JAKARTA — cyber threats are becoming more serious as companies rush to adopt cloud services and artificial intelligence, or AI. BDO Indonesia warns that technology that speeds up business also opens new doors for data theft, fraud, and costly operational disruption.
The warning comes after a string of cyber incidents in early 2026, including a breach in the banking sector, which reinforced one simple point: digital security is not just an IT issue. It affects reputation, customer trust, and even whether a business can keep running.
Cloud and AI speed up business, but gaps open too
Reza Aminy, Associate Director IT & Digital at BDO Indonesia, said many cyber incidents start with outdated information systems, weak security governance, and poorly managed vendor risk. In his view, old problems often become the entry point for new attacks.
In cloud environments, the focus of threats shifts to identity. Once credentials leak or an employee account is taken over, an attacker can get in without having to break through a heavily guarded perimeter. One account. One gap. Then the data is gone.
“The cost of recovery is far higher than the cost of prevention,” Reza said in a statement quoted in Jakarta on Saturday (27/6/2026).
The line sounds blunt, but it fits the reality. Many companies still delay security spending because it looks like an added expense. Once an attack hits, the bill is much larger: system recovery, forensic investigation, service disruption, fines, and lost customers.
Losses can reach hundreds of billions of rupiah
BDO pointed to the financial impact, which is far from small. In the material it shared, companies affected by cyber incidents can face losses of up to Rp143 billion charged against profit. That is not just an accounting note. It can shrink room for investment, expansion, and the next round of innovation.
In many organizations, cyber losses do not show up immediately in the first financial report. The system may still be online, but work slows down, customer service gets delayed, and market confidence starts to crack. The damage spreads.
Reza said cyberattacks are moving faster because attackers are also using new technology. AI, he noted, is a double-edged tool. On one hand, AI can improve productivity. On the other, it gives cybercriminals more power to trick people, impersonate others, and forge digital traces.
BDO Indonesia said attackers can now create malware faster, design more convincing phishing messages, and build deepfake content that is difficult to distinguish from genuine recordings. In one case highlighted by BDO, an AI-based audio and video scam impersonating a chief financial officer, or CFO, stole as much as US$25 million.
The number tells the story clearly. Modern attacks do not always arrive as a virus warning on a screen. Sometimes they come through a familiar voice, a message that sounds like a manager, or a video that looks real enough. And often, victims do not realize it until the money is already gone.
Why businesses in Indonesia should care now
For companies in Indonesia, BDO’s message feels immediate. Many organizations are moving aggressively to cloud platforms, expanding remote work, and adopting AI for customer service, analytics, and internal automation. Those moves make sense. But without solid controls, efficiency can turn into a new burden.
Vendor risk is often overlooked too. A company may have strong internal defenses and still be exposed if a third-party partner stores data without the same security standards. In a connected digital chain, the weakest link on one side can drag down the entire system.
That is why Reza is pushing organizations to move from manual defense to more automated security systems. This is not about replacing people with machines. It is about faster detection, tighter controls, and a response that does not depend on being late.
Four priorities BDO highlights
BDO Indonesia urges companies to build a structured cyber risk management framework. The starting point is clear: identify the most important digital assets, map the weaknesses, and strengthen security controls at the most exposed points. After that, companies need to train employees, because people are still the easiest target in many attacks.
The next priority is continuous monitoring and testing. A security system installed today may no longer be effective next month if attack patterns change. So oversight has to run all the time, not just once in a while.
The four priorities highlighted by BDO are asset and vulnerability identification, stronger security controls, employee training, and regular monitoring and testing. They work together. If one slips, an attacker can slip through a small gap that looks harmless.
In many companies, cyber security still gets less attention than new technology adoption. Yet the two have to move together. Cloud without strong protection is just a faster route to trouble. AI without clear governance can become a tool for fraud.
Looking ahead, pressure on companies is likely to rise. The more business processes move into digital systems, the more value is at stake. Companies that are ready will move faster. Those that are not often realize it only after the system goes down and the losses are already on the books.
Quick summary
1. BDO Indonesia says cyber threats are rising as cloud and AI spread across business operations.
2. Attacks now rely on identity theft, phishing, malware, and deepfakes that are harder to spot.
3. Companies are urged to strengthen governance, train employees, and automate defenses before the next attack hits.
The next question is how quickly companies are willing to fix their defenses before recovery costs climb again.
📝 Leave a Comment
Comment as . Reviewed by an admin before it appears.