2025 milestones: April

Tech highlights for April 2025 included:

- Digital network provider AIS and the Bank of Thailand (BOT) will jointly help the Thai public develop immunity against online scams and cyberthreats. 

BOT and Bank Negara Malaysia signed a memorandum of understanding (MoU) to strengthen joint efforts in cybersecurity and digital fraud protection.

- Cisco made a number of innovation and partnership announcements at the RSA Conference to help secure and harness the power of AI. 

- Google made inroads in the Thai public sector with a partnership between Thailand’s National Cyber Security Agency (NCSA) and Google Cloud to public sector entities and citizens. Solutions and services under the agreement include Google Cloud Cybershield and Google Cloud Web Risk, threat intelligence sharing and and incident response training.

Source: OJK. OJK's Artificial Intelligence Governance for Indonesian Banks is designed to ensure responsible AI development and implementation at Indonesian banks.

- Indonesia's Financial Services Authority (OJK) has launched Artificial Intelligence Governance for Indonesian Banks to ensure responsible AI development and implementation at Indonesian banks.

- Karnataka has set up India’s first Cyber Command Centre to investigate cyberthreats and cybercrime. 

- Indonesia Financial Services Authority (OJK) launched the Artificial Intelligence Governance for Indonesian Banks blueprint to guide Indonesian banks on responsible AI development and implementation.

- The government of Johor will spend RM300 M over two years in collaboration with the Malaysian Communications and Multimedia Commission (MCMC) to strengthen infrastructure, expand Internet coverage and enhance public awareness of cybersecurity and digital literacy.

- NVIDIA introduced DOCA Argus, which requires no agents, integration or reliance on host-based resources to offer runtime cybersecurity on AI workloads.

- The Princeton Digital Group opened a US$1 B data centre in Saitama, Japan.

- The Cyber Security Agency of Singapore launched expanded Cyber Essentials and Cyber Trust certification marks, including coverage of cloud security, AI security, and operational technology.

-  Singtel and Enterprise Singapore (EnterpriseSG) rolled out SPEED, a one-stop training and readiness programme enabling local small and medium-sized enterprises (SMEs) to advance their sustainability goals.

- UMC launched a new fab facility in Singapore featuring 22 and 28 nm processes.

- US President Donald Trump announced 'reciprocal' tariffs on various countries, including in the APME region.

Jamie Brown, VP, Government Affairs, Tenable, noted that while the US is in the spotlight and likely a potential target for initiating recent tariff measures, including the 2025 imposition of tariffs of up to 145% on Chinese goods, cyber adversaries are neither linear nor selective in their targeting. 

"Cyberattackers are opportunistic. They don’t just retaliate against the initiator of economic policies; they exploit vulnerabilities wherever they appear, especially for those vulnerabilities emerging from instability or operational pressure," he said.

Brown said that Tenable has observed a consistent pattern: when financial markets are disrupted, bad actors thrive. He added that the cyber fallout is global. "In Southeast Asia, 2024 saw cyberattack volumes double compared to the previous year, with Singapore reporting more than 21 million cyberattacks, the highest in the region. Indonesia averaged 3,300 attacks per week in the first half of 2023," he said. 

"Sophisticated state-sponsored campaigns such as those by the Billbug group (also known as Lotus Blossom or Lotus Panda) have targeted government and business entities across SEA, using new backdoors, credential stealers, and reverse shell malware. The message is clear: economic pressure anywhere can mean cybersecurity risk everywhere." SEA refers to Southeast Asia.

Tenable has also found that financial strain caused by tariffs can lead organisations to cut cybersecurity investments, especially when they need them most, Brown added. He said: "Tariffs, for example, act as economic shockwaves. They force businesses to re-examine their supply chains, change procurement models, and absorb rising costs. In this period of instability, security gaps widen, and this includes critical infrastructure providers who often depend on overseas imported hardware. 

"Organisations are forced to turn to local alternatives, which lead to unfamiliar vendors, rushed deployments, and unvetted software or hardware, thus creating new pathways for exploitation."

"With the rise of AI-driven threats and increasing regulatory requirements, businesses must move faster than the attackers they face. That starts with knowing your assets, understanding your exposures, and closing critical gaps in a proactive rather than reactive manner," he concluded.

"For organisations in APJ and beyond, this is about remaining alert and aware. Global economic policy shifts demand local cyber resilience. As trade dynamics change, the security imperative becomes clear: there is no better time than now to double down on visibility, prioritisation and remediation to stay ahead of a threat landscape that is
as opportunistic as it is borderless." APJ stands for Asia Pacific and Japan.

Hashtags: #2025milestones, #RSA2025