In this CSO ASEAN Executive Session, Editorial Director Estelle Quek speaks with Michael Montoya, Chief Operating Officer at BlueVoyant, to unpack the evolving cybersecurity landscape in Southeast Asia. With over 25 years of experience in cybersecurity leadership. Montoya offers a grounded perspective on how organizations in the region can build resilience amid rising threat sophistication, regulatory fragmentation, and persistent talent shortages. 

Montoya highlights the growing impact of ransomware, state-sponsored attacks, and third-party breaches, noting that 81% of organizations surveyed experienced vendor-related incidents in the past year. He emphasizes the importance of adopting a Zero Trust architecture, continuous third-party risk monitoring, and aligning cybersecurity strategies with global standards such as NIST and ISO 27001 to navigate ASEAN’s diverse regulatory environment. 

The conversation also explores how AI and machine learning are reshaping both offensive and defensive cyber capabilities. Montoya underscores the need for organizations to combine AI-driven threat detection with human expertise to stay ahead of adversaries leveraging generative AI for phishing, impersonation, and deepfake attacks. 

For organizations operating under budget constraints, Montoya recommends framing cybersecurity investments in terms of cost avoidance, regulatory compliance, and operational continuity. He also calls for stronger public-private collaboration, ongoing cyber education, and scalable partnerships to address the region’s cybersecurity talent gap. This dialogue offers CISOs and technology leaders in Southeast Asia a pragmatic roadmap for enhancing digital resilience in a high-growth, high-risk environment.