As cloud adoption continues to soar, businesses in Singapore are facing an increasing number of cyberattacks, putting their sensitive data and operations at greater risk. According to recent findings from Rubrik Zero Labs, nearly all IT and security leaders in the region have experienced cyberattacks in the past year, with 91% reporting incidents in 2024 alone.
The rise in cyberattacks has been linked to the growing complexity of hybrid cloud environments, as more businesses migrate their data to the cloud. Attackers have expanded their tactics, targeting vulnerabilities across both cloud and on-premises systems.
Sheena Chin, managing director for ASEAN at Rubrik, noted that organizations in Singapore, which boasts a highly digitalized environment, must enhance their data protection strategies to combat emerging threats. “As businesses become more connected, they gain new opportunities but also face new risks,” Chin said.
The Surge in Cyberattacks: A Constant Threat
Cyberattacks are no longer a rare occurrence. In fact, many businesses are now dealing with constant threats. Nearly 20% of organizations in Singapore reported facing over 25 cyberattacks in 2024, equating to at least one attack every two weeks.
The most common attack methods include malware infections (38%), phishing attempts (32%), insider threats (31%), breaches of cloud or SaaS environments (26%), and broader data breaches (23%). These incidents have had serious repercussions for many businesses, including:
- 38% reported reputational damage and loss of customer trust
- 37% experienced increased security-related costs
- 33% saw leadership changes at the executive level due to cyberattacks
The Role of AI and Cloud in Complicating Data Protection
The rapid rise of AI and the continued shift to the cloud are adding new layers of complexity to data security. According to the study, 92% of IT leaders in Singapore are managing hybrid cloud environments, and nearly half of all workloads are now cloud-based. However, this shift is introducing new challenges for businesses, such as:
- 42% of respondents cited data security in hybrid environments as their top concern
- 36% were worried about data privacy and compliance issues
- 34% highlighted a lack of centralized visibility and control over their systems
Additionally, Rubrik’s telemetry data revealed that 36% of sensitive files, such as personally identifiable information (PII), intellectual property, and source code, are considered high-risk, heightening the need for stronger protection measures.
Ransomware and Identity-Based Threats Are on the Rise
Ransomware attacks continue to be a top concern for businesses in Singapore. Among those affected, 95% reported paying the ransom to recover their data, and 75% indicated that threat actors were able to compromise their backup and recovery systems to some extent. In some cases, 38% of organizations faced full compromise of their backup environments.
Simultaneously, the spread of cloud services has exposed new vulnerabilities in identity and access management. According to the report, 91% of businesses are using between two and five cloud or SaaS platforms, creating more opportunities for attackers to exploit gaps and move laterally across systems.
One significant concern is insider threats, which often stem from compromised credentials. About 31% of IT leaders cited these as a growing problem, and Rubrik’s telemetry showed that 27% of high-risk sensitive files contained digital access data, such as API keys, usernames, and account numbers—critical information that attackers can use to penetrate deeper into systems.
A Data-First Approach to Security
These findings highlight the need for a shift in how businesses in Singapore approach cybersecurity. Traditional perimeter-based defenses are no longer sufficient in today’s hybrid environments, where the threat landscape is constantly evolving. As attackers adapt, organizations must focus on protecting critical data—regardless of where it resides.
Moving forward, businesses that prioritize data security and proactively identify and safeguard sensitive information will be better positioned to maintain resilience against future cyber threats.
