A new study warns that cybercriminals are leveraging artificial intelligence (AI) and automation to strike faster and with greater precision, exposing critical weaknesses in Southeast Asia—a region marked by rapid digital growth and interconnected supply chains. The findings urge businesses to treat cybersecurity as the foundation of digital trust and organizational resilience.
The report highlights a significant surge in sophisticated, multi-layered attacks targeting global enterprises, with Southeast Asia among the most vulnerable. Nearly 70% of breaches involved attackers using at least three entry points simultaneously—ranging from web browsers and cloud applications to networks and human behavior. Alarmingly, 44% of these incidents began with browser-based exploits, taking advantage of everyday workplace tools like file-sharing services and collaboration platforms. Researchers caution that disconnected and siloed security solutions cannot keep pace with attackers who seamlessly move across fragmented IT environments. To counter this, organizations must implement integrated, real-time protection across cloud, endpoint, identity, and network layers.
Phishing has returned as the top method of unauthorized access, responsible for 23% of incidents in 2024. What sets this new wave apart is the use of generative AI, allowing cybercriminals to create convincing phishing campaigns that mimic professional communication styles, workflows, and even individual employee voices. Experts emphasize that traditional once-a-year security training is no longer sufficient. Instead, businesses must adopt continuous, behavior-based awareness programs alongside AI-driven detection tools that monitor anomalies across emails, messaging platforms, and user activities. The goal is to create a dynamic “human firewall” where people and machines work in tandem against evolving threats.
The study also reveals a troubling rise in insider-driven breaches, which tripled in 2024. Nation-state groups—most notably from North Korea—successfully infiltrated companies by posing as job applicants, even using deepfake video interviews convincing enough to secure technical roles and gain insider access. Traditional security measures often fail against attackers disguised as legitimate users. To address this, experts recommend adopting zero-trust frameworks that enforce least-privilege access, continuous verification, and ongoing behavioral monitoring. The report stresses that “trust cannot be assumed; it must be continuously validated.”
Perhaps the most alarming discovery is the accelerated pace of cyber incidents. Data theft, which once took days, now unfolds within hours—sometimes less than one. In 2024, one in four breaches involved data exfiltration within five hours of initial compromise, with some completed in under an hour. Automation and AI have drastically shortened the attacker’s kill chain. The only effective defense, the report notes, is speed: leveraging automated triage, unified threat intelligence, and AI-powered response mechanisms to prevent security teams from lagging behind.
For ASEAN economies—where cloud adoption, cross-border data sharing, and sprawling supply chains intersect—the risks are especially high. The report urges regional leaders to view cybersecurity as a strategic priority, directly linked to resilience and long-term trust. “The most damaging breaches stem from too much complexity, too little visibility, and too much trust,” the report concludes. By embedding security from code to cloud, simplifying operations through automation, and embracing threat-informed strategies, Southeast Asian businesses can turn vulnerabilities into resilience
