Detection gaps widen as AI-fuelled attacks reshape cybersecurity in the region

The study, commissioned by Fortinet, highlights how attackers are rapidly adopting AI to scale stealthy, fast-moving attacks, leaving security teams struggling to detect and respond in time. The results reveal a threat landscape that is evolving in complexity and shifting towards gaps in visibility, governance, and infrastructure, posing greater challenges to overstretched cyber teams.

The rise of AI-enabled cybercrime is no longer theoretical. Nearly 52 per cent of organisations In Vietnam said that they have encountered AI-powered cyber threats in the past year. These threats are scaling fast, with a 2X increase reported by 54 per cent and a 3X increase by 36 per cent of organisations.

This new class of AI-powered threats are harder to detect and often exploit weaknesses in human behaviour, misconfigurations, and identity systems. In Vietnam, the top AI-driven threats reported include AI-assisted credential stuffing and brute force attacks, AI-enabled social engineering attacks, deepfake impersonation in business email compromise, automated reconnaissance of attack surfaces, and adversarial AI, and data poisoning.

Despite the rise in AI-driven attacks, 8 per cent of organisations say they are very confident in their ability to defend against them. Meanwhile, 30 per cent admit that AI threats are outpacing their detection capabilities, and 33 per cent of organisations in Vietnam have no ability to track AI-powered threats at all, exposing a significant preparedness gap.

The cybersecurity landscape is no longer defined by episodic crises, it is a state of constant exposure. Organisations in Vietnam are increasingly vulnerable to threats that operate in the shadows. The most reported threats include ransomware (64 per cent), software supply chain attacks (58 per cent), cloud vulnerabilities (56 per cent), insider threats (52 per cent), and unpatched and zero-day exploits (50 per cent).

The most disruptive threats are no longer the most obvious. Topping the list are unpatched and zero-day exploits, followed closely by insider threats, cloud misconfigurations, software supply chain attacks, and human error. These threats are particularly damaging because they often go undetected by traditional defences, exploiting internal weaknesses and visibility gaps. As a result, these quieter, more complex risks are now viewed as more dangerous than well-known threats like ransomware or phishing.

Traditional threats such as phishing and malware are still growing at ~10 per cent, but this is comparatively modest, likely due to mature defences like endpoint protection and awareness training. In contrast, the fastest-rising threats include ransomware (32 per cent), cloud vulnerabilities (28 per cent), IOT/OT attacks (24 per cent), supply chain attacks (22 per cent), and unpatched and zero-day exploits (20 per cent). These threats are scaling rapidly because they exploit gaps in governance, visibility, and system complexity, making them harder to detect and potentially more damaging when successful.

The consequences are no longer limited to downtime. The top business impacts of cyberattacks include operational disruption (58 per cent), data theft and privacy violations (54 per cent), loss of customer trust (50 per cent), and regulatory penalties (20 per cent). Financial damage is also real: 44 per cent of respondents experienced breaches that resulted in monetary loss, with one in four costing over $500,000.

Simon Piff, research vice-president at IDC Asia-Pacific said, “The findings of this survey point to a growing need for AI-accelerated defence strategies across the region. Organisations are facing a surge in stealthy, complex threats, from misconfigurations and insider activity to AI-enabled attacks, that bypass traditional detection methods. A shift towards integrated, risk-centric cybersecurity models is critical to staying ahead. In this new threat landscape, reactive security is no longer enough, predictive, intelligence-driven operations must become the norm.”

Security teams in Vietnam continue to face significant resource constraints. On average, just 7 per cent of an organisation’s workforce is dedicated to internal IT, and only 13 per cent of that subset is focused on cybersecurity. That equates to less than one full-time cybersecurity professional for every 100 employees.

Only 15 per cent of organisations have a standalone chief information security officer, and most (63 per cent) continue to combine cybersecurity responsibilities with broader IT roles. Just 6 per cent of organisations have specialised teams for functions like threat hunting and security operations.

These lean teams are also facing mounting pressure from the surge in threats. The top challenges reported include overwhelming threat volume (54 per cent), difficulty in retaining skilled cybersecurity talent (52 per cent), and tool complexity (44 per cent), leading to burnout and fragmentation within cyber teams.

Nguyen Gia Duc, country manager at Fortinet Vietnam, said, “Complexity is now the new battleground in cybersecurity, and AI is both the challenge and the frontline defence. As threats grow quieter and more coordinated, Fortinet is helping organisations across Vietnam stay ahead with a unified, platform-based approach that brings together visibility, automation, and resilience. In today’s threat environment, speed, simplicity, and strategy matter more than ever. Our focus is on helping customers shift from piecemeal defences to AI-powered security that’s built for scale and sophistication.”

Despite increased awareness, cybersecurity investment remains disproportionately low. On average, just 15 per cent of IT budgets are allocated to cybersecurity, representing just over 1.4 per cent of total revenue, a small fraction given the scale and severity of threats.

However, budgets are ticking up, with nearly 90 per cent of organisations in Vietnam reporting an increase. However, most of these increases remain under 10 per cent, suggesting that investment is still cautious.

Organisations are increasingly shifting from infrastructure-heavy spending to more strategic investments. The top five priorities include identity security, network security, SASE/Zero Trust, cyber resilience, and cloud-native application protection, indicating a shift towards access-centric, risk-based security planning.

However, critical areas such as OT/IoT security, DevSecOps, and security training continue to receive limited funding, indicating a persistent lag in addressing operational and human-layer vulnerabilities.

Rashish Pandey, vice president of marketing and communications for Asia and ANZ, said, “As cyber threats grow more covert and coordinated, we’re seeing a clear shift in how organisations approach cybersecurity investment. The focus is moving beyond infrastructure to more strategic areas like identity, resilience, and access. At Fortinet, we’re helping customers reframe cybersecurity as a long-term business enabler, not just a line of defence. Our platform brings the scale, intelligence, and simplicity needed to adapt and thrive in this new reality.”

The Ministry of Science and Technology (MoST) held Vietnam Science and Technology Day 2025 in Hanoi on May 16, highlighting the importance of innovation and the digital transformation to Vietnam’s future development.

As Vietnam's digital economy grows, Palo Alto Networks is redefining cybersecurity with 'Precision AI', unveiling smarter, real-time defence strategies to counter the nation’s rapidly evolving threat landscape.

Dassault Systèmes, a global leader in 3D design, engineering software, and virtual twin experiences, reaffirmed its commitment to Vietnam's digital transformation journey as a Diamond Sponsor of the French Tech Summit Vietnam 2025.