Cybersecurity is at an exciting crossroads today, with AI reshaping the landscape in unprecedented ways. AI serves as both a powerful ally and formidable adversary, transforming how we approach security. Tools like Copilot and DeepSeek AI offer significant benefits to organisations, yet they also arm cybercriminals with the means to execute more sophisticated and elusive attacks, making the cybersecurity battlefield more dynamic than ever.
Cyber incidents in APAC are estimated to cost businesses over US$1 trillion annually. A CoinDesk report titled “Driven by Demand: The People-Powered Crypto Movement in APAC” found that digital asset adoption reached 22% in 2024, nearly three times the global average of 7.8%. Together, these figures highlight the critical importance of protecting digital assets and enhancing operational resilience in an increasingly digital world.
Security leaders must understand AI’s role in the threat landscape to develop intelligent, adaptive strategies and stay ahead of sophisticated attacks.
Understanding identity attacks and the role of cloud
AI tools are not only enabling attackers to create malicious code but also accelerating their entire attack process. Attackers can now gather information through automated reconnaissance and bypass protective measures much faster than before. This is evident in identity attacks and cross-border AI risks.
Research from Push Security highlights a new method of bypassing identity authentication controls known as cross-IDP impersonation. This method allows attackers to exploit SaaS applications and identity providers (IDPs), impersonating users without triggering security alerts.
This issue is particularly prevalent in cloud environments, where attackers can mimic domains, bypass multi-factor authentication (MFA), and access sensitive systems undetected. These attacks are incredibly challenging to detect, with traditional and even modern CNAP security tools often failing to pick them up, leaving organisations unaware that a breach has occurred.
This underscores the need for robust identity and access management systems, especially for cloud-reliant organisations. As defenders, we must stay vigilant and continually reassess our security controls to address emerging threats. The more cloud-based a company is, the greater the risk — making it crucial to adapt and strengthen security measures continuously.
The growing concern of cross-border AI risks
Another issue leaders must be aware of is the risk associated with cross-border data and AI tool usage. As generative AI integrates into business operations, concerns about data breaches and the balance between regulatory demands and ethical use are growing.
Governments, especially in the EU, are drafting AI regulations, with countries like Singapore taking an equally proactive approach to AI governance through frameworks such as the Model AI Governance Framework for Generative AI, launched in January 2024 to support responsible AI use. The challenge remains in managing data jurisdiction and residency, as AI tools often operate across borders without clear boundaries.
Organisations need controls such as data masking and policies that safeguard data in the correct regions. However, regulations alone won’t solve this problem. Education and awareness are essential for ensuring the secure management of these tools by organisations and their employees.
The rise of shadow AI and what it means for organisations
In a similar vein, the rise of generative AI tools like DeepSeek AI introduces the unique challenge of “shadow AI.” Many companies are grappling with how to manage these tools effectively, given the risks they pose. While banning them outright might seem like a solution, it often leads to their shadow use without the organisation’s knowledge.
One recent incident in Japan saw employees at a major financial institution using unauthorised AI tools to analyse customer data. This led to a breach of sensitive financial information, resulting in regulatory fines and a loss of customer trust. Closer to home, three men were recently charged in a fraud case linked to Nvidia AI chips, highlighting the risks associated with shadow AI, where unauthorised systems operate outside official oversight.
The challenge lies not just in the technology itself but in how people use it. Security and business leaders must educate staff on the benefits and risks of generative AI, similar to how phishing education has been approached in the past. People need to be made aware of the risks and how to use these tools responsibly, rather than simply issuing a blanket ban.
Beyond awareness, organisations must be proactive in developing secure AI frameworks to ensure data protection, retention, and safe sharing.
Understanding the threat landscape: What CISOs need to know
Given the rise of AI-powered attacks, it’s crucial for Chief Information Security Officers (CISOs) to adapt their strategies accordingly. The key to defending against these threats is understanding how attackers operate. AI is just another tool that attackers use to accelerate their efforts. If your mean time to remediation (MTTR) is still measured in days, you’ve got a problem.
The reality is that attackers are still after the same thing: data or disruption. AI doesn’t change their goal, it just brings the goalpost closer. Identifying threats early and stopping them before they cause harm puts you in the strongest position possible to defend your goal line.
One of the best ways to get ahead of these threats is by focusing on early detection. Continuous testing of a security environment is a powerful starting point — whether through vulnerability scanning, red teaming, or simulated attacks. It’s about identifying attack vectors and closing them as quickly as possible. The faster you shut down attack paths, the better your security posture will become.
The future of AI in cybersecurity: Automation and ethical considerations
AI-driven automation will increasingly enhance threat detection and response, but many organisations hesitate to fully adopt it due to concerns about errors and disruptions. Automated responses can be powerful, but they risk stopping business-critical processes or triggering false positives.
Generative AI has incredible potential to improve decision-making. As AI becomes more sophisticated, automated threat responses will become more reliable. But building trust in AI systems — and ensuring they don’t disrupt essential business operations — will take time, and it’s a process we must work towards.
Undeniably, the intersection of AI and cybersecurity is reshaping defence strategies, offering both opportunities and risks. By focusing on education, collaboration, continuous testing, and early detection, organisations can strengthen defences against the evolving threat landscape.
