AI Adoption Drives New Phase in Cybersecurity

AI Adoption Drives New Phase in Cybersecurity

AI Adoption Drives New Phase in Cybersecurity

https://fintechnews.sg/134139/ai/ai-adoption-drives-new-phase-in-cybersecurity/

Publish Date: 2026-07-09 22:05:00

Source Domain: fintechnews.sg

Author:

Using an unordered list, summarize the following article with between 4 and 8 key points. Free NewsletterGet the hottest Fintech Singapore News once a month in your InboxAs employees increasingly embrace artificial intelligence (AI), cybersecurity is entering a new phase characterized by the growth of security incidents, the concealment of heightened breaches within organizations, and the proliferation of shadow AI, according to a new study by Bitdefender.The study, which surveyed 1,200 IT and cybersecurity professionals across six countries, found limited insight into employees’ use of AI. Only 48% of Singapore organizations reported having full visibility into the AI tools and large language models (LLMs) employees use for work, below the global average of 51.8%.Half of Singapore organizations reported partial visibility. These organizations track official enterprise LLMs, but are blind to the personal accounts and “shadow AI” subscriptions that staff use independently. Shadow AI refers to the use of AI tools, chatbots, and services by employees without the knowledge, approval, or oversight of their organization’s IT or security teams.Limited visibility into employees’ use of AI introduces risks of exposing sensitive corporate data to unvetted third-party services that may store or misuse confidential information. This also creates significant compliance and security gaps, as companies cannot enforce proper governance policies or audit how proprietary data is being processed across authorized platforms.Visibility into large language models and AI tools employees currently use, Source: 2026 Cybersecurity Assessment, Bitdefender, Jul 2026Growth in security incidentsThese persistent blind spots in oversight are being coupled with an increase in security incidents involving AI. 59.2% of the professionals polled globally said that their organization has experienced social engineering attacks they believe involve AI, 55.7% reported malware-based attacks that involve AI, and 70.1% said they are seeing more sophisticated phishing attacks powered by AI.In Singapore, these incidents have taken the forms of unauthorized cloud access (45%), business email compromise (BEC) (37%), and ransomware (28%). These were identified by respondents as the most prevalent security breaches or incidents in the prior 12 months.Top three security breaches or incidents, Source: 2026 Cybersecurity Assessment, Bitdefender, Jul 2026Just last week, news broke that the personal data of about 70,000 people were exposed after attackers gained unauthorized access to a development and testing cloud environment managed by IBM for the Singapore Land Authority. Channel News Asia reported that the compromised dataset unexpectedly contained real personal information, including names, identification numbers, and property-related details, which should have been anonymized for testing.Breach transparency and regulatory complianceWhile security incidents continue to proliferate, employees face pressure to keep them quiet. The Bitdefender survey found that, globally, 55.2% of respondents who had a breach in the last 12 months were told to keep it confidential, even when they believed it should be reported. In Singapore, that proportion stood at 53%. This points to a broader governance issue about how organizations respond when incidents happen and how transparent they are.By keeping these incidents quiet, these organizations are preventing timely regulatory notifications required by law, potentially resulting in legal penalties and lost trust from affected customers. This practice also hinders internal security improvements, since hiding incidents stops the organization from properly analyzing root causes and implementing preventive measures across teams.In Singapore, businesses that collect and maintain data on residents are required to notify the Personal Data Protection Commission (PDPC) and affected individuals of certain data breaches that can result in significant harm or involve a significant scale of personal data.Failure to comply with these data breach notification requirements or other obligations under the PDPC’s Personal Data Protection Act 2012 (PDPA) may result in financial penalties, enforcement directions, and other regulatory actions.Singapore: a top targetIn 2025, Singapore continued to be a primary target of cyber attacks, specially ransomware, and phishing. The number of ransomware cases reported to the Cyber Security Agency (CSA) of Singapore increased to 165 in 2025, up from 159 cases in 2024.Small and medium-sized enterprises (SMEs) were the most affected, according to the agency, reflecting their generally lower levels of cybersecurity maturity and more limited resources. The top affected industries were wholesale and retail trade, manufacturing, and construction, accounting for half of all reported incidents last year.Ransomware activity in Singapore, Source: Singapore Cyber Landscape 2025/2026, Cyber Security Agency of Singapore, Jun 2026Phishing activity continued to be the primary social engineering method in 2025, enabling threat actors to target victims at scale through AI-generated lures that are authentic-looking and contextually relevant.Around 4,800 phishing attempts were reported to CSA last year, representing a 21% decrease from 6,100 in 2024. However, the agency notes that this low number can be explained by the fact that many incidents remain unreported, particularly when they don’t cause any financial loss.In 2025, banking and financial services continued to be the most spoofed industry for the fourth consecutive year, accounting for 70% of all reported phishing attempts.Phishing activity in Singapore, Source: Singapore Cyber Landscape 2025/2026, Cyber Security Agency of Singapore, Jun 2026One notable trend in Singapore last year was the surge in infected systems, comprising both infected command-and-control (C2) servers and botnet drones. In 2025, the number of infected systems reached 284,300, up from approximately 117,300 in 2024. This 142% increase was primarily driven by the activity of malicious infrastructure operators but also better detection of infected botnet drones by defenders.Persistent botnet operator activity steams from the profitable demand for malware-as-a-service, expanded attack surface due to the proliferation of consumer Internet-of-Things (IoT) devices, and improved productivity and resilience of botnet operators.Infected infrastructure, Source: Singapore Cyber Landscape 2025:2026, Cyber Security Agency of Singapore, Jun 2026 Featured image: Edited by Fintech News Singapore, based on image by febdwithart via Magnific