Unidentifiable hacker cracking computer code in the dark

How to build cybersecurity in a divided world

Technology decoupling amid global geopolitical tensions raises new cybersecurity concerns for nations and businesses alike.


In brief:

  • Digital protectionism is forcing nations and businesses to reassess their technology alignment and dependencies, presenting new cybersecurity challenges. 
  • Companies must take steps to safeguard cybersecurity and operational resilience, such as aligning with national frameworks that address emerging risks. 
  • Keeping technology stacks modular and agile and tapping into Singapore’s strong innovation ecosystem to build new cybersecurity capabilities are also crucial.

Trade tariffs and protectionist policies are forcing nations and businesses to navigate and adapt to an increasingly fractured landscape. As rivalries between major powers intensify, the world has become divided in the adoption of technologies and technology providers. At the heart of digital protectionism lies a critical issue — cybersecurity.

For decades, the world has benefited from the interconnectedness of a globally shared internet infrastructure, which has facilitated cross-border communication, innovation and growth. This interconnectedness also enables tighter collaboration on cyber threat intelligence and quicker response to cyber attacks. Cybersecurity measures are harmonized through international frameworks, regulatory alignment and industry best practices, reducing vulnerabilities that cybercriminals can exploit. However, as nations reassess their technology alignment and dependencies, it is likely that new cybersecurity challenges would emerge.

Regulations and regional collaboration

As an open economy, Singapore is not immune to these winds of change. The country’s approach to cross-border data flows and cybersecurity standards would have to evolve. Stricter regulations are needed to safeguard data. This could mean tighter data localization rules, where sensitive information stays within national borders for greater security. More stringent regulations may also need to be imposed on foreign technology providers.

Given its status as a global business and trade hub and a member of the Association of Southeast Asian Nations (ASEAN), Singapore must strike a delicate balance between regulation, innovation and collaboration. Overly rigid policies could stifle progress and foreign investment to the detriment of economic growth.

A way to navigate this conundrum is to continue to push for a unified ASEAN cybersecurity framework that fosters a more cohesive regional regulatory environment that supports both security and economic growth. Efforts are already underway to improve regional collaboration through the ASEAN Cybersecurity Cooperation Strategy. However, varying levels of technology development, political priorities and regulatory environments across ASEAN nations make harmonization challenging and these efforts remain a work in progress.

As ASEAN nations continue to grapple with their own national cybersecurity concerns and policies, Singapore should continue to foster and facilitate regional dialogue and information exchange. This involves governments, businesses and industry stakeholders coming together to share best practices and develop collective responses to emerging threats.

 

Singapore can also demonstrate its commitment to capability building by providing training programs, resources and technical support to bolster regional cybersecurity. For example, it can take the lead by expanding successful homegrown initiatives like the Cyber Labelling Scheme, Cyber Trust Mark and cybersecurity toolkits across the region to improve transparency and resilience in critical sectors.

Dilemma of picking sides

Stricter trade restrictions are disrupting cross-border technology access. The push for technology decoupling by major powers is shaking up supply chains, driving up costs and limiting access to critical components.

Companies in Singapore may face the difficult choice of aligning with one technology ecosystem over another. The pressure to comply with trade policies and competing regulations could have a significant impact on their operations and strategic partnerships. Those currently operating across competing technology ecosystems may also be forced to scramble for alternatives. This could potentially lead to businesses adopting less secure or untested alternatives, giving rise to new cybersecurity risks.

Moreover, the lack of standardized protections across competing digital systems creates vulnerabilities, making it easier for cybercriminals to exploit these weaknesses. Forced reliance on multiple suppliers with varying security protocols further widens these gaps, increasing the risk of breaches.

From a cybersecurity perspective, this fragmentation is already evident in cybersecurity nerve centers, where companies with a large geographical footprint often operate security operation centers with separate technology stacks to navigate data sovereignty and export restrictions.

Fundamentally, companies must take proactive steps to safeguard their cybersecurity and operational resilience. They can look to the latest national frameworks like the expanded Cyber Essentials and Cyber Trust certification marks. These now offer targeted guidance on cloud, artificial intelligence and operational technology — key areas of emerging risks. The latest frameworks not only help businesses protect against the most common cyber attacks in these domains but also simplify cybersecurity requirements. By aligning with these frameworks while keeping technology stacks modular and agile, companies can strengthen cyber hygiene practices while navigating the complex and evolving threat environment.


Aligning with national frameworks like the expanded Cyber Essentials and Cyber Trust certification marks that offer targeted guidance on key areas of emerging risks can help companies safeguard cybersecurity and operational resilience.


Additionally, companies can tap into Singapore’s strong innovation ecosystem to develop and test new cybersecurity capabilities. This may include investing in R&D to address evolving threat vectors through programs like the Cyber Security Agency’s annual call for innovation and partnering with specialized security technology providers to enhance their defenses. They may also deploy solutions like zero trust architecture, AI-driven threat detection and secure-by-design frameworks that are tailored to their operating environment.

By staying agile and diversifying their technology dependencies, companies can better mitigate risks, maintain compliance and importantly, build resilience and long-term competitiveness. This would be critical to navigating the evolving intersection of geopolitics and cybersecurity in an increasingly bifurcated world.

This article was first published in The Business Times on 17 May 2025.

Summary

Digital protectionism is fracturing the traditional interconnectedness of a globally shared internet infrastructure, forcing nations and businesses to reassess their technology alignment and dependencies. With this expected to present new cybersecurity challenges, companies need to keep technology stacks modular and agile while aligning with national frameworks that address key areas of emerging risks. They can also tap into Singapore’s strong innovation ecosystem to develop and test new cybersecurity capabilities. Such efforts would help safeguard their cybersecurity and operational resilience.

Related articles

Why CISOs must cultivate a cyber-secure workforce in the age of AI

Explore strategies for creating a cyber-secure workforce in the AI era, focusing on education, governance and operational best practices.

11 Oct 2024 Dan Mellen + 1

How AI navigates third-party risk in a rapidly changing risk landscape

Learn what the 2025 EY Third-Party Risk Management survey reveals about new AI-driven approaches to managing risks in a more volatile environment.

24 Apr 2025 Chris Watson + 1

How can cybersecurity transform to accelerate value from AI?

With AI adoption across business functions booming, CISOs can reposition cybersecurity from the “department of no” to accelerators of AI value. Learn more.

01 May 2024 Richard Watson + 1

    About this article

    You are visiting EY asean (en)
    asean en