By Brian Quah
The Rising Threat Landscape
From the Monetary Authority of Singapore (“MAS”) convening bank CEOs to Parliament debating frontier AI risks (article here), one thing is clear: cyber threats are evolving faster than ever. Attacks powered by AI are more scalable, harder to detect, and capable of disrupting essential services in minutes. Financial systems, healthcare providers, and critical infrastructure are all exposed to risks that can erode trust and resilience across ASEAN.
Why AI Matters in Security Operations
Traditional Security Operations Centres (“SOCs”) rely on manual analysis and static rules. But attackers are using automation and AI to launch large-scale, sophisticated campaigns. Without AI, defenders are simply outpaced.
AI enables SOCs to:
- Spot unusual behaviour quickly
- Connect the dots across massive volumes of data
- Prioritise alerts based on risk and impact
- Automate routine tasks so analysts can focus on complex decisions
For example, AI can detect unusual login patterns across thousands of accounts in seconds – something impossible for human analysts alone. It can also flag insider threats by spotting subtle behavioural changes that static rules would miss.
Balancing Technology with Responsibility
While AI strengthens detection and response, it also raises important questions about accountability and trust. Organisations must ensure:
- Transparency: AI-driven alerts are explainable and auditable
- Privacy: Monitoring aligns with ASEAN data protection laws
- Control: Automation accelerates response, but humans remain in charge of critical decisions
AI is not about replacing people. It is about empowering analysts to make faster, better-informed calls when it matters most.
Navigating ASEAN’s Regulatory Complexity
Unlike regions with harmonised privacy regimes, ASEAN organisations must operate across diverse national requirements. Singapore’s Personal Data Protection Act (“PDPA”) for example, requires breach notification within 72 hours, while Malaysia and Thailand have different timelines. Indonesia emphasises consent and lawful processing. Country-specific rules on cross-border data transfers add further complexity.
AI helps scale detection and response across this fragmented landscape, but governance must be designed to align with local expectations while maintaining operational consistency.
Measuring What Matters
To ensure AI adoption delivers real value, SOCs should be measured on outcomes, not activity. Key metrics include:
- Faster detection and response times (MTTD/MTTR)
- Improved signal-to-noise ratio in alerts
- Reduced business and regulatory impact of incidents
- Analyst productivity and retention
These metrics connect SOC performance directly to resilience and trust.
The Path Forward
AI will define the next generation of SOCs in ASEAN. But automation alone will not deliver resilience. The most effective SOCs will be those where:
- AI accelerates detection and response
- Humans retain accountability and judgement
- Governance enables innovation without sacrificing trust
- Security outcomes align with regulatory and business priorities
Organisations that embrace AI responsibly will not only strengthen their defences but also build the trust that underpins long-term resilience in the digital economy.
Brian Quah is the Assistant Vice President of Group Solutions at Nera Telecommunications Ltd, an established Technology Integrator delivering comprehensive, turnkey solutions that drive digital transformation and operational efficiency.
Continue Reading
Explore more
success stories
