Moving away from reactive cybersecurity to preemptive, continuous AI-powered cyber vigilance

To tackle intensifying democratization of cybercrime, find out what some key proactive cyber strategies are needed in APAC and beyond.

As cyber threats accelerate across the region, organizations relying on traditional periodic risk assessments can no longer keep pace with AI-driven adversaries.

With organizations operating in increasingly complex digital and operational environments, cybersecurity now demands continuous visibility and predictive readiness.

In this Q&A inspired at Govtech 2025, David Ng, Managing Director (Singapore, the Philippines, and Indonesia), Trend Micro, explains to CybersecAsia.net how organizations can use AI to anticipate evolving threats, strengthen business resilience, and make smarter, data-driven security decisions.

CybersecAsia: Why can current periodic risk assessments not keep up with AI-powered adversaries?

David Ng (DN): Periodic risk assessments, which are static, point-in-time snapshots of an organization’s security posture — operate on the assumption that the threat landscape evolves gradually. However, that is no longer the case.

Threat actors can now use AI and automation to identify and exploit vulnerabilities within hours, making traditional quarterly or annual cybersecurity review cycles far too slow. This creates a dangerous lag between risk identification and mitigation: a lag that adversaries exploit mercilessly.

At the same time, AI has lowered the barriers to entry for malicious actors. Even less-skilled cybercriminals can now deploy sophisticated phishing campaigns, deepfakes and adaptive malware at scale, customizing them to bypass defenses and target individuals precisely. Static assessments cannot capture or respond to such a fast-changing threat environment.

To stay ahead, organizations need to shift from periodic risk assessments to proactive, continuous risk monitoring. By combining live telemetry, predictive analytics and AI-driven modelling, security teams can maintain real-time situational awareness and prioritize vulnerabilities dynamically. This shift enables constant adaptation to rapidly evolving threats.

CybersecAsia: How should organizations in the Asia Pacific region (APAC) plan beyond cyber defence, to ensure business resilience and continuity at scale?

DN: In APAC, achieving resilience and continuity at scale begins with treating cybersecurity as a core element of business strategy, rather than an afterthought or standalone IT concern. It must be integrated into enterprise risk management, compliance, and strategic decision-making.

When embedded within core operations, cybersecurity becomes a driver of business confidence — enabling leaders to protect value, maintain trust, and sustain growth even amid disruption.

This strategic alignment also demands a fundamental mindset shift from reactive defence to proactive security. Organizations should not continue to operate in a constant state of firefighting, responding only after incidents occur.

In practice, proactive cybersecurity requires constant visibility across the digital footprint, understanding how assets, identities, and processes interconnect, and knowing where the most critical exposures lie. Such approaches support this by providing a continuous process for discovering all assets, assessing their risk exposure, and prioritizing mitigation actions. By providing visibility, prioritization, and intelligence across the enterprise, such approaches (similar to Gartner’s adviso r y on continuous threat exposure management) help security teams to make informed, risk-based decisions in real time.

As AI continues to reshape APAC’s threat landscape, integrating such approaches with AI-powered analytics and automation allows enterprises to proactively identify threats, reduce dwell time, and sustain business operations even under attack.

In practice, resilience is no longer just about recovery, it is about maintaining trust, protecting brand reputation, and ensuring operational continuity in the face of constant change.

CybersecAsia: What capabilities should proactive, intelligent risk and security management solutions have today?

DN: Today’s intelligent risk and security management solutions need to go beyond visibility and detection to deliver context, foresight, and autonomy. They should not simply tell organizations what is happening, but also why it matters and what to do next.

The first step is establishing a unified data foundation — one that consolidates telemetry from endpoints, networks, cloud environments, and identities into a single intelligence layer. This integration enables security teams to move from fragmented views to a real-time, contextual understanding of their digital ecosystem, where decisions are informed by impact and relevance rather than volume.
Next, organizations need the capability to anticipate risk through advanced modeling and continuous simulation. By safely replicating complex environments and testing defensive strategies, security teams can map potential attack paths, validate controls, and identify weaknesses before adversaries exploit them. This predictive insight marks a needed transformation from reactive assessment to proactive resilience.

Finally, future-proof cybersecurity solutions harness adaptive automation and agentic decision-making to translate intelligence into action. By autonomously correlating data, prioritizing threats, and executing responses at speed, such solutions can amplify human capability and reduce operational burden.

CybersecAsia: What innovative ways can APAC organizations tap to address today’s cyber threats?

DN: One evolution in proactive cybersecurity that can help organizations shift from static, reactive defenses to a dynamic, predictive model is the digital twin technology. In cybersecurity, the approach uses agentic AI to create a high-fidelity, continuously updated simulation of an organization’s digital infrastructure spanning on-premises, cloud, IT, and OT environments.

This simulation allows security teams to safely test real-world cyber threats and assess defensive measures without any impact or disruption to live systems. Within this virtual environment, AI agents can model adversary tactics and simulate attack scenarios to validate controls, test mitigation strategies, and uncover vulnerabilities long before a real incident occurs.

The result is a continuous cycle of adversary simulation and defensive validation, improving readiness and reducing exposure across complex, interdependent systems.

Digital Twin technology can also be used in data-driven decision-making. Security leaders can introduce new tools or policies into the twin, to see how it performs under realistic threat conditions. This allows for better-informed investment decisions, and helps optimize business resilience by revealing how potential disruptions could ripple across IT and OT systems.

By testing security assumptions against AI-driven tactics before they emerge in the wild, organizations in the region (and beyond) can strengthen their resilience and maintain confidence in an increasingly unpredictable threat landscape.

CybersecAsia thanks David Ng for sharing his professional insights with readers.