for Payment System Organizers and Business Actors under BI’s Supervision.

Incident Response Planning Areas of Focus

Effective incident response planning ensures organizations can respond swiftly and minimize impact.

Phase What organizations can consider?
Preparation

Gain leadership support.

Establish incident response teams.

  Invest in training.
Tabletop Exercises

Scenario selection.

Stakeholder involvement.

Facilitators.

Documentation, communication plans

Actionable recommendations.
Testing
Periodic incident response and disaster recovery tests.        
  Assessing processes and documentation, and conducting unannounced penetration tests.
Training

Annual training for all employees

Identifying and reporting incidents.

 Specialized training for incident response teams, and technical tools.

How Crowe Can Help

Organizations often seek expert support to develop and refine these critical areas, which is where Crowe’s expertise comes in. Crowe enhances its incident response services with integrated forensics, legal consulting, and cybersecurity expertise, backed by over 25 years of experience. Our team brings decades of practical knowledge from the National Security Agency (NSA), Department of Defense, law enforcement, and corporate entities, providing a unique perspective on protecting businesses and government organizations. From IP protection and digital forensics to eDiscovery and incident response, we deliver comprehensive solutions to ensure clients operate securely and confidently in today’s complex cyber landscape.

Speak to our expert.
Crowe can provide specialized industry consulting services to help tackle the specific challenges you face.
CONTACT US