Everyone has a prediction about what the security landscape in Asia will look like in 2026. Each new year brings prognostications and predictions. What is distinct for 2026 is the inclusion of AI across the security narrative.
The shift in AI-powered cyberattacks
Experts anticipate a significant paradigm shift in cyber threats, as AI evolves from a mere assistant to a pivotal component for attackers. In recent years, AI has enabled various malicious activities—ranging from deepfakes to social engineering.
However, 2026 is expected to witness a surge in fully autonomous AI-driven attacks, characterised by techniques such as “vibe coding.” Threat actors will leverage AI for reconnaissance, gathering critical information and developing tailor-made malicious tools, fundamentally changing the cybercrime landscape.
Xavier Xuhui Cai, area vice Ppresident at Cloudflare China, emphasised the need for vigilance against these evolving threats: “As we move into 2026 and beyond, organisations must remain vigilant against evolving security challenges.”
This recognition is vital as CISOs evolve their threat mitigation strategies.
Enhancing resilience through industrial AI
The increasing focus on resilience in operational technology (OT) is becoming paramount as AI begins to autonomously optimise systems in real time. Previously, factories relied on reactive systems; now, they must adopt proactive security measures.
Martin Creighan, vice president for Asia Pacific at Commvault, highlighted that in 2026, Industrial AI will not only monitor but also actively drive efficiency. This transformation necessitates a significant upgrade in security measures.
The anticipated shift to Agentless Zero Trust architecture will integrate security checks into every machine interaction, making the network itself a formidable line of defence against potential vulnerabilities.
A fundamental shift to operational resilience
The emphasis on operational resilience will take precedence over traditional preventative measures. With the frequent occurrence of systemic cloud outages and cascading dependencies, organisations will prioritise resilience, understanding that vendors will inevitably encounter failures.
“In 2026, organisations will accept that prevention is not foolproof and will instead focus on crisis preparedness,” said Daniel Toh, chief solutions architect for APJ at Thales. This strategic shift involves enforcing Zero Trust principles, implementing least-privilege vendor access, and establishing multi-region/multi-cloud redundancies for critical data stores.
Toh also pointed out that recent analysis indicates that 44% of all cloud security incidents stem from misconfigurations within Identity and Access Management (IAM) systems.
Focusing on resilience can address systemic failures, enabling CISOs to minimise the business impact of third-party failures through rigorous testing of response plans and controlled IAM access.
Cloud sovereignty: A strategic imperative
The new emphasis on operational resilience dovetails with an increasing focus on cloud sovereignty. As various nations adopt stringent data protection measures, enterprises in the Asia-Pacific (APAC) region are expected to incorporate sovereignty as a primary criterion for their cloud and AI platforms.
This strategy enables businesses to decide where their data resides—whether on-premises, in private clouds, or with local hyperscalers—while maintaining visibility into the legal requirements governing their data.
When sovereignty is integral to the architectural design, compliance transforms into a competitive advantage, allowing organisations to innovate confidently within regulated boundaries.
Identity as the new (old) perimeter of security
As digital ecosystems continue to expand, identity will increasingly replace traditional infrastructure as the perimeter of security - as it has been doing since the arrival of AI as a threat actor weapon.
The alarming increase in phishing attempts demonstrates how cybercriminals exploit stolen identities to gain access to organisations.
Cyber-resilient organisations will merge identity, data, and recovery policies, creating a cohesive security framework. This shift is vital, especially with the rise of AI-driven interactions where autonomous agents will initiate actions and share data.
Therefore, maintaining robust identity verification will be critical for securing these interactions.
The role of data rooms in AI initiatives
Enterprises are now recognising that stagnation in AI initiatives often arises not from a lack of data but from difficulties in safely accessing and preparing the data they already possess.
Surveys throughout APAC have shown that data quality, security, and governance are significant barriers that impede scaling beyond initial pilot projects.
In response, the rise of sovereign, resilience-aware data rooms is on the horizon. These secure environments will allow for controlled access to governed backup data, enabling organisations to utilise clean, compliant data for AI initiatives without breaching local laws.
Transforming historical data from "backup insurance" into strategic intelligence assets will be pivotal.
Quantum readiness and the future of cryptography
Although AI remains a dominant topic, the emergence of quantum computing presents new risks that organisations must address.
Preparedness for post-quantum cryptography (PQC) must now be included in resilience architectures. As cryptographic algorithms currently in use may fall prey to quantum attacks within the next decade, organisations need to take proactive measures.
Forward-thinking companies are beginning crypto-inventory audits and deploying quantum-safe algorithms to protect their data. Quantum readiness will be essential for heavily regulated sectors, ensuring that strategies for sovereignty and encryption remain effective in the face of future quantum threats.
Building trust through governance and accountability
As governance, sovereignty, and resilience converge into a singular mandate of trust, accountability is paramount. Boards are moving from accepting assurances to demanding clear evidence of organisational resilience.
Traditional metrics, such as Recovery Time Objective (RTO) and Recovery Point Objective (RPO), are becoming insufficient measures of success. Instead, organisations will increasingly rely on metrics like Mean Time to Clean Recovery (MTCR)—the duration required to restore vital applications and verified clean data. Such metrics will help leaders determine the effectiveness of their cyber-resilience investments.
Preparing for an evolving landscape
As organisations navigate these multifaceted challenges, the intersection of AI, identity, and sovereignty will redefine how they manage security in 2026 and beyond.
The necessity for continuous vigilance, proactive resilience measures, and robust security frameworks is critical.
By embracing these strategic shifts, organisations can fortify their operations against emerging threats while fostering innovation in an increasingly digital landscape.
