Cybersecurity Awareness Month: It’s all about using AI
Cybersecurity reports continue to highlight how cybercriminals are using AI to launch more sophisticated attacks on organizations, making it harder for businesses to detect and protect their data.
While Cybersecurity Awareness Month takes place every October, the importance of building resiliency and strengthening cyber defenses should not only be highlighted during a specific month but be a constant reminder for everyone.
The Asia Pacific region in particular continues to witness increasing sophisticated cyberattacks. Reports from cybersecurity vendors continue to highlight how cybercriminals are leveraging AI to launch more sophisticated attacks on organizations, making it harder for businesses to protect against cyberattacks. At the same time, nation state hackers are also getting better and are wreaking havoc on government agencies and critical infrastructures.
Countries in the region are also enhancing data protection laws and enforcing stricter regulatory requirements to safeguard citizen data. Cybersecurity vendors are also doing their part with their channel ecosystem and are working with their partners to ensure businesses understand how they can have the best cybersecurity for their organization.
Several tech leaders from the region shared their views with CRN Asia on the increasing cyberattacks in the region and why it’s important to make the most out of the Cybersecurity Awareness Month.
Ananth Nag, Vice President and General Manager, APAC, Rubrik
The recent slew of high-profile cyber incidents in Asia-Pacific, affecting various industries such as banking, telecommunications, and even consumer goods, places a spotlight on one hard truth this Cybersecurity Awareness Month: visibility alone isn’t enough. Proper protection comes from cyber resilience – preparing for when, not if, a cyberattack occurs, and ensuring swift, secure data recovery with minimal disruption.
As organizations rapidly harness generative and agentic AI to supercharge their digital transformation efforts, the same technology is also introducing new vulnerabilities. It is powering more sophisticated AI-based attack techniques, rendering traditional detection and response models incomplete.
Enterprises must, hence, ‘fight fire with fire,’ leveraging intelligent AI-powered cyber resilience that combines identity management, real-time threat intelligence, and automated recovery with existing cyber hygiene standards, such as Zero Trust and immutable backup systems, to outpace threat actors and safeguard their most critical assets.
With AI fuelling a surge in identity and credential-based attacks, where attackers log in rather than hack in, frontlines have shifted from simple perimeter defense to the unpredictable, distributed environment of identity-driven and AI-powered attacks. Identity has become the new perimeter, and a single compromised credential has the potential to stop operations. Identity resilience is now imperative – protecting every human and non-human identity with continuous monitoring, proactive risk mitigation, and automated recovery to prevent breaches from escalating into full-scale crises.”
Beni Sia, General Manager and Senior VP of Asia Pacific and Japan, Veeam
This Cybersecurity Awareness Month, it is important to recognize that the threat landscape has shifted to a new phase. The cybersecurity and data resilience ecosystem in Asia Pacific is facing unprecedented pressure, not only from direct attacks but increasingly from weaknesses in third-party vendors and supply chains. A recent study from Security Scorecard revealed that all of Singapore’s top 100 companies suffered at least one vendor-related breach in the past year, with global headlines reminding us that retailers and consumer-facing industries have fallen victim to such attacks.
At the same time, the latest data from Coveware, Veeam's leading authority in ransomware response and cyber extortion trends, shows that social engineering through phishing, credential theft, and business email compromise has overtaken software vulnerabilities as the leading attack vector. These trends confirm that the weakest link is often human or procedural, not technical.
Organizations must therefore look beyond compliance-driven checkboxes and instead embed resilience into their culture and governance. That means minimizing unnecessary data collection, ensuring third-party accountability, and preparing for rapid recovery as the final safety net.
Cybersecurity may feel daunting, but much of the groundwork has already been laid. By building on existing standards, infrastructures, and best practices, businesses can strengthen trust while safeguarding their future.
Remus Lim, Senior Vice President of Asia Pacific and Japan, Cloudera
As enterprises race to harness AI and cloud innovation, cyber criminals are just as quick to exploit the complexity of siloed data, fragmented access, and inconsistent controls. Beyond just stopping ransomware or tightening firewalls, the challenge today is more about achieving visibility and control across sprawling, multi-cloud environments.
According to the Singapore Cyber Landscape 2024/2025 report, 2024 saw record-breaking Distributed Denial-of-Service (DDoS) attacks, with Asia accounting for 60% of global targets, demonstrating how hidden dependencies beyond an enterprise’s control widen the attack surface for cyber threats.
Resilience in this new digital landscape requires embedding governance throughout the data lifecycle. Unified visibility and zero-trust principles provide the guardrails for accountability and compliance, while automation enables enterprises to detect anomalies and enforce policies at scale. By consolidating oversight across platforms and reducing misconfigurations, enterprises are empowered to strengthen protection without sacrificing agility.
Moving forward, enterprises that integrate governance into every stage of data management will be best positioned to innovate responsibly with AI and meet increasingly stringent regulatory requirements. Ultimately, resilience is determined by how effectively we protect the data that powers our future.
Wai Kit Cheah, Senior Director, Products and Solutions, APAC, Lumen Technologies
Cybersecurity Awareness Month reminds us that foundational safety begins with simple, consistent cyber hygiene: strong passwords, multi-factor authentication, active scam awareness, and timely software updates. However, industry data shows a critical gap. Despite rising cybersecurity awareness efforts, APAC saw a 13% jump in cyberattacks in 2024, making up 34% of all global incidents.
Ransomware remains a primary driver, and malware cases linked to this often target the manufacturing sector and other industries still dependent on vulnerable legacy systems. This trend clearly indicates that enterprises must move beyond basics. Systemic defences need strengthening: enhanced infrastructure visibility, robust identity and access controls, zero-trust architecture, and mature AI governance.
Only by coupling these systemic investments with persistent cyber hygiene can organizations forge a truly proactive resilience, ready to withstand threats before they turn into crises. Ultimately, cybersecurity is a shared responsibility, requiring ownership from both individuals and organizations.