Cyber risk has long been a critical concern for businesses, and the return of Donald Trump to the White House places new urgency on understanding its implications in Southeast Asia.
Ahead of his first presidency, Trump declared, “We have to get very, very tough on cyber and cyber warfare.” His first stint in the Oval Office, during which time he established the Cybersecurity and Infrastructure Security Agency (CISA), delivered on this sentiment. In a stark departure from the previous administration’s emphasis on raising awareness to counter cyber threats, Trump’s first administration adopted a more assertive cyber response to malicious activity.
These changes, coupled with trade restrictions on critical technologies like semiconductors and the blacklisting of Chinese tech firms, cast a spotlight on state-sponsored cyber campaigns, exposing how governments weaponise digital tools for economic and political leverage. What was once the domain of IT departments has since become a key battleground in a new “Cold War.”
A region caught in the crossfire?
Southeast Asia is uniquely vulnerable to geopolitical tensions between the US and China. With China as one of Southeast Asia’s largest trading partners and the US being among the top sources of foreign direct investment, the region is deeply interconnected between the two superpowers. This interconnectedness drives prosperity but also amplifies risk as the region could become a battleground for cyber conflict. The threat is not theoretical.
Ransomware incidents have disrupted power grids, hospitals, and transport networks, highlighting how deeply cybersecurity is intertwined with public safety. Beyond high-profile attacks, businesses face increasing supply chain vulnerabilities, where a breach of one link can cascade across the entire ecosystem. This is why collaboration on cybersecurity within the region is crucial. A cyberattack targeting critical infrastructure in Singapore or Thailand, for instance, could send shockwaves across global supply chains, affecting industries far beyond the region.
See also: Singtel partners with Palo Alto Networks to bolster enterprise security
Cyberattacks targeting Southeast Asia have grown increasingly sophisticated, leveraging artificial intelligence (AI) and advanced technologies to exploit vulnerabilities at scale. Cloud environments, now integral to Southeast Asia’s digital transformation, are a particularly attractive target.
Tenable Research has unearthed how threat actors are exploiting gaps in cloud-specific security, with devastating consequences. Most alarmingly, nearly four in 10 organisations globally are leaving themselves exposed at the highest levels due to the “toxic cloud trilogy” of publicly exposed, critically vulnerable and highly privileged cloud workloads. Each of these misalignments alone introduces risk to cloud data, but the combination of all three drastically elevates the likelihood of exposure access by cyber attackers. For Asean, projected by the ISEAS-Yusof Ishak Institute to contribute US$1 trillion in digital trade by 2030, these risks are existential, threatening to undermine the region’s digital transformation.
Trump Administration officials have noted the importance of prioritising deterrence through offensive cyber strategies while doubling down on securing critical US interests. For Southeast Asia, this geopolitical climate raises the stakes for businesses navigating an increasingly complex threat landscape.
See also: StarHub leverages Red Hat and F5 for its Cloud Infinity
Addressing these risks demands a paradigm shift. Exposure management offers a proactive approach by continuously identifying, prioritising, and addressing vulnerabilities across an organisation’s attack surface. Organisations should be scanning networks for vulnerabilities more than once a year. Ignoring this practice is a surefire recipe for breaches. Continuous monitoring provides the visibility needed to understand where weaknesses lie—whether in cloud environments, third-party systems, or legacy infrastructure—and enables businesses to allocate resources effectively and respond quickly to emerging threats.
In a landscape where cyber risks evolve faster than policies or regulations, exposure management is not just an advantage; it’s a necessity.
Adapting to the new geopolitical reality
The boundaries between state-sponsored actors and cybercriminal enterprises are increasingly blurred, creating a murky ecosystem of digital threats. Trump’s return to the presidency could potentially intensify these challenges as cyber incidents driven by a more confrontational policy approach become more frequent.
So, what can Southeast Asian businesses do? The first step is to recognise that cybersecurity responsibility cannot rest solely on governments or international agreements. While initiatives like the US-China cybersecurity dialogue or regional frameworks such as Asean’s Digital Masterplan 2025 are essential, they are insufficient in isolation. The onus is on organisations to take proactive measures and collaborate across borders to stress cyber hygiene, treating cybersecurity not as an IT issue but as a core component of business resilience.
It’s important to recognise that cyber resilience is not a destination but a journey. Incremental improvements in vulnerability management, workforce training, and collaboration build the foundation for a robust defence. In an era of converging geopolitical tensions and technological change, these efforts are not optional—they are imperative.
As Southeast Asia braces for a new era of potentially heightened geopolitical tensions, the region’s businesses must prepare for an increasingly volatile digital environment. The convergence of advanced threats, geopolitical change, and rapid technological advances demands a mindset focused on resilience. Exposure management, proactive strategies, and cross-border cooperation will be essential to navigate this challenging landscape.
The cyber crossfire is coming. To endure it, Southeast Asia must be ready.
Robert Huber is Tenable's chief security officer, head of Research and resident of Tenable Public Sector
