PodChats for FutureCISO: Resilience in Action: Critical Infrastructure Defence in 2026 Artwork

CXOInsights by CXOCIETY

CXOCIETY (read "society") is the platform for senior business, technology, finance and operations executives to discuss, share and discover the latest in technology, process and people innovation."CXOInsights" by CXOCIETY is the repository of shared insights and experiences by the best, brightest and most experienced professionals globally. Subscribe to "CXOInsights" by CXOCIETY to keep abreast in the latest in all things innovation.

All Episodes

CXOInsights by CXOCIETY

PodChats for FutureCISO: Resilience in Action: Critical Infrastructure Defence in 2026

September 17, 2025 • CXOCIETY | FutureCIO FutureCFO FutureIoT • Season 6

In 2024, there were 440,000 detected cyber threats to critical infrastructure, and the U.S. Critical Infrastructure experienced a surge in attacks, including the Volt Typhoon and Chinese Telecom Network Infiltration. For 2025, projections indicate 30% of critical infrastructure organizations will experience a security breach, and major attacks on the sector are expected to continue, according to Gartner.

As we welcome 2026, what would a maturing artificial intelligence present to critical infrastructure, and how should CISOs strengthen their cybersecurity strategies to reflect the evolving technology, regulatory, geopolitical and business landscape in the coming years.

Joining us on PodChats for FutureCISO is Lim Hsin Yin, vice president of sales for ASEAN at Cohesity for her views on the topic of Resilience in Action: Critical Infrastructure Defence.

1. What is Cohesity?

2. How robust are enterprises’ data resilience strategies in Asia—including immutable backups, air-gapped copies, and recovery drills—in ensuring operational continuity after ransomware or destructive cyber-attacks? What KPIs are being used to measure its effectiveness?

3. To what extent have enterprises in ASEAN integrated IT and OT security teams, tools, and processes to achieve unified threat visibility and coordinated response across our entire critical infrastructure estates, especially considering legacy systems prevalent in the region?

4. How are CISOs continuously re-evaluating and managing third-party and supply chain risks—especially for vendors linked to OT environments—to prevent breaches similar to regional supply chain attacks like MOVEit or airport data centre infiltrations?

5. What zero-trust and segmentation measures have CISOs prioritised to protect industrial control systems (ICS) and OT environments against increasingly sophisticated hacktivist and state-backed threat actors targeting ASEAN and Hong Kong critical infrastructure?

6. How are enterprises leveraging real-time, cross-border threat intelligence sharing within ASEAN to detect and disrupt pre-positioning and advanced persistent threats (APTs), as exemplified by campaigns like Volt Typhoon?

Coming into 2026, what are you expecting as far as critical infrastructure defense, and what should operators of critical infrastructure be taking in terms of their defense structure?

People on this episode

Allan Tan

Host