Asia-Pacific is emerging as the most targeted region for cyberattacks, with financial institutions becoming the primary focus of increasingly sophisticated phishing and fraud attempts. Frankie Shuai, APAC Chief Information Security Officer at DWS Group of Deutsche Bank, noted that the region’s banking sector, while rapidly digitizing, is exposing itself to heightened risks. He highlighted that financial services are the second most targeted globally, with nearly one in four cyberattacks directed at institutions within the sector. This reflects how the expansion of digital infrastructure across APAC has created both opportunities and vulnerabilities for banks and their customers.
Shuai explained that the shift to digital platforms has significantly expanded what he termed the “attack surface.” Financial data migrating to cloud systems, employees connecting to corporate networks from any location and on multiple devices, and the proliferation of digital touchpoints are creating more openings for cybercriminals. Supplier integrations, online transactions, and new digital channels have multiplied entry points that attackers can exploit. This expanding landscape requires financial institutions to adopt more resilient security strategies that match the scale and speed of their technological adoption.
Technology is driving innovation in banking but also empowering cybercriminals with advanced tools. Shuai warned that phishing, malware, ransomware, and fraud campaigns are becoming more sophisticated through artificial intelligence. He emphasized that criminals are also on their own digital transformation journeys, using AI and machine learning to develop and deliver attacks. AI-generated phishing scams are now able to mimic authentic communication with better grammar, tailored messaging, and mass distribution capabilities, making them harder to detect and more effective than traditional methods used in the past.
Regulators and industry leaders across APAC are being urged to strengthen cyber rules to address these developments. Shuai stressed that financial institutions must integrate compliance strategies early in the innovation process to protect systems and data without stifling growth. He pointed out that agile approaches can help organizations strike a balance between regulation and innovation by identifying weaknesses during pilot phases and addressing them before full-scale deployment. This proactive stance allows banks to adapt to evolving threats while maintaining operational efficiency and regulatory alignment.
Shuai’s perspective highlights an urgent need for APAC’s financial sector to view cybersecurity not as a constraint but as a core component of digital transformation. By embedding compliance and resilience into their systems from the outset, banks can mitigate the risks associated with the rising sophistication of cybercrime while continuing to meet customer expectations for secure, accessible, and innovative financial services.
Follow the SPIN IDG WhatsApp Channel for updates across the Smart Pakistan Insights Network covering all of Pakistan’s technology ecosystem.
