Illumio’s 2025 Global Cloud Detection and Response Report highlights a pressing issue for cybersecurity leaders: the persistent threat of lateral movement in cyberattacks.
n = 1,150
Source: Illumio, 2025
Despite significant investments in security tools, nearly 90% of organisations reported experiencing incidents involving lateral movement in the past year, a statistic that underscores the ongoing challenges faced by security teams in Southeast Asia and beyond.
The report reveals that undetected lateral movement not only exposes critical visibility gaps but also leads to substantial operational disruptions. Organisations reported an average of over seven hours of downtime for each incident, a concerning figure that reflects the toll of undetected threats. This downtime can significantly impact business operations, especially for organisations in a region where digital transformation is accelerating.
Alert fatigue and fragmented visibility are identified as two primary barriers to effective detection of lateral movement. Approximately 67% of security teams reported receiving more alerts than they can manage, with an average of over 2,000 alerts per day—equating to one alert every 42 seconds.
This overwhelming volume contributes to missed alerts, which have been linked to 92% of organisations experiencing security incidents.
Moreover, the report indicates that nearly 40% of network traffic lacks sufficient context for confident investigation. This lack of context complicates the ability of security teams to quickly identify and respond to genuine threats, leaving organisations vulnerable to sophisticated attacks that exploit these very weaknesses.
“In today’s dynamic threat environment, real-time visibility isn’t a feature; it’s a requirement," said Andrew Rubin, CEO and founder of Illumio.
“In the hybrid mesh, leveraging the AI-driven network security graph and focusing on breach containment is the only strategy that scales. AI-powered observability must do more than detect; it must find threats quickly and stop them from spreading immediately.” Andrew Rubin
Looking ahead, the report emphasises a shift toward AI-driven solutions as a means to enhance visibility and reduce alert fatigue. Nearly 80% of cybersecurity leaders believe that artificial intelligence and machine learning will be critical in identifying lateral movement more rapidly and effectively.
Priorities for 2026 include increasing AI/ML capabilities, improving cloud detection and response, and automating threat triage processes.
For CISOs in Southeast Asia, these findings highlight an urgent need to reassess current security strategies, embrace advanced technologies, and prioritise initiatives that enhance visibility and response capabilities in the face of evolving cyber threats.
