MANILA, Philippines (Jul 2025) — Telecommunications providers across the Asia-Pacific are facing an urgent call to upgrade their cybersecurity defenses as data breaches become increasingly frequent and damaging, according to a senior executive from Keeper Security.
Takanori Nishiyama, Senior Vice President for APAC and Japan Country Manager at Keeper Security, pointed to a recent incident involving South Korea’s SK Telecom, where a breach exposed data from 27 million records. The event underscores the vulnerability of telecoms in an age where mobile broadband networks are deeply integrated into daily life.
“Asia Pacific leads the world in 5G coverage, but with that advancement comes a heightened need for vigilance,” Nishiyama said. “Telecommunications companies manage vast stores of personally identifiable information, and any compromise puts millions at risk.”
In the Keeper Insight Report 2024, identity-based attacks were identified as the top threat vector. These breaches often stem from stolen user credentials, excessive access permissions, and unauthorized access. Nishiyama added that attackers are becoming more persistent, using AI to launch larger and faster brute-force attacks—particularly against popular platforms like WordPress.
Wordfence reported over 4.3 million brute-force attacks on WordPress websites in 2024 alone, highlighting how widespread and automated these attacks have become. “Once a website or server goes online, it becomes a target,” he said.
According to Keeper Security, 52% of IT and cybersecurity leaders still struggle with password security—a foundational but critical issue. Nishiyama emphasized that robust identity and access management tools, along with zero-trust security models, are essential to defend against modern attacks. This includes enforcing the Principle of Least Privilege and deploying advanced Privileged Access Management (PAM) systems.
Telecommunications firms are especially appealing targets due to the sensitive customer data they hold and their role in national infrastructure. Cybercriminals and state-backed actors often exploit common weaknesses like stolen credentials and insufficient access controls.
Phishing continues to be one of the most effective methods of infiltration, relying on unsuspecting users who may not follow strong cyber hygiene practices. In a sector like telecom, a single compromised account can lead to catastrophic consequences.
“Traditional perimeter-based security models no longer suffice,” Nishiyama warned. “Zero trust should be the default. Every device, every user, every time—no assumptions.”
For organizations in Asia Pacific, a comprehensive approach to security must go beyond regulatory compliance. Protecting digital infrastructure means safeguarding business operations, maintaining customer trust, and preserving brand reputation.
“The stakes are higher than just fines. It’s about trust, continuity, and resilience,” Nishiyama said.
Organizations looking to bolster their cybersecurity posture can explore Keeper Security’s password management and privileged access tools at keepersecurity.com.
