The Evolution of Digital Trust in the Age of AI

Digital trust is the cornerstone upon which modern enterprises build their innovation and security strategies. In today’s rapidly evolving technological landscape, where artificial intelligence (AI) is increasingly interwoven into business operations, the need to establish and maintain digital trust has never been more critical. 

Southeast Asia is at the forefront of a digital revolution—with internet penetration and smartphone usage skyrocketing—creating immense opportunities while also ushering in significant cyber security challenges. According to the 2024 ASEAN Enterprise Innovation Survey, 39% of respondents now identify cyber security as a challenge to digital transformation.

The recently concluded AIBP Insights: The Evolution of Digital Trust in the Age of AI brought together industry leaders from across ASEAN to explore these challenges and opportunities. The session delved into how enterprises can adapt their cyber security frameworks in an era defined by both remarkable opportunity and unprecedented risk. As companies across the region accelerate their digital transformation efforts, the increasing need for robust identity-based security measures—specifically Identity and Access Management (IAM) and Privileged Access Management (PAM)—has become evident. These measures are crucial not only for safeguarding digital assets but also for ensuring compliance with evolving regulations.

The collective experience from Raditio Ghifiardi (VP of Security Strategy & Architecture at Indosat Ooredoo Hutchison), Suresh Sankaran Srinivasan (Group Head – Cyber Security & Data Privacy at Axiata), Azril Rahim (Head of Cyber Threat Intelligence Management at Tenaga Nasional Berhad), and Marcus Guan (Senior Manager, Pre-Sales Greater ASEAN at Okta), provided a comprehensive view of how digital trust is evolving amidst the surge in AI adoption and other emerging technologies. Through a detailed examination of current trends and future forecasts, the panel illuminated how enterprises can build resilient digital ecosystems that not only respond to current threats but also anticipate and mitigate future challenges in a rapidly changing environment.

Key takeaways:

• AI as an Enabler and a Challenge
  AI is transforming IAM, fraud detection, and threat intelligence by automating risk analysis and detecting anomalies, but concerns over ethical AI deployment remain.

• Mitigating Human-Centric Cybersecurity Risks
  Human errors remain a major vulnerability. A "trust by design" approach and continuous security education are essential for reducing risks like phishing and insider threats.

• Transparency and Privacy as Pillars of Digital Trust
  Companies must proactively communicate data practices and comply with evolving regulations to strengthen consumer trust and ethical AI governance.

• Integrating Cybersecurity with Business Strategy
  Embedding cybersecurity into business strategy helps mitigate financial losses, protect brand reputation, and prevent operational disruptions from cyber threats.

• Navigating a Complex Threat Landscape
  Businesses must invest in quantum-resistant encryption, agile security frameworks, and continuous monitoring to stay ahead of emerging cyber threats.

• The Role of Collaborative Ecosystems in Strengthening Digital Trust
  Information sharing and joint threat intelligence initiatives will enhance cybersecurity resilience, requiring stronger partnerships across industries and governments.

AI as an Enabler and a Challenge

Across ASEAN, digital transformation initiatives have spurred the integration of AI into core cyber security functions. Enterprises are leveraging AI not only for traditional applications such as fraud detection and network monitoring but also for advanced identity and access management (IAM) solutions. These systems can automate risk analysis, identify anomalies in user behaviour, and reduce reliance on manual intervention—capabilities critical for preempting and mitigating sophisticated cyber threats including deepfakes, AI-generated phishing campaigns, and real-time social engineering attacks. For instance, IAM solutions with MFA and strong authentication protocols can help prevent phishing attacks by making it more difficult for attackers to steal credentials.

Marcus explained that AI-driven identity verification is critical for enhancing digital trust. He noted that automating risk analysis and anomaly detection helps prevent identity-based attacks. Suresh added that cyber security must be integrated with a company’s broader digital strategy, emphasizing that Axiata’s digital trust framework—developed as early as 2018—has evolved to include AI, automation, and emerging technologies such as quantum computing.

Mitigating Human-Centric Cyber Security Risks

The panel stressed that effective cyber security is as much about people as it is about technology. While technology evolves rapidly, human error remains one of the largest vulnerabilities in cyber security. Even the most advanced systems can be compromised if employees are not adequately trained to recognise and counter social engineering tactics. That is why phishing training is essential to education employees on what to look out for and what to do if a phishing attack is suspected to be happening.

Raditio highlighted that security should be embedded in every layer of an organisation. He described the “trust by design” approach at Indosat Ooredoo Hutchison, where security measures are integrated from the development phase rather than treated as an afterthought. Azril detailed how threat intelligence, categorized into strategic, operational, and technical domains, plays a pivotal role in addressing vulnerabilities. He explained that actionable intelligence enables his team at Tenaga Nasional Berhad to detect potential threats and respond swiftly, thereby reducing the impact of human-centric risks such as insider threats and credential-based attacks.

To further mitigate these risks, organisations are increasingly adopting adaptive authentication measures and identity-driven security frameworks that assess risk factors such as user behaviour, location, and device integrity. Solutions like those offered by Okta, which incorporate risk-based authentication and intelligent access controls, help organisations dynamically adjust security measures while maintaining user convenience.

Transparency and Privacy as Pillars of Digital Trust

In an era where data is one of the most valuable assets, transparency in data collection, processing, and storage is fundamental to maintaining user trust. Suresh emphasized that clear privacy safeguards and ethical AI governance are essential components of any robust digital trust framework. He stressed that regulatory compliance must extend beyond merely meeting legal requirements; it should involve actively communicating data practices to build lasting trust with users.

Marcus pointed to decentralized identity systems as a promising approach for redefining trust ecosystems. By enabling users to maintain control over their personal data rather than relying on centralized databases, businesses can significantly reduce vulnerabilities and reinforce digital trust. He believes that such models not only bolster security but also align with the growing consumer demand for privacy and transparency.

Integrating Cyber security with Business Strategy

A key insight from the discussion was the importance of aligning cyber security strategies with overall business objectives. Suresh Sankaran Srinivasan shared how his organisation integrated cyber security planning with their broader digital transformation journey. By embedding security within the company’s strategic vision, Axiata was able to deploy cutting-edge technologies while ensuring robust security measures were in place from the beginning. This integration minimizes risk and fosters innovation, empowering employees to explore new digital solutions within a secure framework.

Similarly, Raditio explained that at Indosat Ooredoo Hutchison, embedding security in the developmental phase allows the organisation to implement advanced technologies with confidence. Merging business strategy with cyber security is not merely an operational necessity but a strategic imperative that drives long-term growth.

For businesses, failing to integrate cyber security into their strategy can lead to severe consequences:

• Financial losses: Security compromises such as business email compromise (BEC) attacks can lead to significant financial losses through fraudulent fund transfers, bogus invoices, and unauthorized access to sensitive financial information.

• Reputational damage: Cyberattacks can erode customer trust and tarnish a company’s brand reputation, leading to long-term business sustainability challenges.

• Operational Disruptions: For critical infrastructure providers cyber attacks may disrupt essential business operations. As Azril highlighted, any downtime or network interruption immediately raises suspicions of a cyber attack, leading to extensive investigations before normal operations can resume.

By proactively embedding cyber security within their strategic vision, businesses can mitigate these risks while enabling secure innovation. Organisations that align their security strategies with business growth not only protect their assets but also build a strong foundation of digital trust that drives long-term success.

Navigating a Complex Threat Landscape

Looking ahead, the panelists unanimously agreed that the cyber security landscape will continue to evolve, driven by both technological advances and emerging threats. Investments in AI-driven security solutions, agile IAM frameworks, and proactive regulatory compliance are expected to become even more critical. Suresh Sankaran Srinivasan mentioned that as quantum computing approaches mainstream adoption, organisations must begin considering quantum-resistant encryption to safeguard their data. 

Azril reinforced that businesses need to adopt agile security frameworks that can evolve alongside emerging threats. Meanwhile, Ghifi highlighted the importance of continuous monitoring systems (such as dashboards) that provide real-time analytics and insights—tools that enable organisations to adjust defenses dynamically and mitigate risks before they escalate into significant issues.

The Role of Collaborative Ecosystems in Strengthening Digital Trust

An emerging theme from the session was the significance of collaboration. Cyber security is a shared responsibility that extends beyond the boundaries of individual organisations. By partnering with technology providers, industry bodies, and government agencies, businesses can contribute to a more secure digital ecosystem. Collaborative initiatives, such as information-sharing platforms and joint threat intelligence programmes, were highlighted by Azril as essential tools in combating cybercrime.

Ghifi explained that participation in cross-industry collaborations not only enhances threat detection and response times but also fosters a culture of mutual trust and accountability. This collective approach is vital for ASEAN enterprises, which are increasingly relying on digital transformation to drive growth. The ability to share insights and best practices across industries will, in turn, strengthen the overall digital trust framework throughout the region.

Conclusion

The AIBP Insights session provided a vital platform for ASEAN enterprises to explore the intricate balance between innovation and security. As businesses continue to integrate AI and other emerging technologies into their operations, maintaining digital trust will require a multifaceted approach—one that encompasses advanced technical safeguards, comprehensive employee training, transparent data practices, and a collaborative mindset.

For enterprises in the ASEAN region, the journey to digital trust is ongoing. It demands a proactive stance, an investment in advanced cyber security measures, and a commitment to continuous learning and collaboration. As demonstrated at the AIBP Insights session, the future of digital trust lies in an integrated approach that balances innovation with robust security practices. The increasing need for identity-based security measures—such as Identity and Access Management (IAM) and Privileged Access Management (PAM)—is becoming more apparent, driven by rising cybercrime, rapid digitalization, and evolving regulatory requirements. By implementing IAM and PAM solutions, organisations can strengthen access control, mitigate insider threats, and ensure compliance with industry regulations.

In a world where digital transformation is accelerating, the ability to balance innovation with comprehensive security measures is not merely an operational challenge—it is a strategic imperative. As Southeast Asia continues its digital transformation journey, a proactive and collaborative approach to cyber security will be essential to ensure a secure and prosperous digital future. Embracing this integrated approach to digital trust will ultimately empower businesses to thrive in an increasingly complex and interconnected digital landscape while safeguarding their critical assets and maintaining regulatory compliance.

You may be interested in a podcast episode with the Chief Risk and Compliance Officer of Axiata Group, Mr. Abid Adam, available on Spotify here. He discusses the key metrics he tracks, the difficult decisions he's faced, and the delicate balance between risk management and spearheading digital transformation in Axiata's operating markets.

If you are interested to be involved or participate in our upcoming activities, do drop us a note at aibp@industry-platform.com