A recent study conducted by Rubrik Zero Labs has revealed that organisations in Singapore are facing a surge in cyberattacks and cybersecurity issues. According to the report titled The State of Data Security in 2025: A Distributed Crisis, 91% of IT and security leaders have encountered cyberattacks in the past year. This alarming statistic underscores the growing concerns surrounding hybrid cloud environments and data security.
The research highlights the complexities brought about by rapid cloud adoption and the increasing sophistication of IT infrastructures. As more sensitive data is migrated to hybrid cloud systems, cyber attackers are exploiting vulnerabilities across both cloud and on-premises environments.
Sheena Chin, the managing director for ASEAN at Rubrik, emphasized the importance of enhancing data protection measures in Singapore’s advanced digital landscape to effectively combat emerging threats.
Cyberattacks are on the rise and becoming more disruptive
The report reveals that cyberattacks have become a prevalent issue for many organisations:
- Approximately 20% of Singaporean organisations reported experiencing over 25 cyberattacks in 2024, equating to at least one attack every two weeks.
- Common forms of attack included malware infections (38%), phishing attempts (32%), insider threats (31%), breaches of cloud or SaaS environments (26%), and broader data breaches (23%).
These incidents had significant repercussions:
- 38% of organisations suffered reputational damage and a decline in customer trust.
- 37% faced increased security costs.
- 33% indicated that a cyberattack resulted in changes in leadership at the executive level.
AI, cloud, and data complexity exacerbate security challenges
The proliferation of AI technologies and the ongoing adoption of cloud services are complicating data protection efforts. The survey found that 92% of IT and security leaders in Singapore manage hybrid cloud environments, with half of them hosting the majority of their workloads in the cloud.
This shift has introduced various challenges:
- 42% identified data security in hybrid environments as their primary challenge.
- 36% cited concerns regarding data privacy and compliance.
- 34% highlighted the lack of centralized visibility and control over their environments.
Rubrik’s telemetry data also disclosed that 36% of sensitive files are classified as high-risk, including personally identifiable information (PII) such as Social Security numbers, phone numbers, intellectual property, and source code.
Ransomware and identity-based threats are evolving
Ransomware attacks remain a significant threat for organisations in Singapore:
- 95% of those affected by ransomware admitted to paying the ransom to recover their data.
- 75% reported partial compromise of their backup and recovery systems by threat actors.
- 38% experienced complete compromise of their backup environments.
Identity-based threats are also on the rise alongside the expansion of cloud services. The report indicated that 91% of organisations use two to five cloud or SaaS platforms, creating new vulnerabilities in identity and access management. Attackers are increasingly exploiting these weaknesses to move laterally across systems and escalate their attacks.
Insider threats, often linked to compromised credentials, were identified as a growing concern by 31% of IT leaders. Rubrik’s telemetry data further revealed that 27% of high-risk sensitive files contain digital access data like API keys, usernames, and account numbers, which attackers frequently leverage to gain deeper access to systems.
The necessity of a data-first security approach
The findings underscore the reality that traditional perimeter-based defenses are insufficient in the current threat landscape. With hybrid environments becoming commonplace and attackers adapting swiftly, a shift towards directly securing critical data, irrespective of its location, is imperative.
As cyber threats continue to evolve, organisations that take proactive measures to identify and safeguard sensitive information are better equipped to withstand future risks.
Photo by Unsplash)
See also: CISA issues guidance amid unconfirmed Oracle Cloud breach
Interested in learning more about cybersecurity and cloud technology from industry experts? Explore the Cyber Security & Cloud Expo events in Amsterdam, California, and London.
Discover other upcoming enterprise technology events and webinars hosted by TechForge here.
