Strengthening Cyber Resilience in Southeast Asia: A Multi-Stakeholder Approach

On 21 October 2025, the Tech for Good Institute (TFGI) moderated a panel at the Global Forum on Cyber Expertise (GFCE) Southeast Asia Regional Meeting. The session was held as part of the 10th edition of the Singapore International Cyber Week (SICW), organised by the Cyber Security Agency of Singapore (CSA). The panel focused on sharing best practices of the multi-stakeholder collaboration in cybersecurity.
Table of contents

Topic

ASEAN Digital Resilience Digital Society Others Regional Cooperation

Country/Region

From left to right: Keith Detros, Programme Manager, Tech for Good Institute; Ghislain de Salins, Global Lead, Cybersecurity, World Bank; Masao Shino, Director, Office for Science Technology and Information, and Digital Transformation, Japan International Cooperation Agency; Pua Hunter, Pacific Hub Director, Global Forum on Cyber Expertise; Felipe Beato, Cyber Resilience, Centre for Cybersecurity, World Economic Forum

Southeast Asia has witnessed an unprecedented surge in cyber threats, ranging from sophisticated Advanced Persistent Threats (APTs) to widespread ransomware attacks. In the first half of 2024, for example, ransomware incidents across Asia Pacific reached 57,000, with Indonesia, the Philippines and Thailand being severely affected. In Indonesia, the attack on its national data centre is a clear example of the impacts of these threats, as ransomware jeopardises government services and impacts vital national assets. Earlier this year, Singapore also reported an APT attack on its critical infrastructure.

In addition, the rise of AI as a force multiplier for cybercriminals adds another layer of complexity. 47% of organisations cite top concerns surrounding GenAI as advanced adversarial capabilities, with AI enabling sophisticated social engineering tactics, lowering barriers to cybercrime entry and streamlining malware deployment processes.

As the World Economic Forum notes, this growing evolving threat landscape represents one of the systemic challenges for the region. For example, cyber risk increased by 74% in 2024 alone, with ransomware attacks (45%), cyber enabled fraud (20%) and supply chain disruption (17%) topping the list of concerns. These developments underscore the urgent need to strengthen cybersecurity frameworks to safeguard Southeast Asia’s digital future.

To examine comprehensive approaches to cybersecurity resilience, the Tech for Good Institute moderated a panel discussion on “Understanding the Multi-Stakeholder Model”, featuring speakers who shared both global and regional perspectives on collaboration in cyberspace governance.


Moderator and Panellists

  • Ghislain de Salins, Global Lead, Cybersecurity, World Bank
  • Masao Shino, Director, Office for Science Technology and Information, and Digital Transformation, Japan International Cooperation Agency
  • Pua Hunter, Pacific Hub Director, Global Forum on Cyber Expertise
  • Felipe Beato, Cyber Resilience, Centre for Cybersecurity, World Economic Forum
  • Keith Detros, Programme Lead, Tech for Good Institute

Key Takeaways

1. Multi-stakeholder partnerships are essential foundations for regional capability development in cybersecurity.

Innovative multi-stakeholder partnerships are emerging as effective solutions. Key examples include the The ASEAN-Japan Cybersecurity Capacity Building Centre (AJCCBC), which demonstrates how regional cooperation can address talent gaps through practical programs like CYDER (Cyber Defense Exercise with Recurrence).  The CYDER programme provides hands-on training for Security Operations Center analysts. In addition, another example is the Cyber SEA Games which exemplifies competitive capacity building, allowing participants to develop technical skills through practical cybersecurity challenges.

Public-private partnerships (PPPs) for cyber threat intelligence sharing and incident response can also be leveraged for talent development, as demonstrated by Togo’s National Cybersecurity Incident Response Team (CIRT). This is operated as a joint venture between the government and Polish IT company Asseco. Such models enable knowledge transfer, lower barriers to cybersecurity profession entry and provide sustainable training mechanisms.

Finally, partnerships with the technical community can also be an innovative solution towards resilience in cyberspace. For example, the World Bank has supported “bug bounty programmes” to tap on the expertise of ethical hackers.


2. Digital public infrastructure (DPI) and critical information infrastructure (CII) must be secured through security-by-design principles and adherence to international standards.

Protecting digital public infrastructure (DPI) and critical information infrastructure (CII) emerged as one of the key areas of priorities for countries. DPI must be made more resilient and safe through security-by-design, embedding security considerations into digital products from inception rather than retrofitting protection measures. The security-by-design approach can be achieved through: mandating adherence to international standards like NIST and ISO frameworks, bringing transparency to software supply chains through Software Bill of Materials (SBOM) requirements and implementing comprehensive risk assessment protocols. Countries in Southeast Asia are ramping up and updating existing guidelines in response to these challenges. The Philippines focuses on strengthening infrastructure resilience and mitigating vulnerabilities, while Singapore’s updated Cybersecurity Act 2024 implements stricter measures addressing supply chain vulnerabilities. However, SMEs remain particularly vulnerable, with 43% of targeted cyber attacks focusing on small and medium enterprises, despite 68.5% having adopted cybersecurity software.


3. Regional harmonisation of cybersecurity frameworks must balance standardisation with local context and fit-for-purpose solutions.

Southeast Asia’s cybersecurity landscape is characterised by regulatory fragmentation and gaps in capacity. While the ASEAN Cybersecurity Cooperation Strategy 2021-2025 establishes shared norms and encourages public-private partnerships, and the 2023 launch of ASEAN CERT strengthens cross-border collaboration, implementation varies significantly across member states. While multiple ASEAN frameworks including the Framework on Personal Data Protection (2016), Framework on Digital Data Governance (2018) and various cross-border data flow mechanisms have been instituted, interoperability challenges still persist. This requires alignment  and harmonisation of cybersecurity approaches from a regional perspective. However, implementation should remain  fit-for-purpose and locally relevant, with strong collaboration between academia, industry and government. An important mindset shift is to consider cybersecurity to be a “team sport” and a strategic investment rather than a cost. Treating cybersecurity as an investment, developing local talent and fostering multi-stakeholder collaboration remain non-negotiable priorities for building resilient digital ecosystems across Southeast Asia.

Share this engagement

Explore further

ASEAN Digital Resilience Digital Society Others Regional Cooperation

Read more from our authors

Related reads

Insights 15 Nov 2024

Harnessing Digital Platforms for Southeast Asia’s Inclusive Prosperity

Research 21 Oct 2024

Enabling Social Resilience through Digital Transformation of Nonprofits

Insights 17 Mar 2023

National-level priorities to grow the digital economy: Spotlight on Malaysia

Stay updated Accent arrow
Linkedin Youtube

Cite this article

(2025, November 3). Strengthening Cyber Resilience in Southeast Asia: A Multi-Stakeholder Approach. Tech For Good Institute. Retrieved from https://techforgoodinstitute.org/events/event-highlights/strengthening-cyber-resilience-in-southeast-asia-a-multi-stakeholder-approach/
Copy citation Accent arrow

Keep pace with the digital pulse of Southeast Asia!

Never miss an update or event!

Subscribe now ➞ Accent arrow

Mouna Aouri

Programme Fellow

Mouna Aouri is an Institute Fellow at the Tech For Good Institute. As a social entrepreneur, impact investor, and engineer, her experience spans over two decades in the MENA region, South East Asia, and Japan. She is founder of Woomentum, a Singapore-based platform dedicated to supporting women entrepreneurs in APAC through skill development and access to growth capital through strategic collaborations with corporate entities, investors and government partners.

Dr Ming Tan

Senior Fellow & Founding Executive Director

Dr Ming Tan is Senior Fellow at the Tech for Good Institute; where she served as founding Executive Director of the non-profit focused on research and policy at the intersection of technology, society and the economy in Southeast Asia. She is concurrently a Senior Fellow at and the Centre for Governance and Sustainability at the National University of Singapore and Advisor to the Founder of the COMO Group, a Singaporean portfolio of lifestyle companies operating in 15 countries worldwide. Ming was previously Managing Director of IPOS International, part of the Intellectual Property Office of Singapore. Prior to joining the public sector, she was Head of Stewardship of the COMO Group.


Ming also serves on the boards of several private companies, Singapore’s National Volunteer and Philanthropy Centre, Singapore Network Information Centre (SGNIC), and on the Digital and Technology Advisory Panel for Esplanade–Theatres on the Bay, Singapore’s national performing arts centre. Her current portfolio spans philanthropy, social impact, sustainability and innovation.