Aris Sarjito: RUU KKS Crucial for Indonesia's Digital Sovereignty & Business Security

The Urgent Need for Indonesia's Cyber Security Legislation

The Indonesian House of Representatives (DPR RI) recently received a Presidential Letter (Surpres) concerning the Draft Law on Cybersecurity and Cyber Resilience (RUU Keamanan dan Ketahanan Siber or KKS) in March 2026. Aris Sarjito, an academic and defense policy expert, is strongly advocating for the swift ratification of this crucial legislation. He stresses that the vulnerabilities in Indonesia's digital landscape have persisted for too long, and the RUU KKS is essential for safeguarding numerous sectors, including the privacy and security of every Indonesian citizen.

Addressing Fragmented Cyber Governance

According to Sarjito, the RUU KKS was developed to address a critical gap: the absence of a comprehensive and cohesive national legal framework to manage the escalating threat of cyberattacks. Currently, regulations are dispersed across various sectoral rules, leading to suboptimal coordination among institutions. This fragmented approach persists despite the rapid, cross-border nature of cyber threats that impact diverse sectors and ultimately harm the public.

The proposed RUU KKS specifically targets the protection of vital information infrastructure. This includes critical sectors such as energy, transportation, finance, healthcare, telecommunications, and essential public services. Attacks on these areas, Sarjito warns, would have consequences far beyond economic damage, directly impacting national security and stability. He illustrates this with a stark scenario: "Imagine a situation where airport operations are paralyzed, electricity supplies are cut off, financial transactions halt, or healthcare services become non-functional. The nation could descend into chaos without a single bullet being fired." For businesses, especially those relying on digital platforms like Santara Labs' clients, such disruptions could mean catastrophic losses, eroded customer trust, and a severe blow to their digital authority.

Cyber Threats: Beyond Technicalities, Impacting Lives

Sarjito lament the common misconception that cyber threats are merely technical issues confined to computers and networks. He argues that the repercussions are far more extensive, potentially endangering human lives. "Leaks of personal information such as NIK (National Identity Number), e-KTP (electronic ID card), BPJS Kesehatan (national health insurance data), and data dukcapil (civil registration data) can severely erode public trust," he explains. "Cyberattacks on hospitals can jeopardize lives. Disruptions to transportation, energy, or banking infrastructure can trigger national hysteria." These incidents directly undermine the digital trust that brands work hard to build, impacting their market intelligence and growth prospects.

Furthermore, Sarjito highlights that cyberattacks are increasingly employed as geopolitical tools. Many nations leverage them for espionage, sabotage, intelligence gathering, and exerting diplomatic pressure, all without direct military engagement. This underscores the complex and multi-faceted nature of modern digital warfare, where national digital infrastructure becomes a frontline.

Indonesia's Strategic Imperative in Cyberspace

Sarjito emphasizes that major global powers have long recognized cyberspace as a new strategic domain, on par with land, sea, air, and outer space. Consequently, they have established cyber commands, electronic warfare divisions, and doctrines for both offensive and defensive cyber operations, citing examples like the United States Cyber Command (USCYBERCOM), China's Strategic Support Force (SSF), and the UK's National Cyber Force.

As Southeast Asia's largest democracy and a pivotal hub for international trade routes, Indonesia must view cybersecurity as a strategic imperative. The RUU KKS, Sarjito asserts, should serve as the bedrock for creating a national cyber defense framework. This framework would integrate various entities, including government ministries (kementerian) and agencies (lembaga), the National Cyber and Crypto Agency (Badan Siber dan Sandi Negara or BSSN), the Indonesian National Armed Forces (Tentara Nasional Indonesia or TNI), the Indonesian National Police (Kepolisian Negara Republik Indonesia or POLRI), key State-Owned Enterprises (BUMN), the private sector, academic institutions, and the general public. "Today's national defense is not only maintained at land borders or oceans but also in data centers, undersea cables, satellite networks, national clouds, and the digital devices of the populace," he concludes.

Digital Growth Demands Robust Protection

Sarjito acknowledges Indonesia's trajectory towards becoming a significant digital power. However, he cautions that without adequate protection, this digital strength will paradoxically increase the nation's vulnerability. Delays in ratifying the RUU KKS could have long-term repercussions, including the infringement of human rights due to persistent cybercriminal activities. "Therefore, the RUU KKS is not merely a legal obligation but a strategic investment for the nation and a cornerstone of Indonesia's digital sovereignty," he states.

In closing, Sarjito also expresses hope for an increase in Indonesia's pool of cyber professionals. This includes security analysts, ethical hackers, digital forensics specialists, security operations center personnel, and national cyber policy developers. For businesses aiming for digital authority and sustained growth, understanding and adapting to this evolving cybersecurity landscape, supported by robust national frameworks, is paramount. Santara Labs recognizes that a secure digital environment is the foundation upon which effective digital platform development, SEO growth, and performance advertising can truly thrive.