Cybersecurity Guidelines for Digital Financial Asset Trading Providers in Indonesia
Indonesia Financial Services Authority (OJK) has launched the Cybersecurity Guidelines for Digital Financial Asset Trading Providers in Indonesia.
The guideline is a result of strategic synergy and collaboration between stakeholders enforcing the national financial ecosystem's integrity and resilience, especially in the digital financial assets industry.
Several key strategic substances highlighted in this guideline include:
- Implementation of the Zero Trust Principle, which eliminates implicit trust within networks and promotes multi-layered authentication systems, device management, and dynamic access policies.
- Cyber Risk Management based on both national and international frameworks such as ISO, NIST, CSMA BSSN, and CREST, aimed at measuring the cybersecurity maturity level of each Provider.
- Data and Wallet Protection, through the implementation of cold wallets for the majority of consumer assets and end-to-end encryption using cryptographic algorithms that meet industry standards.
- Incident Response Plan, developed with principles of effective coordination, swift recovery, and integrated reporting to OJK and all relevant stakeholders.
Enhancement of Technical Competence, conducted continuously through intensive training, professional certifications (such as CISA, CISSP, and CISM), and incident simulations to strengthen operational readiness.
This guideline will serve as a strategic reference in building a secure, resilient, and sustainable digital asset trading ecosystem for Indonesia.
Click the attached file to download the digital copy of the Guideline.
