Information Security and Digital Sovereignty: A Cyber–Crypto–Signal Defense Model for Indonesia
Abstract
Purpose. This study explores how cyberspace security, cryptography, and signals intelligence can be integrated as the strategic foundation for Indonesia’s digital sovereignty.
Method. Adopting a qualitative research design, the study applies policy analysis and literature review of national cybersecurity regulations, defence doctrines, and international research. Data were examined using the Critical Capability–Critical Requirement–Critical Vulnerability (CC–CR–CV) framework to assess the contribution of each pillar to sovereign cyber defence.
Findings. The results indicate that Indonesia has strengthened its cybersecurity regulatory ecosystem but continues to face challenges, including fragmented command structures, dependency on foreign cryptographic technology, and limited signals-intelligence capacity. Integrating the Cyber–Crypto–Signal Triad enhances national resilience, data protection, and electromagnetic awareness, supporting proactive cyber defence and strategic autonomy.
Theoretical implications. The study advances digital sovereignty discourse by introducing a security-driven operational model that links cyber defence, cryptographic sovereignty, and spectrum dominance.
Practical implications. The paper recommends forming a National Cyber Council to unify command and control, accelerate local cyber-cryptographic development, and institutionalise integrated spectrum-intelligence capabilities.
Originality/Value: This research presents the Cyber–Crypto–Signal Triad as a novel approach to operationalising information security as an instrument of state power, moving beyond regulatory-centric perspectives.
Limitations: Reliance on qualitative analysis and publicly available policy documents limits empirical depth; future research should incorporate threat-intelligence datasets, comparative case studies, and quantitative capability metrics.
Paper type. Empirical.
Downloads
References
Abelson, H., Anderson, R., Bellovin, S. M., Benaloh, J., Blaze, M., Callas, J., … Neumann, P. G. (2021). Bugs in our pockets: The risks of client-side scanning. arXiv. https://doi.org/10.48550/arXiv.2110.07450
Aji, M. P., Somantri, G. R., & Rofii, M. S. (2025). The strategic role of the National Cyber and Crypto Agency (BSSN) in maintaining state sovereignty in cyberspace. Journal of Law, Politics & Humanities, 5(5), 3916–3924. https://doi.org/10.38035/jlph.v5i5.1973
Baumgartner, S., Haass, F., & Veldkamp, T. (2023). Cyber-electromagnetic convergence and the future of conflict. Journal of Strategic Studies, 46(5), 855–874. https://doi.org/10.1080/01402390.2023.XXXXXX
Bokolo, A. J. (2025). Implementing digital sovereignty to accelerate smarter mobility solutions in local communities. Smart Cities, 8(4), 106. https://doi.org/10.3390/smartcities8040106
Braun, M., & Hummel, P. (2024). Is digital sovereignty normatively desirable? Information, Communication & Society. https://doi.org/10.1080/1369118X.2024.2332624
BSSN. (2024). Peraturan BSSN No. 5/2024 tentang Rencana Aksi Nasional Keamanan Siber 2024–2028. Jakarta: Badan Siber dan Sandi Negara.
CCDCOE. (2024). NATO cyber defense exercises: Annual report. NATO Cooperative Cyber Defence Centre of Excellence.
Department of Defense (US). (2023). DoD Cyber Strategy. U.S. DoD.
European Commission. (2024). Cyber Resilience Act. Brussels: EU.
European Parliament Research Service. (2024). Post-quantum cryptography briefing. EU Publications.
European Union. (2022). NIS2 Directive: Directive (EU) 2022/2555. Brussels: EU.
Government of India. (2023). Digital Personal Data Protection Act. New Delhi: Government of India.
Halkis, M., & Haq, M. S. (2021). Phenomenology approach in the development of cyber-physical systems (CPS) national defense. Technium Social Sciences Journal, 17(1), 581–591. https://techniumscience.com/index.php/socialsciences/article/view/2552
Indian Armed Forces. (2024). Joint Doctrine for Cyberspace Operations. New Delhi: Ministry of Defence.
ITU. (2024). Global Cybersecurity Index 2024. International Telecommunication Union.
Jansen, B., et al. (2023). Digital sovereignty and state power. Government Information Quarterly, 40(4), 101820. https://doi.org/10.1016/j.giq.2023.101820
Karjalainen, M., & Penttinen, M. (2024). NATO cyber defense coordination and emerging hybrid threats. NATO Review Journal, 72(2), 88–104.
Kemenhan RI. (2015). Indonesian Defence White Paper. Jakarta: Ministry of Defence.
Kianpour, M., et al. (2025). NIS2 and cybersecurity maturity implications for ASEAN. Computers & Security, 138, 103944. https://doi.org/10.1016/j.cose.2024.103944
Klimburg, A. (2017). The darkening web: The war for cyberspace. Penguin Press.
Libicki, M. C. (2021). Cyber persistence theory and conflict escalation. RAND Corporation.
Ministry of Defence India. (2025). Cyber Suraksha Command Exercise Report 2025. New Delhi.
Najafov, Z. N. (2025). The generational division of warfare and controversial issues. Social Development and Security, 15(4). https://doi.org/10.33445/sds.2025.15.4.6
NATO. (2024a). NATO Integrated Cyber Defence Centre Report. Brussels: NATO HQ.
NATO. (2024b). Cyber Defence Policy Statement 2024. Brussels: NATO HQ.
NATO. (2024c). Hybrid and cyber threat posture update. NATO Strategic Communications Office.
Nye, J. S. (2020). Cyber power and world politics. Harvard Kennedy School.
ONCD (Office of the National Cyber Director, US). (2024). National Cybersecurity Strategy Implementation Plan. Washington, DC.
Pierucci, L. (2025). Hybrid cyber strategy and national power transitions. Journal of Cyber Policy, 10(1), 55–74. https://doi.org/10.1080/23738871.2025.XXXXXX
Pohle, J., & Thiel, T. (2020). Digital sovereignty. Internet Policy Review, 9(4). https://doi.org/10.14763/2020.4.1532
Rietiker, D. (2024). Encryption, sovereignty, and democratic control. International & Comparative Law Quarterly, 73(3), 501–524. https://doi.org/10.1017/S002058932300XXX
Santaniello, M. (2025). Digital statecraft in the age of algorithmic geopolitics. Global Policy, 16(1), 122–136. https://doi.org/10.1111/1758-5899.13321
Smeets, M., & Liaropoulos, A. (2024). Digital sovereignty and cyber-power projection in Europe and Asia. Journal of Cybersecurity, 10(2), tyad032. https://doi.org/10.1093/cybsec/tyad032
Singh, R., & Suri, P. (2024). India's evolving cyber doctrine and strategic autonomy. Strategic Analysis, 48(2), 293–310. https://doi.org/10.1080/09700161.2024.XXXXXX
White House. (2023). National Cybersecurity Strategy. Washington, DC.
Abstract views: 56 PDF Downloads: 22
Copyright (c) 2025 Mhd Halkis, Tomy Arvianto
This work is licensed under a Creative Commons Attribution 4.0 International License.
The authors agree with the following conditions:
1. Authors retain copyright and grant the journal right of first publication (Download agreement) with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgment of the work's authorship and initial publication in this journal.
2. Authors have the right to complete individual additional agreements for the non-exclusive spreading of the journal’s published version of the work (for example, to post work in the electronic repository of the institution or to publish it as part of a monograph), with the reference to the first publication of the work in this journal.
3. Journal’s politics allows and encourages the placement on the Internet (for example, in the repositories of institutions, personal websites, SSRN, ResearchGate, MPRA, SSOAR, etc.) manuscript of the work by the authors, before and during the process of viewing it by this journal, because it can lead to a productive research discussion and positively affect the efficiency and dynamics of citing the published work (see The Effect of Open Access).
