impersonation are accelerating in Singapore and across APAC, with an overwhelming 85 % of Singaporeans recognising that phishing attempts are becoming more sophisticated.
To combat these rising threats, organisations will begin treating identity security the way they approach networks or data centres- as critical systems for business operations which require hardened, resilient components. Organisations across finance, critical infrastructure, and the public sector will increasingly lean on phishing-resistant tools like passkeys and hardware-backed credentials for strong multi-factor authentication( MFA), Zero Trust and privileged access.
For 2026, the priority is clear for organisations across APAC: shrink credential‐theft risk by focusing on building phishing-resistant users throughout the company, and build trust in a region where Digital Transformation continues to out‐pace legacy‐era security models. The companies that adapt fastest will be those treating identity not as an IT feature, but as core infrastructure.
Tim Ensor, GM Intelligence Services at Cambridge Consultants
No silver bullet for sensitive AI data are fooled by certain social engineering tactics. Instead, new engaging training methods will be combined with a fundamental shift in mindset. Building a culture of shared ownership, where all employees feel able to speak out about mistakes, will be essential as the first line of defence in combating social engineering attempts.
Geoff Schomburgk, Vice President, Asia Pacific and Japan at Yubico
Identity underpins trust in 2026
2026 will be the year identity becomes infrastructure. AI-driven phishing and deepfake
2026 will be the year identity becomes infrastructure.
We definitely do see some challenges in being able to train AI in enterprise and government sectors settings as well on the basis of the fact that the data we need to train the models is in some way sensitive. Some examples of that would be is things like Federated Learning where you train models locally at the edge and then rather than centralising all the data, you centralise the weights of the model.
Other ways that we try and solve this problem is by trying to train an AI model on analogous settings. At the moment it doesn’ t completely solve the problem though, and I would say that this is a challenge in those domains where the specific use case relies upon, for example, large numbers of healthcare images.
One of the ways of dealing with that is that people in that specific sector are going through the necessary kind of approvals and authorisation processes to be able to get access to the data. But clearly it’ s a laborious process. There isn’ t unfortunately a silver bullet for how you solve this problem because managing consumer and individual data appropriately is absolutely critical.
WWW. INTELLIGENTCISO. COM 27