Despite spectacular cyber incidents being reported and discussed daily in the region, the bad guys are gaining more ground. Why?

As commissioned surveys and empirical data go, respondents’ beliefs and opinions do not necessarily tally with reality.

For example, surveys of corporate cyber readiness practices have often shown a gap between respondents’ confidence levels in their organizations’ defense capabilities versus their actual performance in warding off and containing ever-expanding regional cyber threats.

What are the myriad factors underlying such instances of cyber complacency or cyber delusion? CybersecAsia.net discussedthis with Andrew Lim, Managing Director, Kyndryl ASEAN, to address the losing battle against cybercriminals state-sponsored cyber threats.

CybersecAsia: In view of the escalating cyber risks in the region, how can defenders use AI to actively mitigate risks and achieve cyber resilience? 

Andrew Lim (AL): Based on our own research, the global cost of data breaches averaged US$4.45m per incident, highlighting the pivotal role of cybersecurity in an era of accelerated rate of business transformation.

Topping the list of threats are data breaches, account takeovers and data loss. With AI’s transformative impact on business operations, the potential for its use within enterprise security is vast: this encompasses real-time threat detection; behavioral analytics; and predictive analysis to identify and address anomalies in network traffic and user behavior.

AI also fosters cyber resilience through adaptive security models, threat intelligence, and continuous monitoring of evolving threats.

Andrew Lim, Managing Director, ASEAN, Kyndryl

However, there is a need for caution, as AI can be misused for malicious purposes. In this evolving landscape, businesses must adopt multi-layered cybersecurity encompassing human, process, and technology factors, along with training and early detection and response solutions.

CybersecAsia: Given the different styles of government in the region, how should collaboration between the public private sector and solutions providers be managed to combat cyber threats without possibility of conflicts of interest?

AL: Transparency, clearly-defined boundaries, and accountability should be central to the collaboration between governments in the region.

The ASEAN Cybersecurity Cooperation Strategy holds the potential to unite the region, as it seeks to foster trust, enhance cyber readiness, and facilitate international cooperation for a safer and more prosperous digital environment.

Through this framework, the public and private sectors across the region can look to share threat intelligence, safeguard sensitive data, establish forums for open dialog, and implement effective resolution mechanisms while respecting government styles — for the greater good of the technology landscape in ASEAN. 

CybersecAsia: Despite years of pushing for staff education on cyber awareness and encouraging them to be stakeholders in organizational cybersecurity, cyberattacks continue to break through defenses. What are organizations doing wrong in this regard in the various APAC/ASIA countries? 

AL: With new forms of cyber malware attacks surfacing in the last couple of years, organizations that have had to deal with cyberattacks are also those who have expressed overconfidence in managing them.

To address the dissonance between their confidence and the frequency of such events, the key strategy revolves around ensuring that cyber resilience strategies are aligned among both top management and all other employees.

While organizations can take measures to lead their people to cyber resilience, it also depends on the level of awareness of safety in cyber space – which leaders of an organization are responsible for.

CybersecAsia: Please share with readers your perspectives/projections of emerging cybersecurity trends expected to shape the landscape in 2024, and how organizations can prepare and adapt to these trends to stay ahead of potential threats.

AL:  Between regulatory requirements, board-level engagement, and a high likelihood of disruption, enterprises will increasingly see ageing infrastructure as a serious security issue.

To counter the alarming cybersecurity trends in 2024, leaders will need to modernize legacy infrastructure and simplify IT environments as part of their security investments in 2024.

Also, a SecOps model — driven by supply chain concerns and long-running issues of disparate tools and communication gaps — can be followed to enable collaboration between security and operations teams to resolve issues faster and minimize downtime in any incident.

Finally, security leaders will need to review threats posed by generative AI, and reassess traditional cyber education and containment models that lose their effectiveness against rapid AI-powered attacks. Used responsibly and ethically, generative AI can spare security professionals from mundane tasks, and provide a productivity boost as the industry continues to grapple with skills shortages.

CybersecAsia thanks Andrew for sharing his professional insights on cybersecurity conundrums in the region.