Southeast Asian nations collaborate on new AI cybersecurity initiative

ASEAN bolsters cybersecurity collaboration in response to evolving threats: Southeast Asian nations have reaffirmed their commitment to multilateral cooperation in strengthening the region’s cyber defenses, with the launch of a physical Computer Emergency Response Team (CERT) facility in Singapore.

• The ASEAN Regional CERT was officially inaugurated during the 9th ASEAN Ministerial Conference on Cybersecurity, held in conjunction with the Singapore International Cyber Week 2024.
• Singapore, as the current chair of the ASEAN Digital Ministers’ Meeting, will fund and host the CERT facility for up to 10 years, with operational costs estimated at $10.1 million over the decade.
• The physical CERT builds upon the virtual ASEAN CERT launched in October 2022, which has served as a platform for analysts and incident responders from member states.

Key objectives and functions of the regional CERT: The new facility aims to enhance information sharing and capacity building among ASEAN members in the face of growing cyber threats.

• The CERT will facilitate the exchange of threat intelligence and best practices among member states, particularly focusing on cyber threats and online scams.
• It will maintain a regional network of cybersecurity experts and organizations, supporting national CERT capacity building efforts.
• The facility will provide a dedicated space for in-person activities, including cyber exercises and CERT-CERT cyber capacity-building programs.

Evolving threat landscape and regional challenges: ASEAN nations face an increasingly complex cybersecurity environment, with new threats emerging alongside rapid digital growth.

• Ransomware attacks and cybercriminal activities, including those by new groups like RansomHub and Brain Cipher, pose significant challenges to the region.
• Government entities and services are prime targets for cybercriminals seeking notoriety and substantial payouts.
• The ASEAN digital economy is projected to grow from $300 million to $1 trillion by 2030, with a collective population of almost 700 million, many of whom are young, educated, and tech-savvy.
• Rapid adoption of new technologies has expanded the attack surface area for ASEAN member states.

Collaborative initiatives and frameworks: ASEAN countries are implementing various measures to strengthen their collective cybersecurity posture.

• The group has formally supported the ASEAN Norms Implementation Checklist, building upon UN efforts to implement voluntary, non-binding norms of responsible State behavior in ICT use.
• The checklist identifies practical steps for government agencies to implement norms and corresponding capacity-building activities.
• ASEAN has pledged to subscribe in principle to the 11 norms of responsible State behavior in cyberspace from the 2015 UN Group of Governmental Experts consensus report.

National efforts and future plans: Individual ASEAN member states are also taking steps to enhance their digital security and trust frameworks.

• Malaysia plans to launch its National AI Office in November to develop safeguards and frameworks for sustainable and ethical AI practices.
• The country will introduce a Data Sharing Bill to create a regulatory framework for sharing public sector data.
• Malaysia intends to establish a Digital Trust and Safety Commission to govern digital trust, security, and data governance.

Broader implications for regional cybersecurity: The collaborative efforts of ASEAN nations underscore the importance of international cooperation in addressing borderless cyber threats and building a trusted cyberspace.

• The establishment of the physical CERT facility and implementation of shared norms demonstrate a unified approach to tackling cybersecurity challenges in the region.
• As ASEAN’s digital economy continues to grow, these initiatives will play a crucial role in safeguarding the region’s digital future and fostering trust in the expanding ecosystem of platforms, apps, and services.
• The focus on capacity building and information sharing may help bridge the cybersecurity gap between more advanced and developing nations within ASEAN, potentially leading to a more resilient regional cyber defense.