从端点防护到供应链安全 (English Only)

As 2025 unfolds, CISOs in Southeast Asia and Hong Kong face an increasingly complex and hostile cyber threat environment. The technologies meant to accelerate transformation intensify risks, and geopolitical tensions and regulatory changes have combined.

The Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) reported a record surge in phishing attacks in 2024, with phishing incidents rising by 108% year-on-year and malware cases increasing nearly fivefold, signalling a significant escalation in threat activity.

Southeast Asia similarly confronts rising cyberattacks targeting critical sectors like finance, government, and technology hubs such as Singapore. Ransomware and remote access trojans (RATs) are among the most prevalent attack vectors.

Endpoint security: The frontline defence

Dr. Sung Liu, a security specialist and senior product advisor at CITIC Telecom CPC, highlights endpoint security as a critical challenge for enterprises undergoing digital transformation.

He stresses that "endpoint defence is the first line of defence for enterprises" and urges organisations to "start with endpoint protection early to allow businesses to focus on their growth while mitigating cyber risks."

He advocates controlling employee use of applications and shadow IT tools to reduce data leakage risks. He also recommends sandboxing suspicious files or links to prevent malware from spreading.

This focus on endpoint security aligns with broader industry priorities.

According to a LinkedIn analysis of CISO priorities for 2025, endpoint protection and response remain a top concern, alongside identity and access management, cloud security, and zero-trust architecture. 

The growing sophistication of attacks targeting endpoints demands rapid detection and containment capabilities, a point Liu underscores by citing cases where "quick incident response prevented ransomware from spreading beyond initial devices."

Growing supply chain and third-party risks

HKCERT's 2025 outlook identifies supply chain security as one of the primary cyber risks in Hong Kong. This reflects a global trend in which attackers exploit weaker third-party vendors to breach critical infrastructure and enterprises.

Ir Alex Chan of HKPC, speaking on behalf of HKCERT, warns that "hackers prefer the path of least resistance, shifting their focus to breaching through third parties such as suppliers, contractors or service providers."

This threat extends to energy, transportation, banking, and healthcare sectors, with IoT devices like digital signage emerging as vulnerable attack surfaces.

Liu echoes this concern by recommending that enterprises augment their capabilities by engaging third-party managed security service providers (MSSPs).

"CITIC Telecom CPC's TrustCSI Managed Security Services, which combine AI-driven threat detection with deep industry expertise, exemplify the kind of partnership CISOs should consider to address complex supply chain and endpoint risks effectively." Sung Liu

Cybersecurity-as-a-service and managed security

The complexity and rapid evolution of cyber threats have accelerated the adoption of Cybersecurity-as-a-Service (CaaS) and managed security services in the region. Canalys forecasts a 15% growth in managed services revenue in the Asia-Pacific region in 2025, mainly driven by demand for security-first models that integrate compliance, vertical expertise, and cloud-first strategies. This trend reflects shifting from traditional IT support to co-managed, security-centric partnerships.

Liu advocates leveraging such managed services to compensate for internal skill shortages and technology gaps. He stresses the importance of "integrated infrastructure, networks, operations, and cloud application services to build a robust cybersecurity posture."

This approach aligns with the broader industry recognition that cybersecurity requires specialised expertise and scalable, on-demand solutions to keep pace with evolving threats.

AI and emerging tech: Double-edged swords

Artificial intelligence (AI) is a major theme in cybersecurity for 2025, both as a defence tool and as a vector for new threats.

HKCERT highlights AI content hijacking as an emerging risk, while industry experts note that attackers increasingly use AI to automate and sophisticate attacks.

Liu points to the integration of AI in managed security services as a way to enhance threat detection and response capabilities and enable faster incident containment.

However, the adoption of AI and IoT also expands the attack surface. Southeast Asia's rapid digitalisation and growing cryptocurrency adoption are attracting cybercriminals who target digital assets and blockchain platforms. CISOs must, therefore, balance innovation with rigorous security controls and continuous monitoring.

Regulatory and workforce challenges in Southeast Asia

Southeast Asia's cybersecurity landscape is shaped by a patchwork of regulatory frameworks and a persistent shortage of skilled cybersecurity professionals. Governments in Singapore, Malaysia, and Indonesia have introduced stricter regulations emphasising data protection and breach reporting, while regional cooperation under ASEAN aims to combat transnational cybercrime. Nonetheless, the gap between digital adoption and cybersecurity awareness remains a critical vulnerability.

Positive Technologies' analysis underscores the need for improved digital literacy and practical training to reduce the region's exposure to cyber threats. It notes that "digital literacy across the population is improving at varying rates but generally falls behind the pace of digitalisation." CISOs must invest in employee training and awareness programmes as a foundational defence layer, complementing technical controls.

Practical recommendations for CISOs in 2025

Liu suggests CISOs in Southeast Asia and Hong Kong prioritise the following actions:

• Implement robust endpoint protection early, including application control, sandboxing, and rapid incident response capabilities to contain threats before they spread.
• Strengthen supply chain security by vetting third-party vendors, conducting regular audits, and leveraging managed security services with local expertise and compliance knowledge.
• Adopt Cybersecurity-as-a-Service models to access scalable, AI-enhanced threat detection and response, addressing skill shortages and regulatory complexities.
• Prepare for AI-driven threats by integrating AI-powered security tools and continuously monitoring emerging risks such as AI content hijacking and attacks on digital assets.
• Enhance workforce capabilities through ongoing training, awareness programmes, and collaboration with regional initiatives to improve digital literacy.
• In proactive incident response planning and regular penetration testing to ensure readiness against increasingly sophisticated attacks.

The cybersecurity environment in Southeast Asia and Hong Kong in 2025 demands a multi-layered, adaptive approach. Sung advises CISOs to "balance innovation with vigilance, leveraging technology and collaboration to safeguard their organisations against evolving cyber.