Indonesia’s vast, diverse population and scattered islands create a unique landscape for AI adoption. Across sectors – from healthcare to logistics and banking to public services – leaders view AI not just as a tool for efficiency but as a means to expand reach, build resilience, and elevate citizen experience. With AI expected to add up to 12% of Indonesia’s GDP by 2030, it’s poised to be a core engine of growth.
Yet, ambition isn’t enough. While AI interest is high, execution is patchy. Many organisations remain stuck in isolated pilots or siloed experiments. Those scaling quickly face familiar hurdles: fragmented infrastructure, talent gaps, integration issues, and a lack of unified strategy and governance.
Ecosystm gathered insights and identified key challenges from senior tech leaders during a series of roundtables we moderated in Jakarta. The conversations revealed a clear picture of where momentum is building – and where obstacles continue to slow progress. From these discussions, several key themes emerged that highlight both opportunities and ongoing barriers in the country’s digital journey.
Theme 1. Digital Natives are Accelerating Innovation; But Need Scalable Guardrails
Indonesia’s digital-first companies – especially in fintech, logistics tech, and media streaming – are rapidly building on AI and cloud-native foundations. Players like GoTo, Dana, Jenius, and Vidio are raising the bar not only in customer experience but also in scaling technology across a mobile-first nation. Their use of AI for customer support, real-time fraud detection, biometric eKYC, and smart content delivery highlights the agility of digital-native models. This innovation is particularly concentrated in Jakarta and Bandung, where vibrant startup ecosystems and rich talent pools drive fast iteration.
Yet this momentum brings new risks. Deepfake attacks during onboarding, unsecured APIs, and content piracy pose real threats. Without the layered controls and regulatory frameworks typical of banks or telecom providers, many startups are navigating high-stakes digital terrain without a safety net.
As these companies become pillars of Indonesia’s digital economy, a new kind of guardrail is essential; flexible enough to support rapid growth, yet robust enough to mitigate systemic risk.
A sector-wide governance playbook, grounded in local realities and aligned with global standards, could provide the balance needed to scale both quickly and securely.
Theme 2. Scaling AI in Indonesia: Why Infrastructure Investment Matters
Indonesia’s ambition for AI is high, and while digital infrastructure still faces challenges, significant opportunities lie ahead. Although telecom investment has slowed and state funding tightened, growing momentum from global cloud players is beginning to reshape the landscape. AWS’s commitment to building cloud zones and edge locations beyond Java is a major step forward.
For AI to scale effectively across Indonesia’s diverse archipelago, the next wave of progress will depend on stronger investment incentives for data centres, cloud interconnects, and edge computing.
A proactive government role – through updated telecom regulations, streamlined permitting, and public-private partnerships – can unlock this potential.
Infrastructure isn’t just the backbone of digital growth; it’s a powerful lever for inclusion, enabling remote health services, quality education, and SME empowerment across even the most distant regions.
Theme 3. Cyber Resilience Gains Momentum; But Needs to Be More Holistic
Indonesian organisations are facing an evolving wave of cyber threats – from sophisticated ransomware to DDoS attacks targeting critical services. This expanding threat landscape has elevated cyber resilience from a technical concern to a strategic imperative embraced by CISOs, boards, and risk committees alike. While many organisations invest heavily in security tools, the challenge remains in moving beyond fragmented solutions toward a truly resilient operating model that emphasises integration, simulation, and rapid response.
The shift from simply being “secure” to becoming genuinely “resilient” is gaining momentum. Resilience – captured by the Bahasa Indonesia term “ulet” – is now recognised as the ability not just to defend, but to endure disruption and bounce back stronger. Regulatory steps like OJK’s cyber stress testing and continuity planning requirements are encouraging organisations to go beyond mere compliance.
Organisations will now need to operationalise resilience by embedding it into culture through cross-functional drills, transparent crisis playbooks, and agile response practices – so when attacks strike, business impact is minimised and trust remains intact.
For many firms, especially in finance and logistics, this mindset and operational shift will be crucial to sustaining growth and confidence in a rapidly evolving digital landscape.
Theme 4. Organisations Need a Roadmap for Legacy System Transformation
Legacy systems continue to slow modernisation efforts in traditional sectors such as banking, insurance, and logistics by creating both technical and organisational hurdles that limit innovation and scalability. These outdated IT environments are deeply woven into daily operations, making integration complex, increasing downtime risks, and frustrating cross-functional teams striving to deliver digital value swiftly. The challenge goes beyond technology – there’s often a disconnect between new digital initiatives and existing workflows, which leads to bottlenecks and slows progress.
Recognising these challenges, many organisations are now investing in middleware solutions, automation, and phased modernisation plans that focus on upgrading key components gradually. This approach helps bridge the gap between legacy infrastructure and new digital capabilities, reducing the risk of enterprise-wide disruption while enabling continuous innovation.
The crucial next step is to develop and commit to a clear, incremental roadmap that balances risk with progress – ensuring legacy systems evolve in step with digital ambitions and unlock the full potential of transformation.
Theme 5. AI Journey Must Be Rooted in Local Talent and Use Cases
Ecosystm research reveals that only 13% of Indonesian organisations have experimented with AI, with most yet to integrate it into their core strategies.
While Indonesia’s AI maturity remains uneven, there is a broad recognition of AI’s potential as a powerful equaliser – enhancing public service delivery across 17,000 islands, democratising diagnostics in rural healthcare, and improving disaster prediction for flood-prone Jakarta.
The government’s 2045 vision emphasises inclusive growth and differentiated human capital, but achieving these goals requires more than just infrastructure investment. Building local talent pipelines is critical. Initiatives like IBM’s AI Academy in Batam, which has trained over 2,000 AI practitioners, are promising early steps. However, scaling this impact means embedding AI education into national curricula, funding interdisciplinary research, and supporting SMEs with practical adoption toolkits.
The opportunity is clear: GenAI can act as an multiplier, empowering even resource-constrained sectors to enhance reach, personalisation, and citizen engagement.
To truly unlock AI’s potential, Indonesia must move beyond imported templates and focus on developing grounded, context-aware AI solutions tailored to its unique landscape.
From Innovation to Impact
Indonesia’s tech journey is at a pivotal inflection point – where ambition must transform into alignment, and isolated pilots must scale into robust platforms. Success will depend not only on technology itself but on purpose-driven strategy, resilient infrastructure, cultural readiness, and shared accountability across industries. The future won’t be shaped by standalone innovations, but by coordinated efforts that convert experimentation into lasting, systemic impact.
2025 is already shaping up to be a battleground for cybersecurity. With global cybercrime costs projected to reach USD 10.5T, by year’s end, the stakes have never been higher. Cybercriminals are getting smarter, using AI-driven tactics and large-scale exploits to target critical sectors. From government breaches to hospital data leaks and a surge in phishing scams, recent attacks highlight the growing financial and operational toll of cyber threats.
As cyber threats intensify, the demand for stronger defences, top-tier cybersecurity talent, and global collaboration has never been more urgent.
Here’s a look at the recent cyber developments that are shaping 2025.
Click here to download “Cyber Lessons from the Frontlines” as a PDF.
Major Security Breaches: A Costly Wake-Up Call
Cyberattacks are becoming more targeted, disruptive, and costly – impacting governments and organisations worldwide.
In Singapore, mobile wallet fraud is surging, with phishing tactics causing USD 8.9K in losses – 80% linked to Apple Pay. In the UK, security flaws in government IT systems have exposed sensitive data and infrastructure. South Africa’s government-run weather service (SAWS) was also forced offline, disrupting a critical resource for airlines, farmers, and emergency responders. Across the Atlantic, a data breach at a Georgia hospital compromised 120,000 patient records, while BayMark Health Services, the largest addiction treatment provider in the US, alerted patients to a similar breach.
What steps are governments, tech providers, and enterprises taking to protect themselves, critical infrastructure, and individuals?
Protecting Critical Infrastructure: The Digital Backbone
As global connectivity expands, securing critical infrastructure is paramount to sustaining growth, stability, and public trust.
Undersea cables, which carry much of the world’s internet traffic, are a major focus. While tech giants like Amazon, Meta, and Google are expanding these networks to boost global data speed and reliability, the need for protection is just as urgent – prompting the EU to invest nearly a billion dollars in securing them against emerging threats.
Governments and tech providers alike are stepping up. The European Commission has introduced a cybersecurity blueprint to strengthen crisis coordination, rapid response, and information sharing. Meanwhile, Microsoft is investing USD 700M in Poland’s cloud and AI infrastructure, working with the Polish National Defense to enhance cybersecurity through AI-driven strategies.
Quantifying Cyber Risk: Standardised Threat Assessment
As cyber threats grow more sophisticated, so must our ability to detect, measure, and respond to them.
A major shift in cybersecurity is underway – one that prioritises standardised threat assessment and coordinated defense.
The UK is leading the charge with a new cyber monitoring centre that will introduce a “Richter Scale” for cyberattacks, ranking threats much like earthquake magnitudes. Emerging countries are also joining in; Vietnam is strengthening its cyber defences with a new intelligence-sharing platform designed to improve coordination between the government and private sector.
By quantifying cyber risks and enhancing intelligence-sharing, these efforts are shaping global cybersecurity norms, improving response times, and building a more resilient digital ecosystem.
Beyond Defence: Proactive Measures to Combat AI-Driven Cybercrime
Cyber threats evolve faster than defences can keep up – a single click on a malicious email can lead to a breach in just 72 minutes.
With AI making cyberattacks more sophisticated, governments are taking an active role in cyber law enforcement.
Indonesia set up a cyber patrol to monitor and regulate harmful online content while also working to create a safer digital space for children. Thailand, Cambodia, and Laos are cooperating to curb cross-border scams through intelligence sharing and joint enforcement efforts.
Building Trust Online: Digital Identity Solutions
Governments are moving beyond enforcement to strengthen security with digital identity frameworks.
The EU is leading this shift with large-scale pilots for digital identity wallets, designed to offer citizens a secure, seamless way to verify credentials for services, transactions, and age-restricted content. By 2026, each EU member state will issue its own wallet, built on unified technical standards to ensure cross-border interoperability and stronger cybersecurity.
Digital identity wallets mark a major shift in data security, giving citizens greater control over their information while strengthening online trust. By securing identity verification, governments are reducing fraud and identity theft, creating a safer digital landscape.
Closing the Gap: Global Cyber Education Push
Cybersecurity education is no longer just for IT teams – it’s essential at every level, from executives to employees, to build long-term resilience.
Again, governments and tech giants alike are stepping up to bridge the skills gap and enhance cyber awareness.
Singapore is leading by example with a cyber-resilience training program for board directors, ensuring corporate leaders understand cyber risk management. AWS is investing USD 6.35M to support cybersecurity education in the UK, and Microsoft is expanding its global training efforts. The company has partnered with Kazakhstan to strengthen public sector cybersecurity and has committed to training one million South Africans in AI and cybersecurity by 2026.
The Path Forward: A Collective Responsibility
The cybersecurity landscape underscores a crucial truth: resilience can’t be built in isolation. Governments, businesses, and individuals must move past reactive measures and adopt a collective, intelligence-driven approach. As threats grow more sophisticated, so must our commitment to collaboration, vigilance, and proactive defence.
In an increasingly interconnected world, securing the digital landscape is not just necessary – it’s a shared responsibility.
Ecosystm research shows that customer engagement is emerging as the main beneficiary of AI implementations in Malaysia with 44% of AI investments being led by CX/Marketing/Sales teams.
Explore the key trends that are transforming the Malaysian technology landscape and stay tuned for more data-backed insights on Southeast Asia’s tech markets.
The Big5 CIO Priorities India ’24 Study reveals the pulse of India’s top technology leaders, offering insights into the country’s technology roadmap.
The study reveals that while a substantial 86% of organisations plan to augment their investments in cybersecurity in 2024, a comparatively modest 30% will prioritise SecOps and security analytics.
