With digital transformation accelerating across Asean, policymakers and business leaders face a dual challenge: unlocking the potential of the Digital Economic Framework Agreement while safeguarding against escalating cyber threats.
While several Asean-level cybersecurity cooperation initiatives have been launched, implementation remains a challenge due to slow progress in intelligence sharing between multiple stakeholders; both government agencies and enterprises. The key challenge is balancing privacy concerns and innovation while keeping up with evolving threats.
Here’s how emerging technologies such as decision intelligence platforms and federated learning can address these issues to promote collective intelligence across the region.
Collective cybersecurity requires collective intelligence
According to UNODC estimates, financial losses from scams targeting victims in East and South East Asia, ranged between US$18 billion and US$37 billion in 2023 alone. Industry reports suggest that the Asia Pacific region is most susceptible globally to phishing attacks targeting financial institutions.
Several initiatives have been launched by Asean states to tackle cybersecurity at a regional level, including the Asean Regional Computer Emergency Response Team and the Norms Implementation Checklist for ASEAN states, that translates the UN eleven norms of responsible state behavior in cyberspace into practical steps.
See also: Singapore executives see rising financial crime risk, lack confidence in compliance
Additionally, the Asean Cybersecurity Cooperation Strategy 2026-30 is being developed, with the aim of enhancing regional cybersecurity measures, building on the foundations set by cooperation strategies of 2017-20 and 2020-25. Securing cross-border data flows, establishing robust data governance frameworks, such as the Asean Data Management Framework and Asean Model Contractual Clauses for ensuring data security, regulatory compliance, and seamless cross-border business operations, is seen as critical in the upcoming phases.
However, implementation remains the key challenge for these initiatives. To begin with, levels of national cybersecurity readiness, governance, accountability frameworks is at different levels across the region.
Crucially, experts believe that while cyber capabilities are expanding, military, intelligence and law enforcement agencies are not keen to discuss operations and strategies. Varying data protection laws and enforcement procedures raise concerns about data breaches, illegal access, and misuse of personal information.
See also: Singapore banks face an automation reckoning in 2025
Trust and collaboration hold the key to scaling cybersecurity efforts across the region. Just as continuous dialogus, knowledge sharing and capacity building nurtures confidence among stakeholders, technological infrastructure and use cases demonstrating data privacy and real-time analysis will encourage intelligence sharing.
Composite AI for collective intelligence
Composite AI refers to the integration of multiple AI methodologies, including decision intelligence platforms (DIPs) for real-time decision automation, federated learning for privacy-preserving collaborative intelligence, and AI-driven threat modelling for cybersecurity risk assessment.
By leveraging these techniques, Asean members can strengthen cross-border threat detection while maintaining data sovereignty.
A DIP is the technical infrastructure that provides a real-time unified view of data from multiple sources and insights that are transformed into decisions and actions for specific outcomes.
Federated learning with privacy preservation techniques is a decentralised machine learning approach, enabling multiple organizations to collaboratively train algorithms without exchanging raw data. Each participant trains the model on their local data, and only the model updates are shared and aggregated to build a global model. This method preserves data privacy and complies with data sovereignty regulations.
Integrating decision intelligence for proactive cyber defence:
To stay ahead of the latest tech trends, click here for DigitalEdge Section
Decision intelligence can augment cybersecurity posture by:
- Contextualised and unified visibility: DIPs map out all assets across cloud platforms, track changes as they occur and maintain up-to-date organisational context to inform decisions.
- Real-time threat detection: DIPs continuously monitor the cloud environment, providing early warnings and allowing teams to reroute or take preventive action before damage occurs.
- Predictive analytics: DIPs anticipate potential vulnerabilities by analysing historical patterns and emerging trends, shifting from reactive to proactive security management.
- Explicit and transparent decisions: DIPs combine data analytics and AI techniques to generate explicit and auditable decisions.
- Continuous learning: DIPs evaluate outcomes from decisions and actions and consistently improve decision models based on feedback.
Benefits of federated learning in Asean's Cybersecurity Framework
Implementing federated learning within Asean's cybersecurity framework offers several advantages:
- Data Privacy and Sovereignty: Federated learning allows participants at a national level [government agencies and local enterprises] and regional level [ASEAN member state national agencies] to collaborate on threat intelligence without sharing raw data, addressing concerns related to data privacy and sovereignty.
- Enhanced Threat Detection: By aggregating model updates from diverse datasets across the region, federated learning can improve the accuracy and robustness of threat detection systems, enabling the identification of sophisticated cyber threats that may not be detectable by individual nations.
- Resource Optimisation: Collaborative model training reduces redundancy and optimises resource utilisation, allowing member states to benefit from shared intelligence without incurring significant additional costs.
How would this work in practice?
A multi-level intelligence-sharing model can facilitate secure cybersecurity collaboration in Asean. This framework integrates decision intelligence platforms for real-time security automation and federated learning for cross-border intelligence-sharing while preserving data privacy.
And in what kind of sectors could such a model work? In the whitepaper, Better Intelligence Is Collective: Unlocking The Potential of AI with Federated Learning, experts share that early adopters could possibly be central authorities in highly regulated sectors such as digital trade, digital payments, ecommerce, air traffic, ports etc. that already demonstrate the highest level of digitalisation.
Banking as a use case:
Level 1 (Organisational) – DIPs deployed within individual banks detect threats, generate automated decisions, and enhance security operations.
Use Case: Human Managed worked with a major Asean bank to protect their distributed digital assets and enhance the maturity of its security operations.
Relevant data sources were curated, digital assets and security controls were catalogued with their context and relationships. The data catalogues and graphs formed the knowledge base to generate decision intelligence for cloud security, SecOps and fraud management.
Over time, a decision navigation system was built to support the bank’s strategic, tactical and operational decisions. The results were transformative, resulting in a 90% reduction in network security violations, a 97.8% reduction in mean time to respond (MTTR) to phishing attacks and a 97.9% reduction in MTTR to DOS attacks.
Level 2 (National Level) – Federated learning aggregates anonymised intelligence from multiple banks, improving fraud detection models without sharing sensitive data.
Use Case: In Singapore, banks and telcos have been assigned duties for a shared responsibility fraud framework to protect consumers from fraud. Banks need to perform real-time fraud surveillance to detect if a customer’s account is being drained due to a phishing scam and send outgoing transactions to consumers. Similarly telcos need to implement a scam filter for SMSs.
In individual banks and telcos, DIPs can be developed to trigger alert outcomes to notify customers. Additionally, banks and telcos can share annonymised intelligence to a central platform leveraging federated learning techniques for improved fraud detection training models.
Level 3 (Regional) – Asean-wide federated learning hubs aggregate national intelligence flows, enabling proactive regional cybersecurity coordination under Norm 13a.
Use Case: Under Norm 13a, “Inter-State Cooperation on Cybersecurity” Norm, of the Asean Norms Implementation Checklist for responsible state behaviour in cyberspace, the technical pillar recommends building the infrastructure needed to facilitate information exchanges with other states, developing cybersecurity capabilities for endpoint protection via automatic updates, to prevent, detect or disrupt malicious ICT acts.
Regional hubs of information powered by federated learning technologies would enable sharing of intelligence while protecting privacy for stakeholders.
A collaborative Asean secures the region
The Asean Norms Implementation Checklist is a regional first. Not only does it serve as a guideline for responsible national behaviour for Asean member states but also for countries beyond the region, in supporting efforts in building a more secure cyberspace.
Asean leaders are early adopters who are entering new territory as a collective and while the unfamiliar can be daunting, the collaborative intent is exciting. They are building a future where human and machine interactions can leverage decision support, decision augmentation and decision automation to enhance cybersecurity in the region.
Many unknowns need to be worked through, but with the technical solutions for balancing privacy and innovation are already available. Ultimately, it all comes down to the collective will for intelligence sharing, to secure the region on its transformative digital journey.
Karen Kim is the CEO Human Managed
