On 22 February 2026, a regional Indonesian bank suffered a catastrophic breach when foreign hackers executed a mass auto-debit attack, automatically draining Rp143 billion from over 6,000 customer accounts. To mitigate the damage, the bank was forced to freeze mobile banking and ATM access for months. An investigation by Indonesia's National Cyber and Crypto Agency (BSSN) revealed that the incident stemmed from critical security failures, including obsolete IT systems that had not been updated since 2012, weak governance without a 24-hour security operation centre (SOC) and unmanaged vendor risks. Ultimately, the Rp143 billion loss had to be covered using the bank's previous year's profits, emphasising the harsh reality that the cost of recovery is far greater than the cost of prevention.

The evolving threat ecosystem and the AI frontier 
This incident, and other several high-profile cyber incidents, highlights why managing cyber risk is now a critical imperative for the C-suite to preserve brand value and operational stability, especially as organisations rapidly adopt cloud computing and artificial intelligence. Urgency at the executive level is further driven by the fact that the threat landscape has shifted so rapidly that the window between a vulnerability's disclosure and its active, mass exploitation has collapsed from weeks to days. In cloud environments, compromised identities now underpin 83% of major intrusions, with attackers utilising voice-based social engineering (vishing), stealing Auth tokens and abusing CI/CD pipelines to gain full administrative access within hours. High-volume data theft remains the primary goal, whether executed by external threat actors or malicious insiders using personally-controlled cloud storage platforms to exfiltrate data.

Furthermore, while AI enhances productivity, it acts as a double-edged sword by introducing complex privacy risks and enabling cybercriminals. Threat actors are weaponising AI to automate malware production, launch highly realistic phishing attacks and generate deepfakes. The financial toll of these advanced attacks can be devastating, such as a notable case where scammers used AI-generated audio and video to impersonate a firm's Chief Financial Officer and successfully steal $25 million.

Building cyber resilience: the path forward 
To avoid the catastrophic losses seen in the Indonesian bank case and confidently adopt new technologies, organisations must transition from manual defences to an automated, resilient posture. This path forward requires four key pillars:

• Enforce identity and context-aware controls: Organisations must use hardware-backed, phishing-resistant multi-factor authentication (MFA) and context-aware access to ensure only verified users on secure devices can reach sensitive data
• Automate defences and posture enforcement: Security teams should pivot from manual patching to automated defences, such as using web application firewalls (WAF) to block threats at the edge before software updates are applied
• Modernise incident response: Because modern threat actors actively destroy logs and backups, organisations must deploy automated cloud incident response pipelines. Integrating AI-augmented analysis and automated evidence collection can reduce threat containment times from days to mere minutes
• Embed a culture of security: Cyber risk management must be deeply woven into the company culture, ensuring that employees remain the first line of defence against social engineering and AI-enabled threats.

How BDO can help your company
BDO can help your organisation build essential cyber resilience by implementing a formalised cyber risk management framework. We assist in identifying critical assets and vulnerabilities, and guide the implementation of robust security controls to protect your infrastructure. BDO can also help to embed a strong security culture through employee training, as well as supporting the continuous monitoring, testing and evolution of your defences against emerging cyber threats.