The benefits of digital transformation with the cloud and AI unfortunately create the conundrum of challenges such as data sprawl and ransomware.
While the shift to multi-cloud hybrid environments has unlocked new possibilities for scalability, flexibility, and innovation for many organizations, it has also introduced an unprecedented wave of digital hazards, such as lack of data visibility and control.
Findings from Rubrik’s latest Zero Labs report sound some alarms, as revealed in this interview with Sheena Chin, Managing Director, ASEAN, Rubrik.
With increasing data sprawl in the cloud and AI era, how does it translate to complexity in securing data?
Sheena Chin (SC): Cloud and SaaS technologies have drastically transformed the way organizations operate – bringing unprecedented scalability, flexibility, and speed. However, this rapid shift has also led to an explosion of data across multiple environments.
As more organizations turn towards hybrid and multi-cloud strategies, new layers of complexity and risks are introduced. The result: sensitive data now resides across multiple platforms, making it more challenging to maintain visibility, enforce consistent controls, and protect what matters most.
Our latest Rubrik Zero Labs report found that 94% of organizations in APAC use between two and five cloud and SaaS platforms, with 79% storing sensitive data across two or more environments.
Securing data becomes significantly more difficult, as each platform has its own security framework, creating blind spots and inconsistent protections. Cyber-attackers are recognizing this, broadening their tactics to exploit vulnerabilities across hybrid cloud environments to raise their chances of success.
The lack of centralized data management further compounds the challenge, limiting organisations’ ability to maintain a unified view of their data landscape. In fact, our research showed that over a third of APAC IT and security leaders (34%) cited this as a key concern, making it harder to detect threats, enforce policies, and respond swiftly when incidents occur.
Note: APAC respondents surveyed were from Singapore, India, Japan, and Australia.
Alarmingly, according to the Zero Labs report, 95% of organizations paid a ransom when faced with extortion demands, 75% revealing that attackers were able to access and damage their data. What do you think has led to such a situation?
SC: Often, organizations pay a ransom because they deem it the fastest way to regain access to critical data, especially when the threat of data loss or further damage is imminent.
Paying a ransom is unsurprising, particularly among those without a comprehensive resilience plan, where the fear of business discontinuity can outweigh long-term risk considerations. However, paying a ransom does not guarantee full data recovery or prevent future attacks.
Today, three in four attackers can access and damage data because the barriers to entry are significantly low. Cyber-attackers are now employing even more advanced techniques like identity-based strategies – where they are logging in, not breaking in. By exploiting weak points in identity and access management, such as stolen or compromised credentials, they can bypass security defences and escalate ransomware attacks from within, all while remaining harder to detect and contain across any environment.
To break this cycle, organizations must build resilience by strengthening identity security with solutions that adopt Zero Trust principles, and ensuring immutable backups and rapid recovery capabilities.
Why is it crucial to establish clear and comprehensive data protection and backup policies across all platforms?
SC: Establishing clear and comprehensive data protection and backup policies across all platforms is vital for maintaining consistent data security. Rather than relying on native backup tools from cloud providers – which can be limited and may not align with an organisation’s recovery needs – these policies act as guardrails to streamline and strengthen data protection across on-premise, cloud, or SaaS environments.
In addition to setting policies, organizations must also implement processes and procedures to enforce them, including enabling real-time alerts, tracking violations through dashboards, and having clear escalation paths when breaches occur. By doing so, organizations can build confidence among stakeholders and ensure critical business data remains protected, even in the face of accidental loss or malicious threats.
Besides establishing clear and comprehensive policies, how can organizations build confidence in their data security solutions, especially as hybrid and multi-cloud environments have become essential to business performance?
SC: A crucial first step is locating and classifying sensitive data – at rest and in motion. According to our Rubrik Zero Labs data, 90% of organizations in APAC manage hybrid cloud environments, significantly contributing to data sprawl. As not all data carries the same level of risk, pinpointing where sensitive data lives is essential. This clarity helps leaders reassert knowledge and control to devise more informed security strategies.
To scale their defenses, organizations should also leverage automation to support their DevSecOps and IT teams. Automation can not only help reduce human error and accelerate response, but also free up skilled professionals to focus on more strategic and high-value security efforts.
As threats grow more sophisticated – with cyber-attackers increasingly leveraging AI to launch faster, more sophisticated attacks – organisations must match this pace with equally advanced defences. One critical capability gaining traction is AI-powered anomaly detection that can identify unusual patterns such as sudden spikes in data access, atypical file movements, or unexpected user behavior. Early detection enables security teams to contain and mitigate threats before they escalate into larger incidents.
Would a solution to this conundrum involve organizations putting on black hats? Why?
SC: In a metaphorical sense, yes. Organizations should think like threat actors, racing to identify and control their most valuable data before cybercriminals do.
By thinking like a threat actor, organizations instil a data-first security approach – one that mirrors the mindset of attackers by proactively locating, classifying, and safeguarding their most sensitive information before it is targeted or compromised. By understanding what data exists, where it lives, and how it moves across hybrid and multi-cloud environments, organizations can build a more intelligent and resilient security posture.
In addition, continuous backup and restoration processes will safeguard both cloud and on-premises environments, keeping business operations running smoothly even during an attack. Companies can then secure their data without needing to resort to reactive, adversarial tactics.
