KONTAN.CO.ID - JAKARTA. Cyber attacks are increasingly widespread, targeting the banking and multi-finance sectors. Previously, Bank Syariah Indonesia (BSI) was hit by the attack. Well, recently PT BFI Finance Indonesia Tbk (BFIN) was also hit by a cyber attack.

This forced BFI Finance's services to be stopped and resulted in customers not being able to access the company's services. Of course cyber attacks cannot be separated from company security which should be able to anticipate such incidents so that they can protect important data, including customers.

In this regard, President Director of PT CIMB Niaga Auto Finance (CIMB Niaga Finance) Ristiawan Suherman said that in anticipating cyber attacks, his party implemented a number of security measures.

Namely implementing and supervising security protocols in a disciplined manner through encryption and others. After that, periodically update and rejuvenate both hardware and software devices.

"We also optimize the functions of the right security tools, such as anti-virus to firewalls. Perform maintenance and general supervision of infrastructure and data functions and security," he told Kontan.co.id, Thursday (25/5).

Ristiawan explained that his party also continuously conducts internal outreach to understand the dangers of cyber crime and its impacts. Plus applying the importance of the principle of caution and discipline in using work tools that have public access.

The implementation of this step paid off. Ristiawan said, CIMB Niaga Finance on May 11 2023 had been recommended by the British Standards Institution (BSI) Group Indonesia to obtain an ISO/IEC 27001 Information Security Management Systems (ISMS) certificate in order to standardize information security related to processes with Dukcapil.

In order to improve IT Security, CIMB Niaga Finance has allocated a capital expenditure budget or information technology capital expenditure (Capex IT) of IDR 34 billion in the period 2017 to 2022.

On the other hand, Clipan Finance said that the company uses the services of security system vendors to strengthen digital security.

Chief Director of Clipan Finance Harjanto Tjitohardjojo explained that actually Clipan Finance had also experienced an attempted cyber attack, but it could be properly anticipated quickly.

"It was detected in the security system. So, the cyber attack can be turned off. Thus, the Clipan Finance service system is still running well," he said.

Harjanto explained about his company's security system to avoid cyber attacks. He said that currently Clipan has installed one of the best firewalls, fortinet, and trend micro on every PC or laptop.

"So far it's been pretty strong (security). In 2023, we plan to strengthen the end point security system with a top rated security system and are currently still in the penetration test process," he said.

Apart from that, he stated that Clipan had also received an ISO 27001 certificate so that attention to the information security management system was better.

"Clipan's Data Recovery Center is also always on standby so that backups are maintained," he said.

Meanwhile, Harjanto Tjitohardjojo said that his party had allocated a capital expenditure budget for information technology (Capex IT) of IDR 32 billion in 2023 to strengthen digital security.

Regarding the phenomenon of cyber attacks, Technology Observer and Executive Director of the ICT Institute, Heru Sutadi, said that the affected companies need to immediately carry out a forensic audit or overall inspection.

"Where did the attack come from? Who did it? What data has the potential to leak," he said, Thursday (5/25).

According to him, if cyber attacks are not resolved, it will certainly cause various problems, such as services that customers cannot access, displays, applications, and transaction data that can be changed. In addition, transaction data, companies and customers are also at great risk of being stolen by perpetrators.

Heru believes that if it is not thoroughly examined, there is a potential for data to be stolen and in the end a ransom will be demanded.

According to him, the events that happened to BFI Finance and BSI indicated that the Indonesian financial sector was still in danger of a bigger and more massive threat from cyber crime.

Therefore, it is necessary to have clear prevention efforts from companies and authorities so that this does not happen again.