For an optimal site experience, we recommend using a different browser.
Using Internet Explorer may prevent you from accessing, and some site features may not function as expected.

skip to main content

Crises have a way of accelerating trends. The sudden and prolonged nature of the pandemic hit the micro, small and medium enterprises (MSME) segment the hardest, with as many as 30 million of them [1] driven out of business. 


Much of the MSME community had to improvise and adapt quickly or risk closure. Digitalization fast became a lifeline for many of these small businesses during a time marked with lockdowns and public mobility restrictions. 


Representing 99% of businesses in Indonesia, MSMEs contribute 61% to the country’s GDP. As the core foundation of the local economy, accelerating digitalization of this segment has been identified as an essential step in enhancing domestic business resilience and boosting pandemic recovery efforts [3].

While digitization opens doors to opportunities, it also comes with considerable cybersecurity risks. This is especially true among MSME owners who may have pivoted to greater digital operations without fully understanding the risks and significant business costs.



The National Cyber and Crypto Agency (BSSN) reported a staggering 1.4 billion cyberattacks in 2021, a disturbing increase from around 495 million in 2020 [5]. A common (and dangerous) misconception is that cybercriminals only target large enterprises and public institutions.

The truth, however, is that criminal groups are increasingly targeting small companies.

MSMEs’ lack of investment in cybersecurity and vulnerability to business disruption makes them more accessible and potentially more lucrative targets. Their lack of preparedness also makes identifying and managing cyber incidents harder when they occur. 



To enhance cybersecurity, the government has mandated specific requirements regarding governance, risk management, information security standard, and electronic system security certification, and is expected to issue the cybersecurity bill this year.

However, more can be done to help build the resilience of the essential driver of the country's economic recovery and future development. 

Owner awareness

It’s safe to assume that many businesses went digital hastily to keep afloat during the pandemic, and little considerations would have been given to cybersecurity, let alone implementing preventive measures to safeguard their online business and data.

Foundational national campaigns and programs would be highly beneficial, but insurers also play a role in supporting intermediaries (such as brokers, agents, banks and digital partners) in discussing emerging cyber-related risks faced by MSMEs beyond traditional ones (e.g., property, auto and marine cargo).



Employee education

Another key outcome of the pandemic-triggered digital acceleration is the rise of a remote or flexible workforce. Employees or temporary contractors untrained in utilizing remote setups, protecting sensitive data or using unsecured connections could create the perfect environment for cyber breaches.

With human error (or innocent mistakes) being the most common cause of cyberattacks, employee education is crucial. Training on recognizing malware, social engineering and phishing methods can help employees become the first line of defense to prevent unauthorized intrusion. 



Business protection

Cash flow is the single biggest concern of every small business owner, and we get that. But not paying enough attention to risk and protection can severely threaten MSMEs’ business continuity.

While SME insurance, or more broadly business insurance, is not mandatory in Indonesia, having adequate coverage can serve as a crucial safety net every small business should have. After all, the Bahasa proverb famously has it, “sediakan payung sebelum hujan”, which literally means have an umbrella on hand before it rains.



Through digitization, Indonesia has tremendous potential to grow its economic productivity by US$121 billion by 2025 [7], and the success of MSMEs will be a critical enabler.

Securing a safe online business environment is vital for survival and creates a strong foundation for these small enterprises to thrive. Industry players, especially those in the risk business, are well-positioned to complement the government’s efforts in helping local entrepreneurs become more risk-aware to safeguard their businesses against emerging digital risks.

At Chubb, we are committed to supporting Indonesian MSMEs become more resilient and achieve their fullest potential in a COVID-19-adapted economy. Recognizing that this all-important segment has different needs and requirements, we have for instance crafted SME Protect Plus, a customizable and cost-friendly solution designed to help small businesses manage their cyber exposures, on top of protecting them against traditional loss events such as fire, flood, earthquake and burglary.

Coming into 2022, we look forward to seeing more public and private initiatives, as well as public-private collaborations, tailored to boost the tenacity of Indonesian MSMEs far beyond the pandemic. 








Tips and Resources

We help you stay ahead and informed with these helpful tips and tricks

Have a question or need more information?

Contact us to find out how we can help you get covered against potential risks