Cybersecurity became Indonesia’s national defense priority after the April 2024 ransomware attack on critical infrastructure exposed systemic vulnerabilities. Despite BSSN’s establishment, inter-agency coordination remains fragmented, and response delays persist. This study aims to identify the key determinants of cyber-incident severity and propose data-driven policy recommendations.

A descriptive quantitative approach was applied to all 77 incidents recorded by BSSN from January to September 2024 a period chosen because it follows new regulatory measures introduced at the start of 2024 and includes multiple high-profile events. BSSN data were cross-referenced with Kominfo and Id-SIRTII logs (revealing an 8 percent discrepancy) to enhance validity. Preprocessing involved removing non-contributory fields, grouping by attack type, sector, and severity, converting categorical variables (Incident Type, Sector, Origin, Mitigation Measures, Response Time, Status) into factors, and stratified splitting into 80 percent training and 20 percent testing subsets. A decision tree model in RStudio (pruned with cp = 0.05) yielded 93.75 percent accuracy, validated by 10-fold cross-validation (mean accuracy 92.5 percent, SD 2.1 percent).

Results show Incident Type as the strongest predictor of severity, followed by Mitigation Measures and Response Time. Attacks responded to within 24 hours seldom exceed medium severity, whereas delays over 48 hours especially for exploits, Trojans, and malware almost always result in critical outcomes. Additionally, incidents from the United States and Singapore disproportionately target underdeveloped infrastructure and governance sectors, increasing severity.

To bolster Indonesia’s cybersecurity resilience, recommendations include: expanding secure, evenly distributed digital infrastructure; establishing and reinforcing provincial CSIRTs; enforcing uniform audit and certification standards; and integrating digital literacy into education. Finally, deepening ASEAN CERT integration through synchronized incident classification and real-time threat attribution will bridge national and regional defense gaps and improve cross-border response capabilities.

ASEAN Secretariat. (2022). Chairman’s Statement of the 29th ASEAN Regional Forum, Phanom Penh, Cambodia, 5 August 2022. ASEAN Secretariat, August, 1–9.

Azhar, M. (2024, October 22). BSSN luncurkan tim tanggap insiden siber (CSIRT) pemerintah daerah. Govinsider. https://govinsider.asia/indo-en/article/bssn-luncurkan-tim-tanggap-insiden-siber-csirt-pemerintah-daerah?

Azzahrah, B. T., Naufal, M., Hamdi, R., Raynee, R., & Layla, Z. (2024). Tantangan Pertahanan dan Keamanan Data Cyber dalam Era Digital : Studi Kasus dan Implementasi. Jurnal Pendidikan Tambusai, 8(2), 23934–23943.

BSSN. (2024). LAPORAN BULANAN PUBLIK JANUARI-SEPTEMBER 2024. https://idsirtii.or.id/halaman/tentang/laporan-hasil-monitoring.html

Chen, J., Tan, R., & Yang, Y. (2023). Research on an Innovative Feature Importance Recognition Algorithm Based on GINI-OOB Index. 2023 IEEE International Conference on Image Processing and Computer Applications (ICIPCA), 862–866. https://doi.org/10.1109/ICIPCA59209.2023.10257830

Cho, S. (2022). National Cybersecurity Organisation: REPUBLIC OF KOREA. 1–27. https://ccdcoe.org/uploads/2022/12/ROK-Country-report.pdf

Creswell, J. W., & Creswell, J. D. (2018). Research Design: Qualitative, Quantitative, and Mixed Methods Approaches Fifth Edition. In Writing Center Talk over Time (Fifth edit). SAGE. https://doi.org/10.4324/9780429469237-3

Dunham, M. H. (2006). Data Mining: Introductory and Advanced Topics 1st Edition. In Engineering.

Fitriati, R. (2016). Membangun Model Kebijakan Nasional Keamanan Siber Dalam Sistem Pertahanan Negara.

Ginanjar, Y. (2022). STRATEGI INDONESIA MEMBENTUK CYBER SECURITY DALAM MENGHADAPI ANCAMAN CYBER CRIME MELALUI BADAN SIBER DAN SANDI NEGARA. Jurnal Dinamika Global, 7(02), 291–312. https://doi.org/10.36859/jdg.v7i02.1187

Han, J., Kamber, M., & Pei, J. (2012a). Data Mining: Concept and Techniques (Third Edit). Elsevier. https://doi.org/https://doi.org/10.1016/C2009-0-61819-5

Han, J., Kamber, M., & Pei, J. (2012b). Data Mining: Concepts and Techniques (Third Edit). Elsevier. https://doi.org/10.1016/C2009-0-61819-5

Komdigi. (2006, November 22). Undangan Sosialisasi INDONESIAN SECURITY INCIDENCE RESPONSE TEAM ON INFORMATION INFRASTRUCTURE (ID-SIRTII) Bagi Para Wartawan Media Massa Pada Tanggal 22 November 2006. Postel.Go.Id. https://postel.go.id/berita-undangan-sosialisasi-indonesian-security-incidence-response-team-on-informa-26-1514

Komdigi. (2013, November 16). Ancaman Cyber Attack Dan Urgensi Keamanan Informasi Nasional. Infradigital Komdigi. https://infradigital.komdigi.go.id/berita-konsultasi-publik-rpm-kominfo-tata-cara-seleksi-pengguna-pita-frekuensi-radio-hellip-26-2079

Mansur, A. Al, & Zaman, T. (2023). No TitleUser Behavior Analytics in Advanced Persistent Threats: A Comprehensive Review of Detection and Mitigation Strategies. 2023 7th International Symposium on Innovative Approaches in Smart Technologies (ISAS), 1–6. https://doi.org/https://doi.org/10.1109/ISAS60782.2023.10391553

Messaoud, B. I. D., Guennoun, K., Wahbi, M., & Sadik, M. (2017). Advanced Persistent Threat: New analysis driven by life cycle phases and their challenges. 2016 International Conference on Advanced Communication Systems and Information Security, ACOSIS 2016 - Proceedings. https://doi.org/10.1109/ACOSIS.2016.7843932

Nations, A. of S. A. (2022). ASEAN Cybersecurity Cooperation Strategy (2021-2025). Asean.Org, 1–14. https://asean.org/wp-content/uploads/2022/02/01-ASEAN-Cybersecurity-Cooperation-Paper-2021-2025_final-23-0122.pdf

NCSI. (2024). 49. Indonesia 63.64. 5, 2–3.

Prabaswari, Alfikri, M., & Ahmad, I. (2022). Evaluasi Implementasi Kebijakan Pembentukan Tim Tanggap Insiden Siber pada Sektor Pemerintah. Matra Pembaruan Jurnal Inovasi Kebijakan, 6(1), 1–13. https://doi.org/10.21787/mp.6.1.2022.1-13

Purwanti. (2025a). Visualisasi Data Cyber Security Attack Dengan Fitur Prediksi Serangan Dan Mitigasi Risiko : Perspektif Generative Gemini AI. 13, 2340–2350.

Purwanti, P. (2025b). Visualisasi Data Cyber Security Attack Dengan Fitur Prediksi Serangan Dan Mitigasi Risiko:Perspektif Generative Gemini AI. Jurnal Minfo Polgan, 13(2), 2340–2350. https://doi.org/10.33395/jmp.v13i2.14453

Quinlan, J. R. (1986). Induction of decision trees. Machine Learning, 1(1), 81–106. https://doi.org/10.1007/bf00116251

Secretariat, A. (2022). Chairman’s Statement of the 29th ASEAN Regional Forum, Phanom Penh, Cambodia, 5 August 2022. ASEAN Secretariat, August, 1–9.

Sudarmadi, D. A., & Runturambi, A. J. S. (2019). Strategi Badan Siber dan Sandi Negara (BSSN) Dalam Menghadapi Ancaman Siber di Indonesia. Jurnal Kajian Stratejik Ketahanan Nasional, 2(2), 157–178. https://doi.org/10.7454/jkskn.v2i2.10028

Tay, K. L. (2023). ASEAN Cyber-security Cooperation: Towards a Regional Emergency- response Framework. The International Institute or Strategic Studies, June, 6–7.

Tristantri, C. N., & Prasodjo, H. (2023). United States National Strategy for Defending Vital Infrastructure from Cyberattacks. Jurnal Pertahanan: Media Informasi Ttg Kajian & Strategi Pertahanan Yang Mengedepankan Identity, Nasionalism & Integrity, 9(3), 542–558. https://doi.org/10.33172/jp.v9i3.16970

Willig, M., Zecevic, M., Dhami, D. S., & Kersting, K. (2021). The Causal Loss: Driving Correlation to Imply Causation. ArXiv, abs/2110.1. https://api.semanticscholar.org/CorpusID:239768919

Witarti, D. I., & Armandha, S. T. (2018). Tinjauan Teoritis Konsepsi Pertahanan dan Keamanan di Era Globalisasi Industri Pertahan. Jurnal Pertahanan & Bela Negara, 5(3), 87–106. https://doi.org/10.33172/jpbh.v5i3.371

Y, S., & Pandian, S. L. (2021). Causal Discovery using Dimensionality Reduction Partial Association Tree. International Research Journal on Advanced Science Hub. https://api.semanticscholar.org/CorpusID:240531953

Zhang, S., Chen, X., Ran, X., Li, Z., & Cao, W. (2024). Prioritizing Causation in Decision Trees: A Framework for Interpretable Modeling. Engineering Applications of Artificial Intelligence, 133, 108224. https://doi.org/https://doi.org/10.1016/j.engappai.2024.108224