Cybersecurity News in Asia

RECENT STORIES:

SEGA moves faster with flow-based network monitoring
Malvertising campaign targets Android users with advanced crypto-steal...
How are people in 15 countries leveraging AI for travel planning?
Insider threats cited alongside external attacks in terms of severity:...
How are people in 15 countries leveraging AI for travel planning?
North America financial institutions lead surge in financial regulator...
LOGIN REGISTER
CybersecAsia
  • Features
    • Featured

      Resilience the true benchmark for smart infrastructure

      Resilience the true benchmark for smart infrastructure

      Wednesday, August 27, 2025, 8:21 PM Asia/Singapore | Features, IoT Security
    • Featured

      Deepfake a crisis of trust, not just technology

      Deepfake a crisis of trust, not just technology

      Tuesday, August 19, 2025, 10:06 AM Asia/Singapore | Features
    • Featured

      When talking sense into AI power mongers fails, talk $$$: A message from AI

      When talking sense into AI power mongers fails, talk $$$: A message from AI

      Thursday, August 14, 2025, 12:26 PM Asia/Singapore | Features
  • Opinions
  • Tips
  • Whitepapers
  • Awards 2025
  • Directory
  • E-Learning

Select Page

Tips

With increasing IT/OT convergence, reacting to any cyber incident is already too late!

By Girish Ramachandrachari, Principal Cybersecurity Solution Architect, Orange Cyberdefense (APAC) | Monday, June 30, 2025, 10:30 AM Asia/Singapore

With increasing IT/OT convergence, reacting to any cyber incident is already too late!

Especially in APAC, the fallout from cyber extortion and related threats is too severe for organizations to rely on reactive strategies.

For organizations that have not been impacted by cyberattacks and do not believe they will be targeted, think again. As technology and digital landscape continues advancing at an exponential rate, so will cybercrimes.

Masterminded by state actors or malicious hacktivist groups intent on causing harm, these attacks are evolving and becoming more sophisticated.

Relying on just traditional, legacy mechanisms will not be sufficient to detect and identify them. In many instances, organizations have been left to scramble from the back foot as teams scurry to take the reactive approach without having control of the reins, unable to anticipate or understand emerging threats without intelligence-led cybersecurity capabilities in place.

Addressing a gaping cyber target in APAC

In the Asia Pacific region, our own research suggests that cyber extortion is being ramped up by syndicates and state-sponsored threats alike, as the region gradually integrates IT into operational technology (OT).

So far, South Korea and Singapore have experienced moderate levels of cyber extortion targeting high-value manufacturing and industrial sectors. Signs from our operations in China have revealed a heavy concentration of internal threats there, with misuse as the primary action affecting end-user devices, based on the data our operations there have gathered.

In contrast, data sources in South-east Asia have seen a 9% decrease in cyber extortion incidents.

Regardless, Cyber extortion is now recognized as the main threat to OT environments, which, unlike IT, dictate specialized requirements that make traditional cybersecurity approaches inadequate. This is because threats facing critical infrastructure, particularly within OT and mobile networks, offer an expanded attack surface that demand comprehensive, cross-functional defenses.SimpLy Gallery

In fact, OT security is now a crucial theme, especially in industries where IT and OT systems are tightly integrated.

Reactions/interventions are already too late

Time has shown it is near impossible to counter threats head-on by merely reacting to vulnerabilities: an evolved cyber landscape means that cybersecurity today is less about containment and more about detection, which involves identifying potential risks to better mitigate, manage, and control the organization’s system architecture.

Yet, many organizations are experiencing this so-called “technology bloat”,  given the number of cybersecurity solutions that have already been deployed that did not necessarily integrate, resulting in disparate systems:

  • Some may already be redundant
  • Others are under-utilized, necessitating a critical review so that those not yielding the desired outcomes can be replaced with a forward-looking architecture
  • Overall, the system does not combine a dual strategy of threat mitigation (with threat-informed prioritization for publicly exposed assets) and risk reduction (focused on the systemic risk reduction for internal environments)

For organizational CIOs / CTOs / CISOs today, they stand at an important crossroad when deciding on the next technology, or convincing the board for such a need, while ensuring returns on investments expectations are also met.

To switch from reacting to and intervening in threat incidents, there should be some urgency in adopting External Attack Surface Management or a combination of vulnerability scanning and informed threat and vulnerability intelligence.

Conclusion

In addition to boosting proactive cybersecurity, incident response readiness should ensure that managed detection and response is not merely a last line of defense, but part of continuous threat exposure management.

Organizations should therefore proactively prepare as best as they can prior to any incident, while integrating threat detection and response activities and the data supplied that would allow the enterprise to anticipate potential (attack) vectors and prioritize resources where needed. By understanding their unique threat landscape, organizations can implement 24/7 intelligence-driven strategies, apply secure-by-design principles, and select tools that match their infrastructure’s maturity.

By understanding their unique threat landscape, organizations can implement 24/7 intelligence-driven strategies, apply secure-by-design principles, and select tools that match their infrastructure’s maturity.



Share:

PreviousCumulative record leaks reach new heights, highlighting growing cyber risks and security gaps
NextUS security agencies urge migration to memory safe programming

Related Posts

Backups are essential, but they are not a cybersecurity strategy on their own

Backups are essential, but they are not a cybersecurity strategy on their own

Monday, May 19, 2025

Juniper Research: Staggering cost of vulnerable software supply chains

Juniper Research: Staggering cost of vulnerable software supply chains

Friday, May 12, 2023

Are SMEs in South-east Asia prone to paying off cyber ransoms?

Are SMEs in South-east Asia prone to paying off cyber ransoms?

Tuesday, August 16, 2022

Who on earth would want to abuse cheery emojis to harm people 🤕?

Who on earth would want to abuse cheery emojis to harm people 🤕?

Thursday, July 20, 2023

Leave a reply Cancel reply

You must be logged in to post a comment.

Voters-draw/RCA-Sponsors

Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
previous arrow
next arrow

CybersecAsia Voting Placement

Gamification listing or Participate Now

PARTICIPATE NOW

Vote Now -Placement(Google Ads)

Top-Sidebar-banner

Whitepapers

  • 2024 Insider Threat Report: Trends, Challenges, and Solutions

    2024 Insider Threat Report: Trends, Challenges, and Solutions

    Insider threats continue to be a major cybersecurity risk in 2024. Explore more insights on …Download Whitepaper
  • AI-Powered Cyber Ops: Redefining Cloud Security for 2025

    AI-Powered Cyber Ops: Redefining Cloud Security for 2025

    The future of cybersecurity is a perfect storm: AI-driven attacks, cloud expansion, and the convergence …Download Whitepaper
  • Data Management in the Age of Cloud and AI

    Data Management in the Age of Cloud and AI

    In today’s Asia Pacific business environment, organizations are leaning on hybrid multi-cloud infrastructures and advanced …Download Whitepaper
  • Mitigating Ransomware Risks with GRC Automation

    Mitigating Ransomware Risks with GRC Automation

    In today’s landscape, ransomware attacks pose significant threats to organizations of all sizes, with increasing …Download Whitepaper

Middle-sidebar-banner

Case Studies

  • CISOs can navigate emerging risks from autonomous AI with a new security framework

    CISOs can navigate emerging risks from autonomous AI with a new security framework

    See how security leaders can adopt layered strategies addressing intent, governance, and oversight to manage …Read more
  • MoneyMe strengthens fraud prevention and credit decisioning

    MoneyMe strengthens fraud prevention and credit decisioning

    Australian fintech strengthens risk management with SEON to scale lending operations securely and efficiently.Read more
  • PT Kereta Api Indonesia announces nationwide email and communication overhaul

    PT Kereta Api Indonesia announces nationwide email and communication overhaul

    The state railway operator’s upgraded email system improves privacy, operational reliability, and regulatory alignment for …Read more
  • Operationalizing sustainability in cybersecurity: Group-IB’s approach

    Operationalizing sustainability in cybersecurity: Group-IB’s approach

    See how the firm turned malware-group takedowns into measurements of sustainability and resilience gains: by …Read more

Bottom sidebar

  • Our Brands
  • DigiconAsia
  • MartechAsia
  • Home
  • About Us
  • Contact Us
  • Sitemap
  • Privacy & Cookies
  • Terms of Use
  • Advertising & Reprint Policy
  • Media Kit
  • Subscribe
  • Manage Subscriptions
  • Newsletter

Copyright © 2025 CybersecAsia All Rights Reserved.