The recent surge in cybersecurity incidents across the Asia Pacific region is now forcing a redefinition of what constitutes "critical infrastructure." While energy grids, transport systems, and healthcare networks remain key targets, the latest attacks in aviation, retail, and financial services show that any network underpinning public safety, economic activity, or essential services can now be considered critical.
In Australia, the Qantas breach exposed the personal information of over 5.7 million customers via a third-party system. In Singapore, nation-state actors like UNC3886 have been identified as actively targeting systems tied to national infrastructure. In India, ransomware has brought entire hospital systems and telecom providers to a standstill - disrupting care, communication, and public access.
Even Google has now succumbed to a data breach. A growing concern is that this is not limited to large organisations. Cybercriminals are equally targeting small enterprises to gain access to larger corporate systems, as demonstrated by recent breaches of small to mid-size accounting and legal firms.
These threats are also no longer confined to traditional IT environments, especially as digital and physical environments continue to converge. Operational Technology (OT) networks that are used to control machinery, industrial processes, and physical infrastructure are increasingly network-connected and vulnerable.
Unlike IT systems, OT networks often lack built-in redundancy and can’t tolerate downtime, making them uniquely fragile in the face of modern cyber threats.
The increasing and high reliance on digital infrastructure across sectors like banking, retail, and logistics has elevated the criticality of their IT environments. A data centre failure or traffic outage can have the wide-ranging and same societal and economic impact as a disruption to water or energy supply.
- Michael Fisher, Regional Vice President, Asia Pacific and Japan, Garland Technology
The stakes are now higher than ever
As Singapore, India and Australia continue to digitalise core infrastructure and embrace smart systems, ensuring uninterrupted visibility across both IT and OT environments is emerging as a national priority for each country.
Whether it’s a power grid in India, a port terminal in Singapore, or an airline in Australia, cyber resilience now depends on having the right architectural foundation – one that offers full visibility, supports zero-trust principles, and maintains uptime across the entire security stack.
Governments and enterprises are realising the critical need for better network visibility, security and uptime that spans both digital and operational domains. This is because the next wave of attacks won't distinguish between IT and OT, so Asia Pacific organisations need to ensure their cyber defences are ready.
How can you bridge the IT–OT divide
Many organisations still depend on legacy security tools and operate without full packet visibility or the ability to monitor encrypted traffic. Even inline tools that are used to detect threats can create single points of failure if they’re not architected for continuous uptime. This vulnerability is amplified in OT, where patching or updates may require physical access to remote or sensitive facilities.
A way around this lies in adopting highly resilient infrastructure that delivers real-time monitoring with zero disruption. This includes reliable network test access points (TAPs), network packet brokers, and hardware data diodes built for extreme operating conditions, along with inline bypass capabilities that ensure systems remain operational even when security tools fail or require maintenance.
A good example of how this works in an organisational context is electrical utilities. As more electricity providers implement cybersecurity solutions inside substations, additional precautions must also be taken to protect infrastructure from sophisticated attacks.
To address this, utilities need to look at:
- Implementing an intrusion detection system (IDS) that passively monitors network traffic.
- Ensuring that malicious code does not gain access to a substation’s network through the use of cost-effective hardware diodes and data diode TAPs. These provide an additional layer of security before connecting an IDS to a SPAN/Mirror port on a network.
For example, a hardware data diode enforces unidirectional data flow so that information flows from sensitive environments, such as critical infrastructure, without the possibility of inbound threats. This one-way communication preserves the integrity of secure zones. There are situations where the use of SPAN/Mirror ports is still needed to connect the IDS to the substation’s network.
In these instances, it is best practice to connect a hardware data diode between the SPAN/Mirror port and the IDS to pass the mirrored data onto the IDS sensor. This is because hardware data diodes eliminate bidirectional traffic flow, ensuring that no data is passed back into the Switch’s SPAN/Mirror port.
In utilities and other key infrastructure, the use of inline bypass solutions is crucial in enabling organisations to update, test or maintain inline cybersecurity tools without taking them offline and risking exposure to potential cyberattacks.
Inline bypass tools are also designed to ensure full network traffic visibility while minimising disruption during system updates and maintenance.
With the line between what is and isn’t critical infrastructure continuing to blur, one thing is clear: future-readiness demands full-spectrum visibility, operational uptime, and the resilience to respond to the unexpected.
The question that C-level executives of Asia Pacific organisations must now be prepared to answer confidently is whether their IT architecture is resilient enough to withstand a sophisticated cyberattack.
Michael Fisher is the Regional Vice President Asia Pacific and Japan, Garland Technology
