IT Brief Asia - Technology news for CIOs & IT decision-makers
Asia

Guides

#
artificial intelligence
#
digital transformation
#
disaster recovery
#
hybrid & remote work
#
internet of things

Search

Computer network multiple digital shields abstract automated security icons vigilant monitoring cyber defense
#
Advanced Persistent Threat Protection
#
EDR
#
XDR

Situational awareness & automation key to modern cyber defence

Wed, 3rd Dec 2025
Author image
By Melania Watson, Interview Editor

Organisations are facing increasingly targeted and complex cyberattacks that challenge the effectiveness of traditional security strategies.

Experts in the cybersecurity sector highlight the importance of situational awareness as a key component for organisations aiming to establish a more proactive defence posture against modern threats.

Changing threats

Cyber attackers are making use of stealth, speed, and advanced methods to exploit vulnerabilities in digital infrastructure. As technology evolves, so does the sophistication of tools available to malicious actors, making it more difficult for organisations to anticipate and counter threats using standard monitoring techniques alone.

Situational awareness is being recognised as a crucial step for organisations to accurately map their exposure to risk, understand the tactics of potential attackers, and focus defensive efforts on the parts of their business most likely to be targeted.

Shift to proactivity

"Having situational awareness moves security teams beyond simply reacting to alerts and into a proactive and pre-emptive zone. When they understand how an attacker thinks and what they value, they can design defences that make intrusion far more difficult, turning cybersecurity from a reactive process into a deliberate, informed practice," said Grant Hutchons, APAC Director for Managed Security Services Engineering, Trustwave.

Industry frameworks, such as MITRE ATT&CK and guidelines from the National Institute of Standards and Technology, offer structured ways for security teams to catalogue and counter attack techniques. These tools can help organisations identify recurring attack patterns relevant to their sector, allowing them to tailor their defences according to assessed threats.

Role of automation

Artificial intelligence is having a growing impact on cyber threat analysis. AI-driven tools are capable of quickly summarising vast reports, scanning for important threat information, and recommending appropriate defensive measures. Automation accelerates the process and allows security professionals to focus on the more strategic aspects of cyber defence.

"Automation speeds up analysis and supports decision-making, letting security teams focus on testing and strengthening their systems instead of getting lost in endless data. The combination of human expertise and automation gives defenders a more complete view of potential risks," said Hutchons.

Monitoring and testing

Effective cyber defence relies not only on awareness but also on swift detection of abnormal activity within networks. By establishing a baseline for usual network behaviour, organisations can more easily identify and respond to anomalies that may signal compromise. Visual tools such as traffic dashboards and alerts about unusual user behaviour support this approach.

Further resilience can be achieved through 'Red Team' exercises. These simulated attacks, conducted by internal staff or external specialists, are designed to mimic real cyber incidents. They expose system weaknesses that might evade regular monitoring and help organisations strengthen their response procedures without suffering the loss or disruption of a genuine cyber breach.

Deception defences

Another method gaining attention involves the use of deception. Deception strategies, such as honeytokens and honeypots, aim to mislead attackers and alert security teams to unauthorised activity at an early stage. These tactics enable defenders to gather intelligence on attacker behaviour, adding another valuable layer to incident response capabilities.

"Deception changes the balance of power. It turns an attacker's curiosity into an advantage for defenders by revealing exactly how they operate. Modern cybersecurity platforms, such as endpoint detection and response (EDR) or extended detection and response (XDR) systems, are beginning to include these techniques. Some can automatically isolate suspicious users or devices when a potential threat is detected, stopping attacks before they spread. Combining automation with deception creates a faster and more intelligent response to incidents that might otherwise go unnoticed," said Hutchons.

Continuous adaptation

The landscape for cyber threats continues to evolve. Organisations are under pressure to update security measures continuously and regularly review and test their procedures to meet emerging risks. Those who develop strong situational awareness and complement it with practical threat testing and active defence are understood to be better positioned for resilience against future cyber incidents.

"The most effective defenders are those who stay alert and adaptable. By understanding how attackers operate and applying that knowledge through technology, testing, and strategy, organisations can strengthen resilience and respond to threats with confidence," said Hutchons.
Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Industrial firms face AI growth drag from talent gaps
Advancing our secure by design pledge: What’s new in SonicOS 7.3 and NSM 3.1
AI projects face long delays amid rising security risks
When music and AI make ‘Medtech Magic’
Vertiv to build AI-focused data centre plant in Johor

Top stories

AI-native attacks drive shift to continuous cyber tests
ThoughtSpot unveils AI agents to automate analytics
Cybersecurity, AI set to shake IT leaders in 2026
Armis, KODE & IntelliBuild unite to secure smart buildings
AI agents spark new identity security fears for 2026