Insider risk is a test of leadership, not just security - Frontier Enterprise

OpinionTechnologySecurity Share Facebook Twitter WhatsApp Linkedin In a year already defined by AI-powered attacks, ransomware rebrands, and deepfake scams, the biggest cybersecurity threat may not come from the outside. It may already have access, and your password. Insider threats are rising fast across Asia-Pacific, and 2025 is shaping up to be a turning point. According to Splunk’s State of Security report, 38% of organisations worldwide faced an insider-related incident in the past year. That figure is expected to climb, driven by hybrid work, expanding cloud environments, and increasingly complex third-party ecosystems that blur the boundaries of internal and external access. Now, with AI tools rapidly deployed across functions, insider risk is also evolving in form and scale. Employees are using generative AI to summarise strategy documents, debug proprietary code, or accelerate reporting, often without realising they may be exposing sensitive information to platforms beyond the organisation’s visibility or control. These aren’t malicious acts, but they are risks with real consequences. Whether through AI interactions or everyday access, modern insider threats increasingly result from governance gaps, not bad intent. When progress becomes exposure Singapore offers a compelling snapshot of this paradox. As one of Asia’s leading digital economies, its enterprises are pushing boundaries with AI adoption, cloud-first architectures, and DevSecOps maturity. Over half of its local security operations centres (SOCs) already use detection as code, well ahead of global peers. Furthermore, 61% report measurable productivity gains from AI. But these rapid innovations bring with them new blind spots. Today, many organisations — from large enterprises to smaller firms with international reach — operate globally, with employees, contractors, and vendors working across platforms, geographies, and devices, often with elevated or overlapping credentials. In this highly connected environment, unintentional data leaks, credential misuse, or code exposure through AI tools can occur silently, without triggering traditional security alarms. And the issue is rarely a lack of detection tools. Instead, it is almost always because no one had a complete view of the risk in context. Nearly half of SOC teams globally report spending more time maintaining tools than defending the business. Even more worrying, only 9% of companies consistently share threat intelligence across HR, legal, compliance, and IT. Insider risk in Asia: Amplified and underestimated While insider threats are a global issue, the risks are magnified across Asia-Pacific. The Navigating Cyber 2025 report by FS-ISAC highlights how scam compounds in the region are industrialising fraud, using deepfakes, AI-generated social engineering, and real-time impersonation. For example, one finance worker in Hong Kong was conned into transferring US$25 million after a fake video call with what appeared to be his CFO. These incidents reveal a larger truth: In a cloud-connected world, attackers don’t need to breach a firewall; they simply borrow trust from someone with access. Singapore’s open, data-driven economy, while a strength, also makes it a prime target for insider-driven compromise. As threat actors shift to double and triple extortion tactics, often exploiting supply chains and impersonating insiders, leaders must broaden their definition of what “insider” really means. It’s no longer just a disgruntled employee; it could be a compromised vendor credential, an unmanaged endpoint on a third-party system, or even a well-meaning employee inadvertently leaking confidential information via unsanctioned AI tools. The governance blind spot Insider threats are notoriously difficult to detect because they exploit systems that are designed for productivity and access. Remote connections, third-party integrations, and legitimate credentials offer a perfect cover for malicious behaviour or simple human error. Yet many organisations still treat insider risks as a siloed issue for SOCs to manage. It’s perceived as a technical problem to be addressed with more tools, more alerts, and more dashboards. In reality, it is a governance gap that spans risk management, compliance, operations, and even culture. It requires enterprise-wide accountability. For example, if HR detects a behaviour change but that insight never reaches the SOC team tracking anomalous logins, who makes the connection? And more importantly, who is responsible when no one does? As AI becomes embedded in daily workflows, businesses are effectively allowing individuals to decide what stays confidential and what leaves the firewall. Without clear governance or cross-functional oversight, these everyday decisions can lead to systemic exposure. Insider risk demands the same level of boardroom scrutiny as financial fraud or reputational damage. Addressing it requires not just investment in detection capabilities, but a realignment of accountability and process across the business. A strategic moment for executive action Singapore is well positioned to lead the conversation on insider risk. With world-class infrastructure, forward-looking regulation, and a national agenda focused on AI and digital trust, the foundations are already in place. But what’s needed now is a shift from innovation to readiness, from tools and frameworks to accountability and governance. This shift is especially critical in the regional context. Across much of Asia, workforce fluidity — including the growing reliance on contractors, gig workers, and cross-border service providers — already challenges access governance. The rise of AI also adds another layer of risk, as employees and third parties may unintentionally expose protected data through unsanctioned tools. At the same time, cultural sensitivities around monitoring and fragmented data protection laws leave many organisations uncertain about how to strike the right balance between trust, oversight, and compliance. In this environment, Singapore has a real opportunity to set the tone — not just on technology maturity, but in shaping how trust, ethics, and accountability can coexist in modern security governance. The bottom line Cybersecurity in the AI era isn’t just about keeping bad actors out. It’s about understanding who’s already inside, what they’re doing, and whether your organisation is structured to respond with speed, accuracy, and trust. Insider risk is no longer just a security concern. It is a defining test of leadership — and one that boards and executives can no longer afford to ignore.