Cybersecurity News in Asia

RECENT STORIES:

SEGA moves faster with flow-based network monitoring
The cyber incident that is too “isolated” to accentuate to mass media...
Sparsa AI Launches Sovereign Enterprise AI Platform with Global Deploy...
Conifers AI Opens Singapore Data Region, Bringing Local Data Residency...
Finally taken down: Residential proxy network of at least 2m smart dev...
DXC Opens Flagship AI-first Customer Experience Center in Bengaluru
LOGIN REGISTER
CybersecAsia
  • Features
    • Featured

      S E Asia governments targeted by cyber-espionage group

      S E Asia governments targeted by cyber-espionage group

      Tuesday, June 23, 2026, 8:00 AM Asia/Singapore | Features
    • Featured

      Rethinking network and infrastructure design for resilience

      Rethinking network and infrastructure design for resilience

      Thursday, June 18, 2026, 2:17 PM Asia/Singapore | Features
    • Featured

      Bringing cybercriminals to justice in APAC

      Bringing cybercriminals to justice in APAC

      Thursday, June 11, 2026, 10:30 AM Asia/Singapore | Features
  • Opinions
  • Tips
  • Whitepapers
  • AWARDS 2026
  • Directory
  • E-Learning

Select Page

Tips

Mitigating supply chain cyber risks with zero trust enterprise browsers and session controls

By CybersecAsia editors | Thursday, October 16, 2025, 5:26 PM Asia/Singapore

Mitigating supply chain cyber risks with zero trust enterprise browsers and session controls

Organizations face fresh supply chain risks when onboarding external contractors. Here is a new way to secure the supply chain.

In today’s fast-moving business environment, agility is a must for survival and competitive success. Organizations increasingly rely on an extended workforce model — engaging contractors such as cybersecurity consultants, offshore developers, and marketing specialists — to scale quickly and fuel innovation amid global uncertainty.

However, onboarding these essential contractors introduces a complex set of security challenges. Issues such as data residency, access from unmanaged personal devices, and regulatory compliance demands require fresh thinking about secure access.

Legacy security models, including traditional virtual private networks (VPNs), were designed for an era when network perimeters were clearly defined and devices were largely managed by IT. Such models tend to be too slow, costly, and rigid for today’s dynamic, compliance-driven environment.

While VPNs provide encrypted tunnels for remote access, they often grant broad network privileges, lack granular session controls, and offer limited visibility into user activity. For short-term contractors needing quick access, the days-long setup and management overhead of VPNs can also hinder productivity. However, this does not mean VPNs have no place: they remain useful tools. Still, to meet the demands of today’s contractor ecosystems, they need supplementing with modern, flexible security approaches.

Leveraging Zero Trust and session-level controls
For this supply chain security challengethe Zero Trust philosophy offers a powerful approach by recognizing the perimeter is effectively gone.

Zero Trust decouples security enforcement from networks and devices, instead requiring continuous verification of identity and device posture. In this model:

  • Access is granted on a least privilege basis, ensuring contractors only reach the precise resources they need
  • Security policies can be enforced at the session level, not just the network, allowing finer control and reduced risk of unauthorized data exposure or lateral movement
  • Continuous monitoring and audit capabilities provide essential visibility for compliance and risk management

One practical implementation of these principles is the use of secure enterprise browsers. These tools create isolated, policy-controlled browsing sessions that can prevent contractors from downloading, copying, or printing sensitive corporate data, even when accessed from personal laptops or regional offices.

This browser-based approach can achieve compliance and data residency requirements without the cost and complexity of virtual desktop infrastructure (VDI), while providing centralized control and detailed audit logs.

Balancing security with usability and compliance

According to Rebecca Law, Country Manager, Check Point Software, a provider of such enterprise browser solutions, “(organizations) need to enable immediate, secure access for a consultant without a days-long VPN setup… manage a regional team accessing internal resources … without creating complex data sovereignty nightmares,” alluding to how zero trust enterprise browsers with the right set of tools can be used to reduce supply chain risks.

Meanwhile, organizations will still need to stay vigilant about regulatory mandates relevant to their operations, ensuring access policies and auditing capabilities meet compliance demands.

Potential drawbacks of enterprise browsers

While enterprise browsers with zero trust controls offer compelling security benefits, C-level leaders should be aware of the practical limitations.

  • User resistance is a common problem: switching employees or contractors from familiar browsers to proprietary, locked-down versions can create frustration, compatibility issues, and drops in productivity. Some business-critical apps may not function seamlessly, especially older or niche tools requiring plugins or custom workflows that secure browsers may block.
  • Enterprise browser solutions can also lead to vendor lock-in. These platforms often bundle identity, policy, and compliance features, making future migration to other security stacks difficult and costly. Centralized browser controls may not extend protection to actions outside the browser, such as data copied to installed apps — leaving blind spots if users rely on local or legacy software.
  • Finally, supporting a diverse workforce using different devices and operating systems creates management complexity. Rigid browser policies may drive savvy users toward unsupported workarounds, such as shadow IT or unsanctioned browsers, if enterprise tools hinder their workflow.

As with any tool, a layered approach that blends browser security with endpoint defense, training, and robust policies remains essential for true risk reduction.

Share:

PreviousChina Telecom Shines at GITEX Global 2025, Connecting the Intelligent Future, Empowering the Digital Ecosystem
NextScammers exploit popular anime film release with fake websites and phishing schemes

Related Posts

New scam tricks on the block: targeted links

New scam tricks on the block: targeted links

Tuesday, January 11, 2022

Malicious airdropped NFTs lead to theft of hundreds of thousands of dollars

Malicious airdropped NFTs lead to theft of hundreds of thousands of dollars

Friday, October 22, 2021

Former-employee data breach exposes nearly 700,000 loan customers’ information

Former-employee data breach exposes nearly 700,000 loan customers’ information

Wednesday, September 17, 2025

Malicious extension in open code marketplace causes US$500k cryptocurrency theft from developer

Malicious extension in open code marketplace causes US$500k cryptocurrency theft from developer

Thursday, July 17, 2025

Leave a reply Cancel reply

You must be logged in to post a comment.

Voters-draw/RCA-Sponsors

Slide

CybersecAsia Voting Placement

Gamification listing or Participate Now

PARTICIPATE NOW

Vote Now -Placement(Google Ads)

Top-Sidebar-banner

Whitepapers

  • Critical Security Threatsand the Need for ZTNA: How evolving cyberattacks demand a Zero Trust approach

    Critical Security Threatsand the Need for ZTNA: How evolving cyberattacks demand a Zero Trust approach

    Cyber threats have become more frequent and sophisticated, targeting organizations of all sizes across all …Download Whitepaper
  • Zero Trust Made Simple: Why it matters and how to get started

    Zero Trust Made Simple: Why it matters and how to get started

    Data breaches and cyberattacks are no longer limited to large, high-profile organizations.Download Whitepaper
  • Cloud Secure Edge: Remote access, better security

    Cloud Secure Edge: Remote access, better security

    ​SonicWall Cloud Secure Edge™ is a modern, cloud-native Security Service Edge (SSE) solution that addresses …Download Whitepaper
  • Closing the Gap in Email Security:How To Stop The 7 Most SinisterAI-Powered Phishing Threats

    Closing the Gap in Email Security:How To Stop The 7 Most SinisterAI-Powered Phishing Threats

    Insider threats continue to be a major cybersecurity risk in 2024. Explore more insights on …Download Whitepaper

Middle-sidebar-banner

Case Studies

  • How a Vietnamese D2C retailer built its own secure digital infrastructure

    How a Vietnamese D2C retailer built its own secure digital infrastructure

    Would your organization build your own digital infrastructure – including AI governance and cybersecurity – …Read more
  • Cyber protection for medical clinics in Singapore

    Cyber protection for medical clinics in Singapore

    As Singapore’s healthcare sector becomes increasingly digital and interconnected, clinics are facing heightened cyber risks, …Read more
  • India’s WazirX strengthens governance and digital asset security

    India’s WazirX strengthens governance and digital asset security

    Revamping its custody infrastructure using multi‑party computation tools has improved operational resilience and institutional‑grade safeguardsRead more
  • Bangladesh LGED modernizes communication while addressing data security concerns

    Bangladesh LGED modernizes communication while addressing data security concerns

    To meet emerging data localization/privacy regulations, the government engineering agency deploys a secure, unified digital …Read more

Bottom sidebar

Other News

  • Sparsa AI Launches Sovereign Enterprise AI Platform with Global Deployment at QNET

    Wednesday, July 8, 2026
    The Sparsa AI Enterprise Operating …Read More »
  • Conifers AI Opens Singapore Data Region, Bringing Local Data Residency to Asia-Pacific Security Teams

    Wednesday, July 8, 2026
    With data regions now spanning …Read More »
  • DXC Opens Flagship AI-first Customer Experience Center in Bengaluru

    Tuesday, July 7, 2026
    Strengthens DXC’s India presence with …Read More »
  • D-Link Brings Advanced AI Fall Detection and Privacy Protection to Home Elderly Care with the New DCS-8610 Wi-Fi Camera

    Monday, July 6, 2026
    Advanced technologies traditionally found in …Read More »
  • ICAC Commissioner attends first IAACA European regional anti-corruption conference in Hungary

    Friday, July 3, 2026
    BUDAPEST, Hungary, July 2, 2026 …Read More »
  • Our Brands
  • DigiconAsia
  • MartechAsia
  • Home
  • About Us
  • Contact Us
  • Sitemap
  • Privacy & Cookies
  • Terms of Use
  • Advertising & Reprint Policy
  • Media Kit
  • Subscribe
  • Manage Subscriptions
  • Newsletter

Copyright © 2026 CybersecAsia All Rights Reserved.