Fortinet: Singapore Sees Up to 3X Rise in AI-Powered Threats

Singapore, 22 May 2025 – A new IDC study commissioned by Fortinet has found that organisations in Singapore are experiencing a steep rise in AI-powered cyberattacks, with over half encountering such threats in the past year. The research reveals that attackers are now leveraging artificial intelligence to conduct stealthier, faster, and more complex operations—leaving security teams struggling to keep up.

According to the survey, 56% of Singapore-based organisations reported experiencing AI-driven cyber threats. Of these, 52% saw a twofold increase, while 42% witnessed a threefold surge.

AI joins the cybercriminal toolkit

The adoption of AI by cybercriminals is no longer theoretical. Top reported threats include deepfake-driven business email compromise, automated reconnaissance, polymorphic malware, adversarial AI, data poisoning, and AI-assisted zero-day exploit development.

Despite the uptick, only 18% of organisations said they were very confident in their ability to defend against such threats. A further 32% acknowledged that AI threats are outpacing their detection systems. One in twenty organisations admitted they have no capability to track AI-powered attacks.

“The findings of this survey point to a growing need for AI-accelerated defence strategies across APJC,” said Simon Piff, Research Vice-President, IDC Asia-Pacific.
“Organizations are facing a surge in stealthy, complex threats—from misconfigurations and insider activity to AI-enabled attacks—that bypass traditional detection methods. A shift toward integrated, risk-centric cybersecurity models is critical to staying ahead. In this new threat landscape, reactive security is no longer enough—predictive, intelligence-driven operations must become the norm.”

Cyber risk is now a constant

The study suggests that cybersecurity has shifted from periodic crises to a sustained exposure model. The top threats in Singapore include software supply chain attacks (74%), ransomware (70%), phishing (64%), cloud vulnerabilities (52%), and insider threats (46%).

While phishing and malware still grow at around 10%, faster-growing threats such as ransomware (28%), cloud vulnerabilities and supply chain attacks (18% each), IoT/OT attacks (17%), and insider threats (16%) are exploiting internal blind spots.

Consequences are escalating beyond downtime. Respondents reported loss of customer trust (72%), regulatory penalties (66%), data breaches (48%), and operational disruption (42%) as the main impacts. Notably, 52% experienced breaches resulting in monetary loss, with one in three exceeding US$500,000.

Security teams under pressure

Cyber teams remain under-resourced. Only 7% of the average organisation’s workforce is devoted to internal IT, and just 13% of that group focuses on cybersecurity—resulting in fewer than one full-time cybersecurity expert per 100 employees.

Just 15.6% of surveyed organisations have a dedicated Chief Information Security Officer (CISO). Most continue to assign cybersecurity duties to broader IT roles, and only 6.4% have specialised teams for functions such as threat hunting.

Top challenges cited include overwhelming threat volumes (53.6%), difficulty retaining skilled talent (53.5%), and complex toolsets (44.5%).

Budgets rising, but risk still outpaces investment

Despite increased awareness, cybersecurity spending remains relatively low. On average, it accounts for just 15% of IT budgets—or just over 1% of total revenue.

Nearly 86% of Singaporean firms reported an increase in cybersecurity budgets this year, though most rises were under 10%. Spending priorities are shifting from infrastructure to strategic areas, including identity security, SASE/Zero Trust, cyber resilience, and cloud-native application protection.

However, areas such as OT/IoT security, DevSecOps, and cybersecurity training remain underfunded, highlighting a persistent gap in operational and human-layer defences.

“As cyber threats grow more covert and coordinated, we’re seeing a clear shift in how organizations approach cybersecurity investment,” said Rashish Pandey, Vice President of Marketing and Communications, Asia & ANZ.
“The focus is moving beyond infrastructure to more strategic areas like identity, resilience, and access. At Fortinet, we’re helping customers reframe cybersecurity as a long-term business enabler — not just a line of defence. Our platform brings the scale, intelligence, and simplicity needed to adapt and thrive in this new reality.”

Consolidation and convergence take centre stage

The report found that 96% of respondents are either converging networking and security or actively evaluating this step. Nearly 70% are already consolidating vendors and toolsets.

Yet fragmentation remains a challenge. Nearly half of all respondents cited tool management as a pain point—not in terms of volume, but lack of integration and interoperability. The top motivations for consolidation include faster support (59%), cost savings (53%), better integration (53%), and improved security posture (51%).

“Complexity is now the new battleground in cybersecurity—and AI is both the challenge and the frontline defence,” said Jess Ng, Country Head, Fortinet Singapore and Brunei.
“As threats grow quieter and more coordinated, Fortinet is helping organizations across Singapore stay ahead with a unified, platform-based approach that brings together visibility, automation, and resilience. In today’s threat environment, speed, simplicity, and strategy matter more than ever. Our focus is on helping customers shift from piecemeal defences to AI-powered security that’s built for scale and sophistication.”