How to build cybersecurity in a divided world

Technology decoupling amid global geopolitical tensions raises new cybersecurity concerns for nations and businesses alike.

In brief:

• Digital protectionism is forcing nations and businesses to reassess their technology alignment and dependencies, presenting new cybersecurity challenges. 
• Companies must take steps to safeguard cybersecurity and operational resilience, such as aligning with national frameworks that address emerging risks. 
• Keeping technology stacks modular and agile and tapping into Singapore’s strong innovation ecosystem to build new cybersecurity capabilities are also crucial.

Trade tariffs and protectionist policies are forcing nations and businesses to navigate and adapt to an increasingly fractured landscape. As rivalries between major powers intensify, the world has become divided in the adoption of technologies and technology providers. At the heart of digital protectionism lies a critical issue — cybersecurity.

Regulations and regional collaboration

As an open economy, Singapore is not immune to these winds of change. The country’s approach to cross-border data flows and cybersecurity standards would have to evolve. Stricter regulations are needed to safeguard data. This could mean tighter data localization rules, where sensitive information stays within national borders for greater security. More stringent regulations may also need to be imposed on foreign technology providers.

Given its status as a global business and trade hub and a member of the Association of Southeast Asian Nations (ASEAN), Singapore must strike a delicate balance between regulation, innovation and collaboration. Overly rigid policies could stifle progress and foreign investment to the detriment of economic growth.

A way to navigate this conundrum is to continue to push for a unified ASEAN cybersecurity framework that fosters a more cohesive regional regulatory environment that supports both security and economic growth. Efforts are already underway to improve regional collaboration through the ASEAN Cybersecurity Cooperation Strategy. However, varying levels of technology development, political priorities and regulatory environments across ASEAN nations make harmonization challenging and these efforts remain a work in progress.

Dilemma of picking sides

Stricter trade restrictions are disrupting cross-border technology access. The push for technology decoupling by major powers is shaking up supply chains, driving up costs and limiting access to critical components.

Companies in Singapore may face the difficult choice of aligning with one technology ecosystem over another. The pressure to comply with trade policies and competing regulations could have a significant impact on their operations and strategic partnerships. Those currently operating across competing technology ecosystems may also be forced to scramble for alternatives. This could potentially lead to businesses adopting less secure or untested alternatives, giving rise to new cybersecurity risks.

Moreover, the lack of standardized protections across competing digital systems creates vulnerabilities, making it easier for cybercriminals to exploit these weaknesses. Forced reliance on multiple suppliers with varying security protocols further widens these gaps, increasing the risk of breaches.

From a cybersecurity perspective, this fragmentation is already evident in cybersecurity nerve centers, where companies with a large geographical footprint often operate security operation centers with separate technology stacks to navigate data sovereignty and export restrictions.

Fundamentally, companies must take proactive steps to safeguard their cybersecurity and operational resilience. They can look to the latest national frameworks like the expanded Cyber Essentials and Cyber Trust certification marks. These now offer targeted guidance on cloud, artificial intelligence and operational technology — key areas of emerging risks. The latest frameworks not only help businesses protect against the most common cyber attacks in these domains but also simplify cybersecurity requirements. By aligning with these frameworks while keeping technology stacks modular and agile, companies can strengthen cyber hygiene practices while navigating the complex and evolving threat environment.