SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Asia

Guides

#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware

Search

Southeast asia map cloud security risks digital locks warnings
#
Hyperscale
#
MFA
#
Cloud Security

AI cloud workloads in Southeast Asia show higher security risks

Thu, 3rd Jul 2025
Author image
By Shannon Williams, Journalist

New research from Tenable shows that workloads supporting artificial intelligence (AI) in the cloud present heightened security challenges in Singapore and Southeast Asia compared to non-AI workloads.

The 2025 Cloud Security Risk Report by Tenable indicates that 70% of AI-related cloud workloads across major platforms such as AWS, Azure and GCP have at least one critical vulnerability that remains unremediated. In comparison, 50% of non-AI cloud workloads are found to have similar vulnerabilities. This data underscores a measurable difference in the risk profile between AI and traditional cloud implementations for organisations in the region.

AI workload risk landscape

The report notes that the data-intensive nature of AI workloads, including large training datasets and complex model development processes, has made them targets for threat actors. In particular, Tenable found that 77% of organisations using Google's Vertex AI Workbench had at least one notebook instance configured with an overprivileged default service account. Such misconfigurations can open the door to privilege escalation and allow attackers to move laterally within cloud environments, further increasing the risk of compromise.

The report states, "AI workloads, with their vast training datasets and model development processes, are an increasingly attractive target for threat actors. The study found that 77 per cent of organisations using Google's Vertex AI Workbench had at least one notebook instance configured with an overprivileged default service account, which could allow privilege escalation and lateral movement across cloud environments."

Regulatory focus in Southeast Asia

Concerns about cloud and AI-related security have attracted attention from regulators throughout Southeast Asia. Several jurisdictions now require strong compliance with emerging frameworks.

In Singapore, the Cybersecurity Act and Monetary Authority of Singapore's (MAS) Technology Risk Management Guidelines mandate stricter cloud and AI security controls. Indonesia's regulations, including PP 71 and Otoritas Jasa Keuangan (OJK) rules, require secure cloud usage and local data storage for financial institutions. Malaysia has its own Risk Management in Technology (RMiT) framework, designed to set out robust cloud risk management practices for banks. Thailand's Personal Data Protection Act (PDPA) and Bank of Thailand (BOT) guidelines focus on access controls and transparency, while the Philippines implements its Data Privacy Act and Bangko Sentral ng Pilipinas (BSP) standards, emphasising data classification, authentication, and third-party governance.

The report observes, "As these regulatory frameworks evolve, organisations must embed security early into AI development to ensure compliance and mitigate emerging cloud risks."

Cloud risk trends

Notwithstanding the challenges brought on by newer workloads and stricter rules, Tenable reports that overall cloud risk management has shown signs of improvement. The proportion of what the company describes as 'toxic cloud trilogies'—publicly exposed, critically vulnerable, and overprivileged workloads—has dropped to 29% of surveyed organisations, down nine percentage points from the previous year. Researchers attribute this improvement to more effective risk prioritisation and expanded adoption of cloud-native security tooling.

However, the persistence of toxic trilogies remains a concern. Tenable noted, "Even a single trilogy provides attackers with a fast lane to sensitive data."

Identity and credential risks

The report highlights the ongoing challenge of identity management and credential protection in cloud environments. According to the findings, 83% of AWS users have configured at least one identity provider (IdP), reflecting best practices for securing identities. Despite this, breaches due to credential abuse remain frequent, accounting for 22% of initial access events. The findings underscore the importance of strong multi-factor authentication (MFA) enforcement and adherence to least privilege principles in meeting regulatory standards and protecting sensitive data from attackers.

"Organisations have made real strides in tackling toxic cloud risks, but the rise of AI workloads introduces a fresh wave of complexity," said Ari Eitan, Director of Cloud Security Research at Tenable. "AI's data-intensive nature, combined with persistent misconfigurations and vulnerabilities, demands a new level of diligence. Exposure management gives security teams the context they need to protect what matters most, including the crown jewels hidden inside AI environments."

The 2025 Cloud Security Risk Report is based on telemetry analysed from October 2024 through March 2025, covering workloads across a range of public cloud and enterprise environments.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
System administrators drive Asia’s AI success amidst rapid change
CREST launches staged programme to guide firms to full cyber accreditation
Digital attack surfaces expand as key exposures & risks double
ManageEngine AD360 adds identity risk & MFA to combat breaches
60% of enterprise firewalls fail initial compliance - study

Top stories

Lab 1 report reveals unstructured data heightens breach risks
Global ransomware attacks drop 43% but threats evolve quickly
PT KAI partners with Zimbra for secure & sovereign email upgrade
All top 100 Singapore firms hit by third-party cyber breaches
Motorola unveils 'AI nutrition labels' for safety technologies