Top
Home / Cyber Security
Cyber Security

Bitdefender in APAC: a talk with Paul Hadjy

By

The APAC region is a study in contrasts — home to both emerging and mature economies, rapid digital transformation, and complex cyber threat landscapes. Mobile-first markets like India and Indonesia are expanding opportunities but also heightening risks, especially for small to medium-sized businesses. Bitdefender has responded by deepening its regional presence through strategic acquisitions, including Horangi and a key division of BitShield, and by launching a Security Operations Center in Singapore. These moves aim to deliver localised, AI-powered security tailored to APAC’s unique needs. In this interview, Paul Hadjy, Vice President of APAC and Cybersecurity Services at Bitdefender, discusses how the company is tackling the region’s cybersecurity challenges, the real role of AI in reducing risk, and the future of trust in AI-driven defence.

Let’s start with the big picture. How would you describe the current cybersecurity threat landscape in the APAC region, and what do you believe makes it unique compared to other global markets? 

The APAC region is unique in its diversity of economies, geopolitical tensions and digital transformation. Despite the interconnectivity of the region, there are differing levels of cyber maturity and regulatory frameworks in each country. With the rapid development and adoption of new technologies, the complexities of managing and securing systems for businesses have increased. At the same time, cyber threats have become more sophisticated in the region, with advanced tactics from regional APT groups, which provide new challenges and risks for businesses and individuals. 

APAC consists of developing and mature nations, with many small to medium-sized businesses that are more vulnerable to cyberattacks due to their low levels of security defence. We also see a lot of mobile-first economies in the region, especially India, Indonesia, Thailand and the Philippines, which increases the opportunity for phishing and malware attacks. 

Bitdefender has expanded its presence in APAC with the acquisition of Horangi and a new SOC. How has this regional integration improved your capabilities in responding to localized threats? 

The integration of Horangi’s advanced Cloud Infrastructure Entitlement Management (CIEM) and Cloud Security Posture Management (CSPM) solutions into Bitdefender’s GravityZone Platform has bolstered the company’s ability to monitor and secure multi-cloud environments. This allows Bitdefender customers and partners from across the region to address complex cybersecurity challenges such as misconfiguration and vulnerability detection, governance, and compliance across hybrid and multi-cloud environments. 

Additionally, the SOC in Singapore ensures Managed Detection and Response (MDR) and Offensive Cybersecurity Services, providing around-the-clock threat monitoring and response capabilities. Thus, Bitdefender delivers tailored security services that meet the specific needs of organizations in the APAC region, ensuring they are better equipped to handle evolving cyber threats. 

Bitdefender continued its investment in the region through the acquisition of a key division of BitShield, which was responsible for distributing Bitdefender solutions in Malaysia and Brunei as a Country Partner.  

There’s been a lot of discussion around AI-powered security tools — but where do you draw the line between hype and meaningful innovation? How is Bitdefender incorporating AI in ways that genuinely reduce risk? 

At Bitdefender, we view AI as a powerful tool to help enhance cybersecurity, but it is important to differentiate between genuine innovation and hype. Since 2008, Bitdefender has been shaping the future of artificial intelligence in cybersecurity through open research and advancements.   

Bitdefender integrates AI in ways that provide tangible benefits and reduce risk. One key approach is the use of machine learning models tailored to specific challenges. Bitdefender employs a diverse set of models, including anomaly detection, which builds unique profiles for each user and device to identify subtle variations and potential threats. This method ensures that AI is used effectively to detect and prevent sophisticated attacks.  

As an example, PHASR (Proactive Hardening and Attack Surface Reduction), our latest cutting-edge technology, leverages AI to proactively harden systems and reduce the attack surface, being designed to dynamically adapt as the threat landscape evolves and optimize security measures based on evolving user behaviours and IT configurations.  

With AI augmenting both defence and offence in cybersecurity, what challenges do you foresee in managing trust in AI-assisted decision-making in threat detection? 

A: A key concern is ensuring transparency and understanding of what information is fed into an AI system in order to have a full view of how the model arrives at certain decisions. There must also be safeguards in place to prevent adversarial manipulation of AI models to ensure trust in the system’s decision-making and ability to detect threats. 

We’ve seen ransomware evolve beyond traditional playbooks. What recent shifts have you identified in attacker behaviour that concern you the most? 

A: In a recent report, Bitdefender Labs unveiled that February 2025 was the worst ransomware month in history. We see an increasing opportunism of ransomware groups and their focus on exploiting newly discovered software vulnerabilities in edge network devices. Instead of targeting specific companies or industries, attackers now prioritize vulnerabilities with high-risk scores, remote code execution capabilities, and internet accessibility.  

Additionally, attackers have adopted a two-stage approach: automated scanning for vulnerable systems followed by manual hacking. After gaining initial access, instead of immediately planting malware, they use legitimate tools like PowerShell to evade detection. This technique called “Living Off the Land”, is now used in over 70% of cyberattacks (according to Bitdefender investigations and industry research). 

Paul Hadjy, vice president of APAC and Cybersecurity Services, Bitdefender 
Paul Hadjy, vice president of APAC and Cybersecurity Services, Bitdefender 

Is there enough cooperation between the public and private sectors in APAC when it comes to cybersecurity intelligence sharing? What more should be done? 

Bitdefender works regularly with global law enforcement agencies, providing cybersecurity expertise crucial for numerous key operations to disrupt ransomware groups. By scrutinising network traffic, decrypting communications, and identifying vulnerabilities within criminal networks, Bitdefender has greatly impacted the operational capabilities of darknet markets. 

Over the past 10 years, we have seen a lot of progress in the public/private collaboration in the APAC region, but there is still work to do.   

What keeps you up at night — or excites you — when thinking about the cybersecurity challenges and opportunities of the next 12–24 months? 

In general, as AI progresses, so will the attackers’ TTPs (Tactics, Techniques, and Procedures), which will allow them to be even more effective and faster. This means that businesses will do more to protect themselves and need to avoid becoming a crime of opportunity. The days of being too small of a target no longer exist, and many SMEs are finding this out the hard way.  

We see a shift towards preventative, automated risk mitigation, with the opportunity to proactively reduce the attack surface while enhancing detection and response capabilities. 

Finally, what advice would you give to regional enterprises that are just beginning to mature their cybersecurity posture? Where should they start, and what should they avoid? 

As businesses in the region develop and increasingly adopt cloud technologies and AI-driven solutions to boost efficiency and agility, they must also look to address the various cybersecurity threats effectively. Organisations must take a multi-layered approach to security strategy, including extended detection and response (XDR), managed detection and response (MDR), native cloud security, and, of course, endpoint protection.  

It is important for businesses to note that employees also pose a critical vulnerability, and therefore, organisations must focus on educating and training their teams to increase cybersecurity awareness and skills. 

Tags: ,
0

Andriani has been working in Publishing Industry since 2010. She has worked in major Publishing Houses in UK and Greece, such as Cambridge University Press and ProQuest. She gained experience in different departments in Publishing, including editing, sales, marketing, research and book launch (event planning). She started as Social Media Manager in 4i magazine, but very quickly became the Editor in Chief. At the moment, she lives in Greece, where she is mentoring women with job and education matters; and she is the mother of 3 boys.

RELATED POSTS

Featured, Tech

In a world where dramatic technological changes and heightened geopolitical dynamics are characteristic, the theme of digital sovereignty has become an imperative necessity for European businesses in a globalised environment. Its meaning can be descriptive, but for Advens, a reputable

Featured, Tech

KRAFTON, widely recognised as the developer and publisher of popular game titles such as "PUBG: Battlegrounds", has been running KRAFTON JUNGLE, a training programme for aspiring software developers, since 2022, as part of its corporate social responsibility (CSR) mission. Junghan Kim,

Featured, Tech

In today's rapidly evolving tech landscape, businesses are turning to Edge computing and open-source solutions to remain agile, innovative, and cost-effective. But adoption isn't without its challenges—security, scalability, and integration hurdles can slow down even the most promising projects. In

4i magazine was founded with the vision of enabling our readers to make sense of the modern world. Our mission is to provide our audience with the most important, cutting-edge tech news and insights. Today's media landscape features too much information and not enough knowledge. Our coverage aims to fix that, by focusing the spotlight on developing trends, up-and-coming talents, and news that's worth your attention.

info@4imag.com
jobs@4imag.com

© Copyright 4i Mag 2022 All Rights Reserved