Cloud computing and artificial intelligence have delivered major efficiency gains for businesses, but they have also widened the attack surface for cybercriminals. That shift is forcing organizations to build cyber resilience that is not just reactive, but adaptive and measurable.
The urgency became clearer after a financial-sector incident in February 2026 that exposed the cost of weak security controls. In that case, a regional bank in Indonesia was said to have suffered losses of Rp143 miliar after a mass auto-debit attack affected more than 6,000 customer accounts.
Identity is now the most common entry point
Threats are moving too quickly for slow response models to keep up. Security gaps that once took weeks to exploit can now be used within days, especially in cloud environments where identity compromise remains one of the most common paths in.
Data cited by Reza Aminy, Associate Director IT & Digital BDO in Indonesia, shows that 83% of major cloud intrusions begin with identity-related problems. Attackers are also using vishing, token theft, and abuse of CI/CD pipelines to gain administrative access faster than many organizations can react.
AI helps both attackers and defenders
AI has become a dual-use force in cybersecurity. It can improve productivity, but it also gives criminals better tools for malware, more convincing phishing, and deepfake-based fraud.
One case highlighted in the coverage involved AI-generated audio and video that imitated a firm’s CFO. The scheme was said to have stolen $25 million, underscoring how identity manipulation is no longer limited to email or text messages.
That is why Reza argues that security must be treated as a continuous process. When attacks can be personalized and accelerated by AI, defenses also need to become more automated and context aware.
What the banking incident revealed
The regional bank case showed how a small weakness can become a large financial burden. Reza’s explanation points to an IT system that had not been updated since 2012, weak security governance, no 24-hour Security Operation Centre (SOC), and poor vendor risk management.
The damage went beyond the immediate loss. Mobile banking and ATM access had to be suspended for months while the bank worked to contain the impact and stabilize operations.
The cost of recovery was also heavier than the cost of prevention. The Rp143 miliar loss had to be covered using the company’s previous year’s profit, a reminder that delayed security investment can become much more expensive later.
The four pillars of cyber resilience
Reza Aminy outlines four pillars that organizations should strengthen as AI and cloud adoption accelerate.
| Pillar | Focus | Why It Matters |
|---|---|---|
| Identity and Context Controls | Hardware-based multifactor authentication and context-aware access | Helps ensure only verified users can reach sensitive data |
| Automated Defense | Web Application Firewall (WAF) and automation at the edge | Blocks threats faster than manual patching alone |
| Modernized Incident Response | Automated cloud incident response pipelines | Can cut containment time from days to minutes |
| Deep Security Culture | Risk management as part of company culture | Turns employees into the first line of defense against social engineering |
These pillars reflect the reality that attackers are not only stealing access, but also destroying logs and backups. For that reason, organizations need response systems that can move as quickly as the threat itself.
Security has to go beyond tools
A strong approach cannot rely on security tools alone. It also requires governance, continuous monitoring, and regular testing so that organizations are prepared for new threats in cloud and AI environments.
BDO in Indonesia says it remains committed to supporting organizations through a formalized risk management framework. Its focus is not limited to technology, but also includes stronger security culture and readiness for attacks that are becoming more complex.