Cyber resilience is no longer measured by whether an organisation experiences an attack, but by how quickly it can detect, contain, and recover from one. A major cyber incident involving a leading telecommunications operator in Asia during 2025 serves as a stark reminder of the scale and consequences such events can have. The breach reportedly affected tens of millions of users and triggered significant operational, financial and reputational consequences. While the incident occurred outside Malaysia, its lessons are highly relevant to telecommunications operators and critical infrastructure providers everywhere.

As digital ecosystems become increasingly interconnected, organizations must continuously strengthen resilience across governance, detection, response and third-party risk management. The challenge is not simply preventing attacks, but ensuring that organizations can respond effectively when incidents occur.

Exposure is not inevitability

Malaysia’s telecommunications sector is highly digitalized and interconnected, which naturally increases exposure to cyber threats. However, exposure does not equate to inevitability.

The key cybersecurity risks facing telecommunications operators today include data breaches, ransomware, supply chain compromise, identity misuse and attacks targeting critical systems. Increasingly, these risks extend beyond core networks into cloud environments, application programming interfaces (APIs) and broader third-party ecosystems.

At the same time, artificial intelligence is changing the threat landscape. Cybercriminals are increasingly leveraging frontier AI to automate reconnaissance, enhance phishing campaigns, support social engineering attacks and accelerate vulnerability discovery. These capabilities reduce the cost and effort required to conduct attacks at scale, enabling threat actors to operate with greater speed and sophistication.

For telecommunications operators, the challenge extends beyond protecting customer information. They must also ensure service availability, operational continuity and public confidence. This responsibility is particularly important given the critical role telecommunications infrastructure plays in supporting economic activity, public services and national connectivity.

Resilience must be tested in practice

Against this backdrop, operators should focus on several priority areas to strengthen resilience. These include privileged access control, network segmentation, encryption of sensitive information, enhanced monitoring of critical systems and rapid remediation of identified vulnerabilities.

However, technical controls alone are not enough. Organizations must also address more fundamental questions about how environments are designed, managed and monitored.

Are customer data systems appropriately segregated from operational environments? Are identity management platforms sufficiently protected? Are critical systems continuously monitored for indicators of compromise? If the answer is not a clear yes, further work is required.

Detection speed is equally critical. In today’s threat environment, breaches must be identified in days rather than months. Achieving this requires centralized logging, behavioural monitoring, threat intelligence integration and clearly defined incident response processes.

Most importantly, resilience cannot be proven in theory. It must be validated through practice. Tabletop exercises, red-teaming activities, and breach simulations should be conducted regularly to assess preparedness and identify gaps before a real incident occurs. Incident response plans should be tested under realistic conditions, including scenarios where primary communication channels may be unavailable.

Beyond compliance

Around the world, telecommunications operators and critical infrastructure providers continue to face increasingly sophisticated cyber threats. As a result, resilience can no longer be viewed solely through the lens of compliance.

Compliance and resilience are not the same thing. Organizations may satisfy audit requirements and still struggle to detect, contain, or recover from a sophisticated cyber incident. True resilience is demonstrated during a crisis, not during an assessment.

Strengthening resilience requires leadership commitment, operational discipline and continuous improvement. It also requires organizations to move beyond checklist-based approaches and focus on capabilities that can withstand real-world attacks.

A shared responsibility

Cyber resilience cannot be achieved by any single organization acting alone. Effective protection depends on collaboration across the wider ecosystem.

Telecommunications operators, technology providers, regulators and industry stakeholders all have important roles to play in strengthening collective resilience. Threat intelligence sharing, common security baselines, regular sector-wide exercises, supply chain assurance and continuous capability development can all contribute to a stronger security posture across the industry.

Technology providers also have an important role to play. As networks become increasingly complex and distributed, secure-by-design principles, secure architecture and close collaboration between operators and technology partners are essential to achieving end-to-end resilience.

The reality is that paper plans are not enough. Real-world incidents continue to demonstrate that untested plans often fail when organizations face an actual crisis. Continuous vigilance, disciplined execution and sustained collaboration are essential.

Cyber threats will continue to evolve, and no organization can eliminate risks entirely. However, organizations can improve their ability to prepare, respond and recover. Protecting modern economies and ensuring resilient digital infrastructure is a shared responsibility that requires commitment from every stakeholder.


Lee Han Ther is Cybersecurity & Privacy Officer (CSPO) at Huawei Malaysia.

I strive to find meaning and purpose to whatever I do. Grit, Integrity and Tenacity are my top 3 values.

As a cybersecurity professional, my mission is to advocate the importance of cyber security in this digital era. I find moments best fulfilled by having constructive discussions with individuals on cyber risk and resilience. Being a past security consultant, end user and advisor, I seek to share my experience to implement a holistic end to end cyber security program.

I enjoy learning and development both academically and experientially. My career has brought me on an interesting journey across Asia Pacific; meeting and exchanging conversations with individuals from multiple nationalities.

TNGlobal INSIDER publishes contributions relevant to entrepreneurship and innovation. You may submit your own original or published contributions subject to editorial discretion.

Featured image: Scott Elkins on Unsplash

Why communications resilience has become a boardroom priority in APAC