Artificial intelligence (AI) is rapidly reshaping how businesses operate in Southeast Asia. From predictive analytics in retail to automation in logistics and healthcare, AI is unlocking unprecedented levels of efficiency and insight. Yet, this digital progress comes with a cost: a growing attack surface for cybercriminals.
The Singapore government’s forward-looking Budget 2025 demonstrates the country’s strong commitment to AI adoption. The S$150 million Enterprise Compute Initiative and other measures are designed to help businesses harness high-performance computing for AI development. However, as organisations embed AI into their operations, the associated cybersecurity risks become more urgent. AI-driven threats are growing in speed, complexity, and precision—making traditional security models increasingly inadequate.
Geraldine Lam, Country Manager of Exclusive Networks Singapore, shares how businesses must rethink their cybersecurity strategies in 2025 to navigate the opportunities and emerging risks of AI.
The thrills and risks of AI in cybersecurity
AI has become both a powerful enabler and a formidable adversary in cybersecurity. On the defensive front, it empowers organisations with intelligent tools that can identify and respond to threats faster than ever. AI-powered analytics can detect real-time anomalies, isolate infected systems, and even trigger containment protocols autonomously.
At the same time, malicious actors are leveraging AI to scale their attacks. Deepfake impersonations, AI-generated phishing scams, and adaptive malware are now bypassing traditional detection systems. These attacks are more convincing, harder to detect, and capable of replicating at scale.
“The issue isn’t speed – it’s about whether we’re building a resilient, future-proof cybersecurity strategy that evolves with the threat landscape,” says Lam. While the cybersecurity industry continues to innovate, businesses must ensure their defence strategies evolve just as quickly. Supporting this shift, companies are turning to cybersecurity specialists like Exclusive Networks, who offer both technology guidance and strategic implementation support. As Lam explains, building scalable and adaptive frameworks is essential to staying ahead of AI-led threats.
Cybersecurity predictions for 2025 and the impact of Budget 2025 initiatives
Cybersecurity risks in 2025 are not limited to opportunistic attacks. Regional instability is fuelling a surge in cyber conflicts, with state-linked actors increasingly targeting critical infrastructure. Energy grids, healthcare systems, and transport networks have become frequent targets, often through vulnerabilities in interconnected systems and supply chains.
Singapore has seen a sharp rise in attacks against high-risk sectors such as finance, healthcare, and manufacturing. In particular, 11% of manufacturing organisations reported breach costs exceeding S$10 million—substantially higher than the global average of 7%. These figures highlight the real-world financial impact of sophisticated cyberattacks on essential services.
In response, organisations are adopting modern cybersecurity frameworks such as Zero Trust Architecture, which assumes no internal trust, and Post-Quantum Cryptography, which addresses the long-term risks of quantum computing. Supply chain risk management is also becoming a standard practice, particularly in ecosystems that rely heavily on third-party vendors.
Singapore’s Budget 2025 supports these changes. By allocating funds to AI development and digital infrastructure, the government encourages organisations to pursue innovation while modernising their cybersecurity postures. The emphasis is now on building systems that are secure by design, where cybersecurity is considered from the outset, not bolted on after development.
ASEAN is also working towards a unified cybersecurity framework at the regional level. As cyber threats grow in scale and cross-border complexity, cooperation across Southeast Asia will be essential for long-term resilience.
Workforce strategies to address cybersecurity talent shortages
One of the most significant challenges in the cybersecurity space is the global shortage of skilled professionals. This issue is especially pressing for small and medium-sized enterprises (SMEs), which often lack the resources to build dedicated security teams. Despite this, SMEs face more sophisticated threats than those targeting larger companies.
Many SMEs are turning to Managed Security Service Providers (MSSPs) to address this gap. These providers offer continuous threat monitoring, incident response, and compliance support. By outsourcing their cybersecurity needs, SMEs gain access to expert protection without the overhead of hiring and retaining specialised talent.
Exclusive Networks play a central role in supporting this model. Through partnerships like its collaboration with Palo Alto Networks, the company enables MSSPs to deliver enterprise-grade security solutions such as Prisma Cloud and Cortex XDR. These platforms use AI to detect and respond to threats effectively across cloud environments and endpoints.
“This model allows SMEs to reduce costs, enhance security, and scale defences as needed,” Lam explains. Flexibility is essential for smaller businesses dealing with limited internal capacity and growing cyber risks.
Just as important as access to tools is the need to upskill. As AI advances, so too must the capabilities of security professionals and AI developers. Exclusive Networks addresses this through its Exclusive Training Centre (ETC), which offers technical training in areas such as cloud security, firewall management, and threat detection. Courses are delivered both online and in person, and often in local languages to ensure accessibility across Southeast Asia.
This long-term investment in education strengthens technical capabilities and builds a culture of cybersecurity awareness, preparing teams to recognise and manage threats more effectively. These workforce challenges are even more pressing in sectors facing heightened exposure. Across Southeast Asia, some industries are carrying heavier cyber risks than others.
Cybersecurity risks for ASEAN businesses
The World Economic Forum’s Global Cybersecurity Outlook 2025 identifies finance, healthcare, and critical infrastructure as top targets in Southeast Asia. These sectors hold highly sensitive data and deliver essential services, making them attractive to cybercriminals and politically motivated actors.
While finance and healthcare have traditionally invested in structured defences, manufacturing is emerging as a high-risk sector. The industry’s fast adoption of smart technologies and cloud-based supply chains, combined with continued reliance on legacy systems, has created multiple vulnerabilities.
Many manufacturers have prioritised operational safety over cybersecurity. Limited training, outdated systems, and a lack of dedicated cybersecurity personnel leave these firms particularly exposed to ransomware, phishing, and supply chain intrusions.
The consequences can be severe, ranging from halted production and financial loss to reputational damage and regulatory penalties. To reduce exposure, manufacturers must modernise their digital infrastructure, deploy AI-powered threat detection, and implement basic protections like software patching and network segmentation.
Whether in finance, manufacturing, or healthcare, one theme is clear: cyber threats are growing in step with digital transformation. To stay protected, organisations must build cyber resilience from the inside out.
Strengthening cyber resilience in an AI-driven world
AI is becoming central to both innovation and cybersecurity threats. As more organisations embed AI into their operations, the ability to anticipate and prevent threats before they occur is becoming critical.
This shift demands a proactive approach. Cybersecurity must be integrated into every stage of the business—from product development and IT architecture to board-level strategy and compliance.
Cross-functional collaboration plays a vital role. AI developers, security teams, and business leaders must work together to ensure digital innovation is aligned with risk management. A fragmented approach is no longer sufficient.
Lam underscores the importance of both collaboration and continuous education. She adds that organisations investing in both technology and people will be far better positioned to manage regulatory demands, rising threats, and rapid change. As AI becomes central to innovation and cyber threats, cybersecurity must be treated as a shared responsibility that defines an organisation’s resilience in the digital economy.
