In 2025, Asia’s cybersecurity landscape is shaped by rapid digitalisation, AI adoption, and evolving regulatory frameworks. Regional authorities, such as Singapore’s MAS and South Korea’s National AI Committee, are intensifying enforcement and introducing robust regulations for data privacy, AI governance, and cyber risk management.

Businesses face mounting threats from ransomware, advanced persistent threats, and supply chain vulnerabilities, driving demand for Cybersecurity-as-a-Service and managed SOCs. Industry reports highlight a widening gap in cyber resilience and stress the need for urgent action to address cyber inequity and enhance recovery capabilities.

Sean Duca, Customer Experience Chief Technology Officer for Cisco in the APJC regions shares his perspective on the following questions.

1. How will evolving AI, cloud security, and data privacy regulations across Asia-Pacific affect CISO’s multi-cloud governance and compliance frameworks?

2. What strategies can CISOs/organisations adopt to defend against increasingly sophisticated ransomware, supply chain attacks, and network-based intrusions?

3. How do CISOs/CIOs secure hybrid and multi-cloud environments effectively, leveraging generative AI tools to automate identity and access management while reducing manual overhead?

4. Some say quantum computing is still years away. That said, people are talking about post-quantum cryptography today. Can you share any best practice for implementing quantum-resistant encryption and network security protocols to mitigate emerging quantum computing threats?

5. How can CISOs ensure robust security and compliance for AI-powered cloud applications and edge computing infrastructure under diverse data sovereignty laws? How should the CISO work with the CIO and the risk/compliance officers of the organization?

6. Recapping what we’ve covered so far: our topic is Developing a Resilient Cybersecurity Roadmap. Can you offer some recommendations for CISOs and CIOs in developing their resilient cybersecurity roadmap?