Let me start straight with the reality we are dealing with. Cyberattacks are increasing in speed, scale, and sophistication, and this trend is not incremental, it is exponential. When we look at nation state cyber activity over time, the trajectory is clearly rising, with incidents such as Stuxnet, WannaCry, and attacks on critical infrastructure demonstrating how cyber operations are now instruments of geopolitical strategy.

What is driving this shift? First, geopolitical tensions. Nation states are actively using cyber capabilities for espionage, sabotage, and subversion to advance national interests. Second, regulatory pressures are increasing globally. Governments are introducing stricter cybersecurity laws from GDPR and the NIS Directive to various national cybersecurity acts, forcing organisations to rethink compliance and risk. Third, cybercrime itself is expanding rapidly. It is no longer fragmented; it is organised, scalable, and increasingly professional.

Dr. Jasmine Begum
Senior General Counsel, Corporate
External & Legal Affairs, Microsoft ASEAN

We are also dealing with accumulated technical debt. Legacy systems remain widely deployed, and they introduce persistent vulnerabilities. These systems are harder to secure and significantly increase the impact of any breach. At the same time, rapid technological change such as AI, IoT, and cloud computing is creating both defensive opportunities and new attack surfaces.

The threat landscape today is defined by speed. Attackers can access data within one hour and move laterally across systems in less than two hours. Meanwhile, organisations often take months to patch vulnerabilities. There is a clear asymmetry. In fact, vulnerabilities are typically exploited within 14 days, yet many systems remain unpatched even after nine months. This delay directly translates into risk exposure.

Cybercrime is also highly profitable. We are looking at a global cybercrime economy estimated at around 10 trillion dollars annually today, projected to reach 20 trillion by 2030. Attacks are occurring at a rate of roughly 1,000 per second, and ransomware demands are doubling. This is not just crime it is an industrialised ecosystem. Services such as stolen credentials, denial of service tools, and ransomware kits are readily available, often operating under affiliate models.

Public sector organisations are particularly vulnerable. A significant proportion of attacks target government agencies, IT services, education, and think tanks. Nation state actors are expanding their reach across multiple countries, with a strong focus on strategic and political targets.

At the same time, the nature of cyber threats is evolving. AI is now both a defensive necessity and an attack vector. Attackers are using diverse entry points, including infostealers and credential theft, while also leveraging AI to scale operations and create more convincing social engineering attacks. We are seeing the rise of synthetic identities and domain impersonation at scale.

Cloud environments are increasingly targeted, particularly where weak or stolen credentials are involved. A significant percentage of breaches can be traced back to identity vulnerabilities rather than system failures.

Real world incidents illustrate the scale of impact. Attacks on healthcare systems, legal firms, and national infrastructure have disrupted operations, exposed millions of records, and forced organisations to make difficult decisions, including ransom payments. In some cases, governments have refused to pay, highlighting the strategic and ethical dimensions of response.

Finally, cybersecurity must be reframed. It is not only about responding to incidents it is about building resilience. Technologies such as SaaS and cloud improve scalability and consistency, while AI enhances detection and response. However, these same technologies can also be exploited by adversaries.

The core message is clear. The threat environment is expanding faster than organisational readiness. Without a shift towards proactive, resilient, and integrated security strategies, the gap will continue to widen.