MAKASSAR — cybersecurity is no longer just a technical issue. In Makassar, ITSEC Asia and ADIGSI held a cyber crisis simulation for organizational leaders, as the National Cyber and Crypto Agency, or BSSN, reported 5.16 billion cyber traffic anomalies throughout 2025.
That is a huge number. And the damage does not stop at a computer screen.
Digital threats that were once seen as an IT department problem now spill into business operations, public services, and institutional reputations. When systems go down, decisions have to come fast. One wrong move, and losses grow.
Why cybersecurity belongs on the business priority list
BSSN’s data sends a clear signal: suspicious cyber activity keeps flooding Indonesia’s digital ecosystem. For companies, that means attacks do not always arrive as headline-grabbing hacks. Sometimes it is just a phishing email, stolen credentials, a server outage, or internal access theft.
The problem is that many organizations still place the main burden of cybersecurity on one division. When an incident happens, though, it is not only firewalls or antivirus tools that matter. Leaders need to know when to pause services, when to open communication with customers, and when forensic teams should start work.
ITSEC Asia President Director Patrick Dannacher stressed that cyber threats have already moved into the strategic zone. “When an incident happens, the impact can spread to business operations, customer service, and the organization’s reputation. That is why preparedness for a cyber crisis cannot be the sole responsibility of the IT team,” he said.
The sentence sounds simple. The effect is not. Many companies do not collapse because the attack was too sophisticated, but because their initial response was slow, chaotic, or marked by everyone waiting for someone else to act.
The Makassar simulation was not just another seminar
Unlike one-way digital security seminars, the National Cyber Resilience Movement, or GNKS, in Makassar used an Executive Tabletop Exercise format. Participants did not just sit and listen. They were split into groups and asked to make decisions as if they were facing a real crisis.
The exercise moved step by step. Participants were introduced to threat scenarios, built mitigation plans, decided on responses as the situation worsened, presented their decisions, and then reviewed the results together. This kind of model helps leaders spot gaps that are often invisible on paper.
Who is authorized to speak to the public? Who halts transactions? Who contacts regulators? Who leads internal coordination? Questions like these often surface only after an attack is already underway. By then, the trouble has usually grown.
Patrick said the participants were given material they could actually use right away. “We want participants to leave with something they can use immediately. That is why GNKS does not just discuss threats, but also helps organizations map risks, design security measures, and improve decision-making capabilities when facing incidents,” he said.
What organizations take home from the exercise
Cyber crisis simulations matter because most organizations already have security tools in place. But tools without governance often are not enough. Digital attacks move fast, and the people operating the systems have to think just as fast.
At the business level, cyber resilience means two things: preventing disruption and keeping the organization running when disruption arrives. That is why risk mapping becomes the starting point. Organizations need to know which assets are most sensitive, who the critical users are, and which routes are most likely to be attacked.
At the service level, the impact is felt directly by the public. Problems in payment systems, customer service apps, or internal portals can trigger queues, complaints, and lost trust. In many cases, damaged reputation takes much longer to repair than the system does to restore.
That is why an approach like GNKS matters for both large companies and institutions that are still growing into digital operations. The key question is not whether a system is safe. It is what happens in the first five minutes after an incident begins.
BSSN said it recorded 5.16 billion cyber traffic anomalies throughout 2025. At that scale, crisis readiness is no longer an optional add-on. It is basic infrastructure.
What this means for readers and business leaders
For business owners, operations managers, and institutional leaders, the message from this event is straightforward: cybersecurity is not the job of one room full of technicians. Every leader needs to understand the response flow, decision limits, and business impact of a digital incident.
If your company still does not have a clear incident response plan, now is the right time to organize one. Start with emergency contacts, access shutdown procedures, backup data, and crisis communication сценарios. Small things like that often save an organization when the situation turns messy.
In Indonesia’s context, the collaboration between ITSEC Asia, ADIGSI, and the cyber policy space represented by BSSN points in one direction: organizations need to be ready before incidents arrive. Not after systems are disrupted. Not after data leaks. That is already too late.
Patrick closed with a firm reminder. “Decision-makers also need to understand how to respond to such situations quickly and precisely,” he said. And in a digital world full of attacks, speed and precision often decide whether the damage stays small or turns into a full-blown crisis.
Brief summary:
1. BSSN recorded 5.16 billion cyber traffic anomalies throughout 2025.
2. ITSEC Asia and ADIGSI held a cyber crisis simulation in Makassar to train organizational leaders.
3. The main focus was fast response, risk mapping, and decision readiness during digital incidents.
Short FAQ:
What is the core of GNKS? Training organizational leaders to face cyber crises through real decision-making simulations.
Why does it matter? Because cyberattacks can damage operations, services, and reputation at the same time.
Who should care? Not only IT teams, but also company leaders, institutions, and decision-makers.
📝 Leave a Comment
Comment as . Reviewed by an admin before it appears.