Recent 2025 reports echo these themes: Southeast Asia's enterprises are rapidly adopting AI agents for cybersecurity, with 86% planning integration, yet many struggle with governance and skilled personnel.
Deepfake-related fraud in the APAC region surged by more than 50% year-over-year last year, underscoring the mounting social engineering risks. SOAR platforms have reduced incident response times by 70%, enhancing resilience to AI-driven threats.
Regional regulatory frameworks remain heterogeneous but align broadly on risk management principles, with CISOs urged to operationalise ethical AI use and human oversight.
"It's an interesting time to be in cyber security right now," comments Kylie Watson, head of security for DXC Technology APJ MEA. "We've got an increased threat landscape with AI coming in. We must also look at the defence on that side of it. And then we must look at using AI agents securely within organisations and having to make sure that everyone is protected from the explosion of interest in AI too."
AI-driven threat evolution
AI not only enhances defensive capabilities but is also weaponised by adversaries. Watson highlights the rise of intelligent, self-evolving threats, including "AI-generated deep fakes to autonomous malware exploiting the region's rapid digitalisation and IoT convergence."
These polymorphic malwares, capable of evading traditional antivirus systems, pose unique detection challenges. Watson stresses, "It's difficult sometimes for antivirus in particular to pick up polymorphic malware... if you don't have a SOAR platform, you're already a little bit too late."
Deepfakes have become a sophisticated tool in social engineering attacks targeting high-level executives.
Watson explains, "One of the key elements I always go back to is — if you didn't contact them, then potentially don't trust it. If you receive a call from me or someone tells you I'm an executive and I need something immediately, hang up. Look for your CEO's contact information in your corporate system... Do your own authentication."
She emphasises the importance of verifying urgency claims independently: "It's never that urgent if you didn't contact them and you don't know them personally."
Southeast Asia's rapid digitalisation, AI integration, and IT/OT convergence are fertile ground for such sophisticated threats, with cross-border AI-powered attacks increasing in complexity and volume. This dynamic demands CISOs adopt robust, adaptive security strategies that respond to emerging threats in real-time.
AI as a double-edged sword for defence
While AI-generated threats accelerate, so do AI-enhanced defences. Watson describes the evolution of incident response: "Incident response playbooks... these days, they're automated. The playbook tells the analyst what needs to be done."
She points out an exciting advancement:
"Playbooks now can actually be written by the AI agents. They could look at it and go, hey, it's this type of threat... it can write and do the playbook and follow it through as well... it can even send it right through to the ticketing and resolve it following that playbook." Kylie Watson
However, she advises caution, stating, "At a higher level there's a different level of risks... so I always believe in being in the loop." Automation must be balanced with human oversight to avoid blind spots and mitigate the risk of missteps due to overreliance on AI alone.
Adoption of AI-driven SOAR platforms is accelerating across Southeast Asia, significantly improving detection speed and operational efficiency. Surveys in 2025 show that 86% of organisations in the region plan to use AI agents within the next 12 months, indicating a rapid modernisation of digital defence.
Regulatory landscape and ethical AI governance
CISOs must navigate diverse and evolving AI regulatory environments in countries like Japan, Singapore, and India. Watson notes, "In my role, I've got 22 countries, and they all have different compliance frameworks. Some have AI guidelines; some don't... some are even using AI to write the legislation."
Despite complexity, common intent aligns regulations: "Most of the controls map fairly neatly... if you're looking at a control in Australia, it's not hugely different to Singapore or India."
She advocates for AI governance committees, emphasising social responsibility: "Just because you can do it, does that mean you should do it? You need to take it right back to the basics... I call it the social license for AI."
Early focus on low-risk projects, combined with incremental lessons learned, can smooth the path toward the deployment of ethical AI. Auditing training data, monitoring for bias and adversarial manipulation, and maintaining meticulous audit logs are critical.
Watson stresses, "Any machine identity, any AI agent... should be captured in logs... audit trails and logs should be absolutely secure by design." She warns, "If it's not happening, you probably need to pause the project or really look at the risk."
Strategic leadership and human factors
AI automation reshapes the CISO's role, extending beyond technology to strategic leadership. Watson points out skill gaps broadly across organisations, saying, "My security team? Yes, probably. Across the board? No. We need to get better at it. It's quite new."
She expresses optimism about the evolving defence posture: "We're patching faster than ever before... endpoints are protected more than ever... SASE networks exist now."
The impacts on the workforce due to automation and AI are notable. Watson highlights, "We have a societal obligation to make sure we have junior people coming through... automation takes away a lot of that more junior work."
She encourages proactive talent development: "We must upskill them faster, lean back into universities and make sure they've got the right skills to come into our workforce."
Building adaptive, intelligent defences involves close collaboration between the CISO and other business units. Watson observes, "People will go out and buy cool stuff. I want to know what that is. I want to make sure it can be secured. At times, you're the last one to know."
Starting with small, low-risk projects and scaling progressively prevents costly missteps: "There's been a lot of discussion about ROI... some customers said, Help, I'm not getting the ROI."
Preparing for the future
Looking ahead, Watson cautions against a narrow focus: "There is a concern that we're overlooking quantum... Don't focus so much on AI that you forget about quantum." She urges CISOs to embrace AI thoughtfully and proactively: "We must be excited about it and run with it, but not to the point where we're not doing research and following our controls right because this thing is happening quite fast."
AI and automation offer a double-edged capability to both Southeast Asia's cybersecurity defenders and adversaries. According to Watson, "The challenge is not just technical—but strategic, regional, and human."
CISOs must balance cutting-edge AI-driven defences with human judgment, ethical governance, and continuous upskilling to navigate the next generation of threats successfully in 2025 and beyond.
Click on the PodChats player to hear in detail Watson's views and recommendations on AI, automation, and the next generation of threats.
- Our topic is AI, automation and the next generation of threats. Please describe for us the relationship between all three as viewed from the perspective of a security professional.
- How can CISOs ensure the integrity and security of third-party AI models integrated into their core business systems?
- In your view, are incident response playbooks used by enterprises in Asia resilient enough to handle AI-powered, self-evolving malware?
- What safeguards are in place to detect and prevent deepfake-driven social engineering attacks targeting regional executives?
- How can enterprises maintain compliance with emerging AI governance regulations across multiple Asian jurisdictions?
- To what extent are organisations auditing training data for bias, leakage, or adversarial manipulation in our automated systems?
- Can current detection tools distinguish between legitimate automation and malicious AI-driven lateral movement?
- How are enterprises preparing for supply chain attacks that exploit vulnerabilities in open-source AI frameworks?
- Are security teams equipped with the skills to monitor, interpret, and challenge AI-driven security decisions?
- How can enterprises build adaptive, intelligence-led defences that evolve in tandem with next-generation threats? What is the role of the CISO here?
- Coming into 2026, how should CISOs and the security team prepare for the further integration of AI into the organisational workflow?
