• Organisations in Singapore struggle with increased cyberattacks.
• Rapid cloud adoption, AI-driven data growth, and identity-based threats create new challenges.

Organisations in Singapore are reporting a sharp rise in cyberattacks, with 91% of IT and security leaders saying they experienced breaches over the past year, according to new research from Rubrik Zero Labs.

The study, The State of Data Security in 2025: A Distributed Crisis, points to hybrid environments and cloud adoption as important factors creating new vulnerabilities that many organisations still struggle to address.

Managing data was simpler when information was stored largely on in-house servers or individual computers connected to a single network. Today, data flows between multiple devices and networks, with sensitive information spread between on-premises systems and a growing number of cloud platforms.

As businesses expanded their use of cloud services to meet operational needs, the complexity of managing and securing data increased dramatically. According to Allied Market Research, 89% of organisations now rely on multiple cloud platforms; hybrid and multi-cloud strategies have become common.

The shift has forced IT and security teams to rethink how they track and protect corporate data. With information scattered in globally-distributed systems, understanding where important data resides – and how securely it is stored – has become a challenge.

Threat actors have adapted too. The broader move toward cloud infrastructure, remote workforces, and identity-driven access has opened new opportunities for attackers. Instead of relying solely on malware, attackers exploit valid credentials using social engineering, and carry out hands-on-keyboard intrusions, their methods evolving to match the complexity of modern environments.

The CrowdStrike 2025 Global Threat Report highlights these changes, noting a 26% increase in new or unattributed cloud intrusions compared to the previous year.

Attackers are also getting faster: the average breakout time for interactive cyberattacks dropped to 48 minutes in 2024, meaning defenders have even less time to detect and contain breaches. Sheena Chin, Managing Director for ASEAN at Rubrik, said the ongoing growth of cloud adoption is reshaping operations and expanding the attack surface.

“As more sensitive data moves to the cloud, cyberattackers are broadening their tactics to exploit hybrid cloud vulnerabilities,” she said. Chin added that organisations need a “data-first” approach to security that focuses on protecting the most important information before it can be compromised.

Attack frequency and impact are rising

Cyberattacks are becoming a routine issue for many businesses. Nearly one-fifth of organisations in Singapore reported experiencing more than 25 cyberattacks in 2024 – averaging a breach about every two weeks. The most common types of attacks were:

• Malware on devices (38%)
• Phishing attempts (32%)
• Insider threats (31%)
• Cloud or SaaS breaches (26%)
• Data breaches (23%)

The impact of attacks is wide-ranging. Thirty-eight per cent of affected organisations reported reputational damage and a loss of customer trust, while 37% said their security costs increased. In 33% of cases, cyber incidents led to leadership changes.

AI, cloud adoption, and data complexity pose new risks

As organisations move sensitive workloads into hybrid environments, managing and securing data has become more complicated. Rubrik’s report found that 92% of IT and security leaders are working with hybrid clouds, and half of their workloads are now cloud-based. Key challenges include:

• Securing data in different environments (42%)
• Meeting compliance and privacy regulations (36%)
• Managing environments without central oversight (34%)

Rubrik telemetry data shows that 36% of sensitive files are considered high-risk. Files often contain personally identifiable information (PII) like social security numbers, digital assets like source code, or proprietary business data.

Ransomware and identity threats are growing in complexity

Ransomware remains a persistent concern for Singapore organisations. Among those hit by ransomware last year, 95% admitted to paying a ransom to recover their data. Threat actors were able to partially compromise backup systems in 75% of cases, and fully compromise them in 38% of cases.

Identity threats are also getting more common, fuelled by the complexity of managing multiple platforms. With 91% of organisations in Singapore using between two and five cloud or SaaS providers, attackers are target identity and access management gaps. Insider threats – often linked to compromised credentials – were cited by 31% of IT leaders in the country.

Rubrik’s data further revealed that 27% of high-risk files contain digital information like API keys, usernames, and account numbers; prime targets for cybercriminals.