Cyber threats driven by artificial intelligence (AI) have surged by two to three times in Singapore and around the Asia-Pacific region including Japan and China, according to insights from cybersecurity firm Fortinet. The data, released at Fortinet Accelerate Singapore in mid-May, highlights a sharp acceleration in threats driven by increasingly sophisticated AI tools.
According to Fortinet, at least 56% of APJC industries (technology, BFSI energy, manufacturing, retail, public sector, healthcare, education, and logistics) reported experiencing AI-driven cyber attacks over the last year. Of these, 52% saw a two-fold increase, while 42% witnessed a three-fold surge. The most common AI-powered threats are deepfakes, AI-enhanced reconnaissance, polymorphic malware, data poisoning, and zero-day exploits.
"AI has really lowered the barrier of entry and raised the ceiling of impact," said Jess Ng, Fortinet's country head for Singapore and Brunei. Cyber attacks, she explained, have become quicker, deadlier, and pricier to deal with - to the tune of thousands of scans per second and billions of attempts to exploit target systems just in the last six months.
Fortinet's findings also highlighted how AI is no longer just a tool for defenders — it has become a powerful asset in the hands of cybercriminals, who are now using AI to supercharge their tactics, enabling attacks to be faster, more targeted, and harder to detect.
Singapore companies underprepared for AI attacks
Regional trends show that many companies in Singapore are still underprepared, with less than one out of five (18%) being very confident in their ability to defend against AI-powered threats.
At least 32% of Singapore-based respondents admitted that AI threats are outpacing their detection capabilities, while at least 5% of the surveyed individuals said that they have no ability to track these threats.
Cyber risk is now a constant
Cybersecurity in Singapore is no longer characterised by isolated incidents — it has evolved into a persistent and evolving threat landscape, said the Fortinet experts. Companies are now facing continuous exposure to cyber risks, with a wide range of attack vectors posing growing challenges.
The most prevalent threats reported include software supply chain attacks (74%), ransomware (70%), phishing (64%), cloud infrastructure vulnerabilities (52%), and insider threats (46%). Software supply chain is an especially severe concern for Singapore due to the country's status as a major trading hub where multiple supply chain lines converge.
The types of cyber threats are also changing. While traditional threats like phishing and malware are increasing at a modest pace of about 10%, more complex and faster-growing risks are taking the lead. These include ransomware attacks, which have surged by 28%, along with cloud vulnerabilities and supply chain breaches, each growing at 18%. Attacks on Internet of Things (IoT) and operational technology (OT) systems (17%), as well as insider-related incidents (15%), are also gaining momentum, said the report.
The consequences of these threats are becoming more severe. Beyond system downtime, the most commonly reported impacts include a loss of customer trust, regulatory fines or penalties, data breaches, and disruptions to business operations. Financial losses are also mounting — over half (52%) of the companies surveyed reported breaches that resulted in monetary damage, with about one in three incidents leading to losses exceeding US$500K.
This growing threat landscape underscores the urgent need for companies to adopt a more proactive and resilient cybersecurity approach, moving beyond reactive measures to address the full spectrum of emerging risks.
Teams under pressure: Few people, many problems
Understaffing in relation to the volume of threats is a huge problem. While AI has enabled attackers to launch massive numbers of fully automated attacks, most companies in Singapore are operating with bare-bones cybersecurity teams. For every 100 employees, there’s less than one full-time cyber expert on guard.
Leadership in cybersecurity is also lacking. Fewer than 16% of companies have a dedicated chief information security officer, and most still delegate cyber responsibilities to general IT staff. Specialised capabilities are rare — only 6% of companies have teams focused on advanced functions like threat hunting. And to make the situation even more challenging, more than half (52%) of organisations have trouble retaining cybersecurity talent.
Among the biggest pain points reported: more than half of companies are overwhelmed by the sheer volume of threats (54%) and struggle to retain skilled talent (52%). Meanwhile, about 44% find their cybersecurity tools too complex to manage effectively, making it even harder to mount a strong defense.
Cybersecurity budgets grow, but gaps remain
Even as cyber threats escalate in scale and sophistication, cybersecurity spending remains modest for most companies. On average, it makes up just 15% of IT budgets — translating to a little more than 1% of total company revenue.
While nearly 70% of businesses in Singapore reported increasing their cybersecurity budgets this year, the majority of those hikes were relatively small — under 10%. Still, spending patterns are evolving. Companies are beginning to prioritize strategic initiatives such as identity and access management, SASE and Zero Trust architectures, cyber resilience, and cloud-native application protection, moving beyond traditional infrastructure investments.
However, several critical areas continue to be overlooked. Operational technology (OT) and IoT security, DevSecOps practices, and cybersecurity training for staff remain significantly underfunded — leaving key operational and human vulnerabilities exposed.
According to experts, as cyber threats become more covert and sophisticated, companies are rethinking how they allocate their cybersecurity budgets. Instead of focusing solely on perimeter defenses, businesses are increasingly investing in strategic areas like identity management, resilience, and secure access.
What can companies do?
Companies must shift toward convergence and consolidation, the experts suggested - streamlining tools and strategies to improve efficiency, reduce gaps, and build a more unified, resilient defense against modern cyberattacks.
Some low-hanging fruit include identifying the areas that will have the greatest impact if an attack succeeds - critical systems, data that must be kept confidential - and bolstering protections and investments for those.
Defenders can also use AI to make the volume of attacks more manageable, but will still need a specialised team of trained humans to manage the strategic aspect. And they should be aware of the most disruptive threats, which include unpatched and zero-day exploits, insider threats, cloud misconfigurations, supply chain attacks, and even human error, and have a strategy in place to minimise the risk of these.