In my current dialog with CISOs throughout Southeast Asia, they shared with me a realistic view of 2026. Attackers are shifting ways, AI is amplifying each danger and response, and IT-OT boundaries are blurring. Three priorities stand out to me, hardening cloud and AI infrastructure, treating id because the energetic perimeter, and operationalizing resilience as functionality and, in choose sectors – as a service.
Cloud and AI turn out to be excessive‑worth targets
Multi‑cloud adoption and sprawling SaaS create visibility gaps the place a single misconfiguration or leaked credential can expose delicate information and costly compute, together with AI GPUs. CISOs mandate is to tighten configurations, develop telemetry, and assume adversaries are probing the weakest hyperlink.
Identification and Belief Are the New Perimeter
We count on fewer “break‑ins” and extra impersonation comparable to AI‑crafted lures, voice scams, session hijacks, and token theft that bypass conventional Multi-Issue Authentication. Southeast Asian CISOs are prioritizing steady verification, session integrity controls, and belief checks embedded in workflows.
Open‑supply parts, mannequin repositories, CI/CD pipelines, and cloud platforms widen publicity. A single compromised vendor can cascade throughout clients; ransomware and information theft more and more arrive by way of “trusted” integrations. Organizations should strengthen vendor controls and harden pipelines.
Agentic AI raises the stakes on offense and protection
Autonomous brokers could make poor selections at machine pace until constrained. Guardrails now embody scoped, time‑certain entry; human‑in‑the‑loop; kill‑switches; and behavioural monitoring. On protection, Safety Operations Facilities (SOCs) are automating correlation, summarisation, containment, and remediation, elevating analysts to strategic looking and validation.
Instrument the browser
As AI works via browser periods, responders want session reconstruction and richer telemetry to analyze quick‑shifting incidents.
Individuals stay choice makers
With manipulation accelerating, boards are investing in focused consciousness, deception detection, and choice‑assist coaching that enhances technical controls.
IT- OT convergence expands cyber‑bodily danger
Industrial management programs require OT‑particular resilience comparable to segmentation, rigorous change management, and rehearsed restoration to be prioritized on the board stage.
In monetary providers, resilience turns into a income stream
Massive establishments could productize security assurance by packaging cyber resilience, AI‑enabled fraud controls, and compliance automation as subscription providers.
Zero Belief extends to non‑human identities
Enterprises will handle 1000’s of AI brokers. Anticipate formal AI id and entry governance, together with least privilege for brokers, authentication fashions for non‑human actors, and steady conduct monitoring.
Shutterstock
CSO ASEAN Last Take
2026 will take a look at whether or not organisations can safe what they automate. For my part, this collective Southeast Asia CISOs’ message is constant: harden cloud and SaaS, elevate id‑centric controls, instrument brokers and browsers for forensic readability, and deal with resilience not solely as protection however, the place it is smart, deal with it as a product.
Get pleasure from studying these prime predictions for 2026 by our area’s most outstanding CISOs who’re additionally our CSO30 ASEAN & Hong Kong Award 2025 winners:
Jason Lau Chief Info Safety Officer Crypto.com Board Director at ISACA
Prediction 1 In 2026, organizations will face assaults that more and more blur the strains between cybercrime, insider risk, and nation-state exercise. Social engineering, SaaS compromise, digital-asset theft, and extortion will not seem as remoted incidents, however as coordinated providers designed to scale impression and strain defenders concurrently. Prediction 2 In 2026 we are going to probably see extensively reported incidents of agentic AI going rogue. Not essentially via rise up, however via unchecked autonomy mixed with pace. Boards can be compelled to confront accountability when brokers make dangerous selections at machine scale, and organizations might want to redesign Mannequin Context Protocol utilization round human‑in‑the‑loop controls, scoped and time‑certain entry, actual‑time kill switches, and steady behavioral monitoring. Governance that may’t sustain with velocity can be bypassed Prediction 3 In 2026, the defining danger can be enterprise‑course of and human-layer exfiltration the place AI programs, SaaS integrations and wearables turn out to be the transport layer for information loss. Safety groups can be compelled to rethink information‑loss prevention for an AI‑human-augmented world. Prediction 4 Incident response and SOC groups will want to consider including new telemetry for analysis- Agentic browser session reconstruction. Organizations that deal with “AI browser entry” like a traditional productiveness characteristic, slightly than privileged entry, will study the dangers the exhausting manner.
Yohannes Glen Dwipajana SVP Head of Enterprise Safety Indosat Ooredoo Hutchison
Prediction 5 Cloud misconfigurations, SaaS integrations, and AI GPU sources are below a continuing assault. Many of the firm may have a multi-cloud technique surroundings nonetheless it would scale back SOC actual time visibility to detect lateral motion, and the Risk Actor will steal your information and in addition compute energy. This may be occurred by a single misconfigured credential then will expose the enterprise.
Prediction 6 The Risk Actor are shifting away from breaking programs, they’re impersonating individuals, periods, and trusted workflows utilizing AI-generated phishing, voice scams, and deepfakes are indistinguishable from actual communications, there can be extra session hijacking and token theft to bypass conventional MFA.
Prediction 7 Provide chain is the multiplier of danger, by having many software program suppliers, utilizing open-source parts, AI fashions, and cloud platforms are actually prime entry factors. One single compromised vendor could expose 1000’s of consumers. By exploiting vendor’s AI mannequin repositories and CI/CD pipelines turn out to be a brand new rising assault vector. Ransomware assault could more and more enter via our “trusted” companions.
Michael Noticed Chief Info Safety Officer, APAC Siemens Vitality
Prediction 8 As agentic AI accelerates assault speeds, human instinct will show more and more unreliable towards refined manipulation. This may drive boards to deal with worker resilience as a core danger issue and spend money on workers’ cybersecurity consciousness packages and coaching, in addition to proactive deception detection alongside technical controls.
Prediction 9 As Info Know-how/Operational Know-how (IT/OT) integration accelerates operational effectivity, cyber-physical assaults focusing on industrial management programs (ICS) will rise, prompting boards to prioritize OT resilience as a core enterprise danger alongside conventional IT security.
Primitivo Nufable VP & Head – IT, Info & Cyber Safety Group St Luke’s Medical Centre
Prediction 9 Safety groups will reply by totally operationalizing AI inside their SOCs. Prediction 10 In 2026, healthcare sector and St Luke’s Medical Centre specifically, can be laying Agentic AI SOCs roadmap to improve our present SOC working on the fundamental SIEM/SOAR platform. AI brokers will help analysts by dealing with information correlation, incident summaries, and automatic containment and remediation, permitting human analysts to deal with strategic risk looking and validation. St Luke’s Medical Centre will attempt to exchange L1 & L2 Cybersecurity Analyst with Agentic AI Analyst and L3 Cybersecurity Analyst can be in-charge of the governance of those AI brokers.
Chhay Yaroth SVP and Head of Info Safety Division ACLEDA Financial institution Plc.
Prediction 12 Over 60% of the world’s prime 50 monetary establishments by income may have launched worthwhile cyber-resilience merchandise by 2026. This may give rise to a brand new metric-Safety Contribution Margin which is tracked by analysts. Furthermore, one-third of enormous fintech will turn out to be clients of their banking companions’ security providers, flipping the normal client-provider relationship primarily based on cyber maturity.
Prediction 13 A serious firm will endure materials information dangers originating from an over-permissioned, compromised, or hallucinating autonomous AI agent, resulting in a brand new regulatory deal with “AI Identification and Entry Governance” and forcing 60% of CISOs to create a devoted “AI Identification” group inside IAM.
Innovation and know-how, Hand of robotic touching a padlock of security on community connection of enterprise, Data trade, Monetary and banking, AI, Cyber crime and web security.
