INTELLIGENT BRANDS // Enterprise Security

Across APAC, the most attacked industries were financial services, with over 27 billion web attacks, followed by commerce, with over 18 billion web attacks, which correlates with these industries ' accelerated adoption of emerging technologies such as AI.

The report also revealed a 94 % increase in Layer 7( application layer) DDoS attacks during the same period to 7 trillion attacks globally.

This growth trend is also evident in APAC as the region saw a 66 % year-over-year growth in Layer 7 DDoS attacks – the second most targeted region globally – and reached a 24 – month high, peaking at 504 billion in December 2024.

The region experienced 7.4 trillion attacks over the two years, with Singapore recording 4.7 trillion attacks followed by India( 1.1 trillion) and South Korea( 607 billion). The report also revealed that digital media platforms, including social media channels, and commerce were the most impacted sectors in APAC.

“ The surge in web and API attacks across APAC reflects more than just the region ' s rapid digital adoption, it also underscores the urgent need for cybersecurity to evolve rapidly with the growing integration of AI into enterprise ecosystems. As threat actors escalate their attacks in both scale and sophistication, security strategies must thus adapt accordingly,” said Reuben Koh, Director of Security Technology and Strategy, Akamai Technologies APJ.

Region records the highest percentage increase globally, according to Akamai.

That’ s the highest percentage increase globally – with the surge closely tied to the rapid adoption of AI applications expanding the attack surface and increasing the complexity of cyber-attacks.

The APAC countries most targeted by web and API attacks in APJ were Australia( 20.3 billion), India( 17.3 billion) and Singapore( 15.9 billion); followed by Japan( 6.3 billion), China( 6.2 billion), South Korea( 4.9 billion), New Zealand( 2.9 billion) and Hong Kong SAR( 2.2 billion).

In response to the exponential growth of web and API attacks, regulatory bodies worldwide are enforcing stricter cybersecurity compliance requirements and guidelines, including governments across APAC.

Singapore has expanded its cybersecurity bill to expand regulatory oversight; Japan has strengthened its national cybersecurity strategy and laws; India passed the Digital Personal Data Protection Bill; and Australia enacted the Cybersecurity Act 2024, which brings API and applications processing sensitive data under stricter oversight.

With compliance deadlines approaching and enforcement increasing, organisations that delay security improvements risk not only regulatory penalties but also reputational damage, data loss and service outages. Akamai recommends adopting a shift-left security approach, strengthening API governance and deploying AI-powered defenses to detect and mitigate evolving threats. p

68 INTELLIGENTCIO APAC www. intelligentcio. com