Southeast Asia is in the middle of a large-scale digital transformation. The region’s digital economy was valued at US$263 billion in 2024 and is projected to grow to nearly US$1 trillion by 2030, according to Google, Temasek, and Bain’s “e-Conomy SEA 2024” study. From e-commerce to digital banking, logistics to smart manufacturing, digitalisation is fuelling economic growth across ASEAN.
Yet growth brings new risks. As businesses and governments digitise at speed, they also expand their attack surface. Cybercriminals are taking notice and are increasingly using AI to scale attacks that are faster, stealthier, and harder to detect. What was once opportunistic cybercrime has evolved into more targeted campaigns designed to disrupt supply chains, erode trust, and exploit the region’s growing interconnectivity.
A recent IDC survey commissioned by Fortinet highlights the scale of this challenge. Nearly two-thirds of organisations in ASEAN said they encountered AI-powered cyberthreats in the past year, yet fewer than one in five felt confident in their ability to defend against them. In Southeast Asia’s expanding digital economy, this confidence gap is a clear warning sign.
The visibility gap
Today’s cyber risks are not always loud or obvious. Traditional threats such as ransomware and phishing remain common, but quieter and more complex risks are increasingly disruptive. Unpatched vulnerabilities, insider threats, and software supply chain compromises often bypass traditional defences and strike at the core of business operations.
In the IDC survey, unpatched and zero-day exploits ranked among the most damaging threats across the region, followed closely by insider activity and cloud misconfigurations. These attacks succeed because they exploit weaknesses that are hidden in plain sight, the blind spots created by fragmented systems, legacy processes, or human error.
Improving visibility is therefore a critical step towards resilience. Organisations need integrated monitoring across endpoints, networks, cloud environments, and operational technology. They also need the ability to detect anomalies and respond in real time, because in the era of AI-powered cybercrime, delays are measured in seconds.
Complexity is the new enemy of security
If visibility is the goal, simplicity is the enabler. Yet many organisations in Southeast Asia are weighed down by tool sprawl. Security teams often juggle dozens of products from multiple vendors, each with its own dashboards, alerts, and processes. Instead of clarity, they encounter noise. Instead of speed, they face silos.
The IDC survey found that nearly 70% of organisations in Asia-Pacific are already on a consolidation journey, recognising that complexity itself has become a vulnerability. Almost all respondents said they were moving towards convergence of networking and security to integrate defences, reduce costs, and streamline operations.
For lean security teams, and in Southeast Asia, most are lean, with fewer than one cybersecurity professional for every 100 employees, consolidation is not optional. It is a practical necessity. A unified platform approach can reduce fragmentation, improve detection, and allow overstretched teams to focus on what matters most.
Resilience as a business imperative
Ultimately, cybersecurity in Southeast Asia cannot be framed only as a technical issue. It is a business and economic imperative. Cyberattacks are no longer just about downtime or lost data. They directly affect customer trust, regulatory compliance, and national security. According to the IDC survey, more than half of organisations reported financial losses from breaches, with one in four incidents costing over US$500,000. Nearly six in 10 also identified loss of trust as the most damaging consequence.
This is why resilience must become the guiding principle. Resilience means anticipating attacks, withstanding them when they happen, and recovering quickly enough to keep essential operations running. It also means adapting continuously, because the threat landscape evolves every day.
Boards across the region are recognising this shift. Nearly three-quarters of respondents said cybersecurity had become a greater focus at the board level over the past year. That alignment between governance and security strategy is notable, but it must be supported by sustained investment in skills, technology, and collaboration.
A regional path forward
Building resilience in Southeast Asia’s digital ecosystem requires collective action. Governments across the region are investing, from Singapore CSA’s SG$50 million commitment to strengthen Singapore’s cybersecurity sector, to Indonesia’s goal of developing 100,000 digital professionals, to Malaysia’s new funding for its National Cyber Security Agency. Public investment alone, however, cannot close the gap.
Industry and academia must help equip the next generation of cyber professionals, broaden the talent pool, and embed cybersecurity into education, governance, and corporate culture. Cross-border collaboration is equally vital. Cybercriminals operate globally, and defensive efforts must reflect that reality.
The region’s digital transformation is a remarkable success story, but sustaining it depends on whether ASEAN can address visibility gaps, simplify defences, and embrace resilience as a national and regional priority.
