Global geopolitical headwinds are pushing Asian organisations to look more closely at cyber resilience and mitigating risks that can disrupt their business operations.
The need to bolster their cyber resilience also is pushing demand for artificial intelligence (AI) features in security products, said Jones Leung, Zscaler’s Greater Asia head of solutions engineering.
They expect vendors to use AI more and offer more AI features to manage their infrastructures, such as copilots, said Leung, who spoke with FutureCIO on the sidelines of last week’s Zenith Live conference in Prague, Czech Republic.
More organisations now expect copilots to be available in existing cybersecurity products, he said, adding that Zscaler itself is investing efforts to integrate more AI capabilities into its offerings.
He noted that companies face challenges recruiting expertise, and it is increasingly difficult and costly to hire skilled professionals.
At the same time, it is getting more complicated to manage cybersecurity. he said, and there are growing cloud and data security concerns as data scales in volume and reach.
This momentum will only continue to climb as companies turn to AI, which has to leverage big data on the cloud for analysis, Leung said.
It will further complicate cybersecurity, even as teams grapple with the need to move quickly to identify and plug critical vulnerabilities, he said.
The incident and response cycle will only get shorter as AI adoption accelerates, he added.
It is fuelling the need for AI to be embedded into cyberdefence tools to safeguard companies from AI-powered attacks, he said.
Global uncertainties fuel data sovereignty
Geopolitical headwinds also have prompted organisations to look more closely at data sovereignty and ownership, according to Casper Klynge, Zscaler’s vice president and head of EMEA government partnerships.
Pointing to his past experience in the government sector, Klynge said global political turmoil currently is at an “unprecedented” level and at a time where the role of technology is prevalent across industries and use cases.
Increasing cyber threats also is a risk to any organisation, he said at the Zenith Live conference.
With growing geopolitical uncertainty, including unpredictable policies from the US administration such as its tariff decision, European Union (EU) nations feel increasingly isolated, he noted.
It has pushed more companies in the region to seek data sovereignty and autonomy, he said, adding that Zscaler is seeing more customers now wanting more control and visibility of their data.
“In today’s increasingly digital and complex geopolitical landscape, one technology trend is coming to the forefront: knowing where your data is stored and processed is no longer a luxury -- it's a necessity,” Klynge said in a May 2025 post.
“Compliance with regulatory frameworks, growing customer demands for data privacy, operational resilience, and national security concerns all require tighter control over data location and handling,” he said. “Organisations are demanding technology that enables increased ‘digital sovereignty’.”
He noted that businesses in EU have to ensure they comply with data control and data sovereignty requirements, which often meant retaining data within the region or national borders.
“Maintaining control over where and how sensitive data is stored and processed is increasingly viewed as a core element of strategic cybersecurity and risk management, and critical to data confidentiality, integrity, and availability,” Klynge said.
Heightened focus on keeping the lights on
Asked if he saw similar focus amongst Asian organisations, Leung noted that it was not unusual for countries to want to maintain control of their destiny and, hence, seek data sovereignty.
But while some in the region, such as China, already have data sovereignty directives, this is not the case across all Asian markets, he said.
He noted that hyperscalers and major cloud vendors still do not have data centres in some local markets, such as Vietnam. It means that companies in those countries will not be able to easily facilitate data sovereignty requirements should they deploy services from these hyperscalers.
Google's cloud regions in Asia include cities such as Jakarta and Singapore, with a future region planned in Bangkok. It currently does not have cloud regions in Vietnam or the Philippines. Amazon Web Services' Asian cloud regions are similarly in markets such as Malaysia and Indonesia, but currently do not include cities in Vietnam or the Philippines.
Major cloud players do recognise growing demand in the region and have started building out their datacentre footprint in the region, Leung said, but this is not yet at an aggressive pace.
He added that in more mature markets such as Singapore, where there are local data centres, organisations that are concerned about data sovereignty policies mostly operate in CII (critical information infrastructure) sectors, or hold sensitive customer data and must adhere to regulations to store such data locally.
Instead, he noted that the ongoing geopolitical uncertainty is driving Asian businesses to look more closely at their cyber resilience.
These organisations care about whether their operations can continue to operate seamlessly, he said. This has heightened focus on business continuity strategies and on boosting cyber resilience, with companies more worried about cloud service outages, he said.
To address this, some countries are looking to establish regulations around cloud services and applications, Leung said.
Singapore, for instance, in February introduced guidelines for cloud services and data centres, outlining recommended measures that such operators in Singapore should adopt “to enhance the resilience and security of their services” and minimise disruptions.
"Digital services, such as online banking, ride-hailing, e-commerce, and digital identity, are all dependent on the continued availability and good functioning of infrastructure, such as cloud services and data centres," said Singapore's ICT regulator, Infocomm Media Development Authority. "Disruptions to cloud services and data centres can lead to significant inconveniences to our daily lives, and adversely impact our economy and society. With the right practices, such disruptive occurrences can be minimised, and services can be restored quickly when a disruption occurs."
Data security is the topmost concern for businesses and this is further driven by the accelerated adoption of AI, Leung said.
Organisations want to know about the risk of data leaks if they adopt AI and whether AI will still be effective if they refrained from sharing their data, he said.
