Periods of geopolitical tension and economic uncertainty are amplifying cyber risk, as attackers exploit stretched leadership focus and operational strain to quietly infiltrate organisations.
According to BDO Malaysia Executive Director (Cybersecurity and Privacy) Keshvin Singh, most cyber incidents do not begin with alarms but with subtle breaches — a compromised credential, a trusted connection or an overlooked vulnerability.
“These early-stage intrusions are particularly dangerous, as attackers observe systems, map dependencies and identify privileged access while remaining undetected.
“By the time disruptions surface, whether through system outages, data loss or service failures, intruders may already have deep knowledge of the organisation’s environment,” Keshvin said.
While many companies have invested in cybersecurity tools, Keshvin cautions that capability does not equal readiness. Real-world incidents test how quickly abnormal activity can be detected and contained, not whether controls exist on paper.
“Cyber risk becomes a business risk the moment operations are affected,” he notes. Manufacturing delays, failed transactions and customer disruption can quickly escalate into reputational damage, turning a technical issue into a full-blown resilience crisis.
The key differentiator, he stresses, is speed of detection.
The risk landscape is also expanding beyond internal systems. As businesses rely more on cloud platforms, vendors and digital supply chains, attackers are increasingly targeting weaker links in the broader ecosystem. In many cases, breaches originate not within the organisation, but through connected third parties.
This shift is forcing a rethink at the leadership level from checking compliance boxes to understanding real-time exposure and resilience.
Keshvin urges leadership teams to focus on practical, often difficult questions: How frequently detection and response capabilities are tested under real-world scenarios; which systems are truly critical to operations; how quickly a genuine attack would be identified and where current vulnerabilities lie, not historically, but today.
Equally important is assessing third-party risk and determining whether confidence in existing controls is backed by proven performance under pressure.
“These are not just technical considerations. They go to the heart of operational continuity and leadership judgement,” Keshvin emphasised.
Overall, as cyber threats persist and potentially intensify amid global instability, Keshvin highlighted that organisational resilience will depend less on assumed preparedness and more on a clear, evidence-based understanding of risks and response capabilities.
