AS Asean’s digital economy races towards a projected value of US$1 trillion by 2030 – and potentially double that with the Asean Digital Economy Framework Agreement – AI’s transformative potential risks being compromised by a lax cybersecurity approach.
Our region has witnessed a sharp rise in cyber threats, with attacks rising in scale and sophistication. Singapore’s latest cyber landscape shows phishing and ransomware as dominant threats and a sharp uptick in infected systems while Malaysia ranked among the top in Southeast Asia for web-based threats last year.
The rapid adoption of AI is introducing new vulnerabilities – 66% of organisations expect this to have the most significant impact on cybersecurity in the year to come, according to Global Cybersecurity Outlook 2025.
However, only 37% of these organisations have processes to assess the security of AI tools before deployment, revealing the gap between rapid AI implementation without necessary cybersecurity safeguards and the recognition of AI-induced risks.
As enterprises deploy AI at scale, attackers are evolving their tactics by exploiting vulnerabilities in AI models, targeting proprietary data and leveraging phishing campaigns to infiltrate systems.
IBM’s 2025 X-Force Threat Intelligence Index revealed that 84% of phishing emails now deliver infostealers and 30% of breaches stem from abuse of valid accounts.
The economists argue for action. At US$4.44 million on average per breach and a world-leading 34% of global cybersecurity incidents happening to Asian enterprises, the stakes have never been higher.
Encouragingly, governments are acting: the Asean Cybersecurity Cooperation Strategy (2021–2025) advances information-sharing and joint readiness while Singapore’s Cybersecurity Act and Malaysia’s National Cyber Security Agency (NACSA) are designed to strengthen enforcement and resilience.
While policy-level initiatives provide the framework and impetus, it is AI itself which presents a powerful opportunity to strengthen our cyber defences.
Today’s mature AI algorithms can contextualise vast volumes of data – from raw signals to behavioural patterns – enabling security teams to detect threats faster and respond with precision.
Companies should not only enhance threat detection but also automate response workflows, freeing up valuable time and improving overall resilience.
Here is a pragmatic playbook for Asean businesses to consider:
Secure-by-design AI: Treat AI systems (models, data, prompts, agents) as critical assets – inventory them, restrict access, monitor usage and red-team continuously.
Identity-first protection: Roll out phishing-resistant authentication, close authentication gaps, and monitor for infostealers and credential abuse across endpoints and cloud.
Automate the Security Operations Centre: Use mature AI plus gen AI to accelerate investigations, cut alert fatigue, and keep cybersecurity professionals in the loop and in charge.
Invest in skills jointly: Expand public-private talent programmes and regional information sharing under Asean frameworks.
As Asean’s digital economy scales new heights, let’s ensure our cybersecurity posture rises with it. In the race to harness AI, security should not be an afterthought but a foundation.
Catherine Lian is the general manager and technology leader for IBM Asean. Comments: letters@thesundaily.com
