Cybersecurity is an Executive Level Concern, Companies Need to Prepare a Budget

Cybersecurity for Operational Technology (OT) is now an executive-level concern amid digital threats, especially in enterprises and governments that rely on digital technology.

Tria Dianti
3 Minutes
By: Tria Dianti
Cybersecurity is an Executive Level Concern, Companies Need to Prepare a Budget
Photo by Adi Goldstein
Table of Contents

Cybersecurity for Operational Technology (OT) is now an executive-level concern amid digital threats, especially in enterprises and governments that rely on digital technology.

Fortinet's latest report, the Global 2025 State of Operational Technology and Cybersecurity Report highlights the significant shift in responsibility and increased maturity of cybersecurity from being a purely technical issue to a strategic issue that impacts business and operational continuity.

"More than half (52%) of organizations report that responsibility for OT now rests with the Chief Information Security Officer (CISO)/CSO, up from 16% in 2022," states the report released July 8, 2025.

This trend is reinforced by the fact that 95% of organizations say executives share responsibility for OT, up from just 41% in 2022.

"This indicates that operational system security is now considered a crucial element for business continuity and must receive attention from the top," said Nirav Shah, Senior Vice President, Products and Solutions Fortinet.
"Companies are now taking cybersecurity more seriously," he said.

Shah added that the significant increase in the assignment of OT risk responsibilities to executives, as well as the reported improvement in OT security maturity levels, are positive indicators.

The report also highlighted the correlation between OT cybersecurity maturity levels and incident impact.

Organizations with higher levels of maturity tend to experience fewer attacks or are more effective in dealing with low-sophistication tactics.

Nonetheless, detection of advanced tactics such as advanced persistent threats (APTs) and OT malware remains a challenge. However, overall, the operational impact of intrusions continues to decline, with a significant drop in revenue-impacting intrusions, from 52% to 42%.

Indonesia, the economic center of Southeast Asia, has experienced numerous cases of data leaks and hacking cases.

In 2023, hackers with the Bjorka account allegedly hacked a number of personal data of ministers in Indonesia which were uploaded on a trading site. At that time, Bjorka also claimed to have pocketed 26 million IndiHome customer data which included full name, email, gender, Population Identification Number (NIK), and IP Address.

Bjorka also uploaded 1.3 billion SIM card registration data points that he claimed were breached from Kominfo, which included NIK, phone number, provider, and registration date.

In late 2024, cyberattacks on national data centers disrupted public services, including immigration processing at major airports, hospitals and government agency operations, causing long lines as officials resorted to manual methods.

As a result of this attack, 210 agencies were affected, both central and regional.

Indonesia, has faced a rising tide of cyber-attacks in recent years. The National Cyber and Crypto Agency (BSSN) reported a staggering 401 million cyberattacks in 2023 alone.

What about companies in Indonesia?

According to Ari Sutedja K, Chairman of the Indonesia Cyber Security Forum (ICSF), Operational Technology (OT) security priorities among Indonesian executives are still mixed. Large companies such as Pertamina and Telkom, which have crucial infrastructure, are showing higher awareness by integrating OT security into corporate strategy and making it a topic of discussion at board level.

However, many other companies, especially those that have not yet experienced a major cyberattack, tend to think of OT security only as a technical issue.

"Large startups like GoTo, which manage data centers and complex digital infrastructure, are also showing an increased focus on OT security," Ari Sutedja told SUAR, (15/7).

Ari added that a key challenge for companies in Indonesia is the lack of executive understanding of the complexity of OT and its direct impact on business.

Therefore, a strategic approach is needed to drive change, including executive education on OT risks, simulating the impact of attacks on businesses, and advocating for stronger national policies.

Furthermore, he pointed out that when Operational Technology (OT) security becomes an executive responsibility, it has a significant impact on corporate strategy and investment.

Impact

One of the main impacts is the increased budget and focus on cybersecurity. 

This includes not only investments in advanced technologies such as OT firewalls and intrusion detection systems, but also in human resource training, policy development, and attack simulations. 

"Companies that previously viewed OT security as a small part of the IT budget are now starting to see it as a top priority in risk management," he said.

The second impact, he continued, is a holistic approach to risk. Executives are more likely to view cybersecurity risk as an integral part of overall business risk management, driving the integration of OT security with key business strategies.

For example, OT-related risks are now often included in corporate risk reports and form part of strategic discussions at board level. 

Tedja highlighted that the global trend shows that large companies are starting to appoint a Chief Information Security Officer (CISO) or even a Chief Technology Officer (CTO) with a special focus on OT security.

This position is responsible for ensuring OT systems are not only secure but also able to adapt to technological changes.

"In Indonesia, companies like Pertamina and Telkom are starting to show similar signs, although they are still in the early stages." The creation of positions such as these demonstrates companies' understanding of the importance of having OT security-focused leaders at the strategic level.

Technology Business

Author

Tria Dianti
Tria Dianti

Read more

Continuing to Innovate, Startups Hope for Regulatory Certainty
featured
Technology

Continuing to Innovate, Startups Hope for Regulatory Certainty

On Tuesday (12/16/2025), technology-based startup entrepreneurs hoped that the government would create regulatory certainty and a more friendly growth ecosystem.

4 Minutes
By: Tria Dianti, Chris Wibisana
From X to ChatGPT Experiencing "Down" due to Cloudflare Disruption, Creating Losses of up to USD 15 Billion
Cyber Security

From X to ChatGPT Experiencing "Down" due to Cloudflare Disruption, Creating Losses of up to USD 15 Billion

Global internet infrastructure, Cloudflare experienced an internal disruption on Tuesday (18/11/2025) which caused a number of websites and platforms to be inaccessible or down around the world including Indonesia. The loss is estimated at USD15 billion.

4 Minutes
By: Benedictus Krisna Yogatama, Ridho Sukra
Jakarta continues to grow as a strategic market for global data centers
featured
Data Center

Jakarta continues to grow as a strategic market for global data centers

In the Data Center Construction Cost Index 2025 report, Jakarta has a competitive advantage in Southeast Asia, with its data center construction cost of Rp187,207 per watt, which is lower than countries such as Singapore and Tokyo (Japan).

4 Minutes
By: Benedictus Krisna Yogatama, Gema Dzikri Harisma
Beware of Fraud Modes in E-Commerce
Technology

Beware of Fraud Modes in E-Commerce

Shopee Indonesia launched a guidebook to avoid various modes of online fraud in online buying and selling transactions. What are the tips?

3 Minutes
By: Tria Dianti, Harits Naufal Arrazie, Benedictus Krisna Yogatama