As AI becomes more capable and agentic, attacks are becoming faster, more convincing, and harder to detect through conventional means. We are already seeing this with many organisations experiencing reputational damage from AI-generated misinformation or impersonation campaigns from deep fakes.
These new threats are not going to wait for your security program to mature. Cyber criminals adopting AI are now doing so precisely because it allows them to scale their operations against targets that unfortunately, may have yet to adjust their defenses.
How worried should we be?
iTNews Asia uncovers these new cyber security concerns around AI that organisations are grappling with Andy Zollo, Senior Vice President, Application & Data Security (APJ), Thales, and finds out why you should start with clear data visibility and identity effective against all attacks, including the AI-powered ones.
iTNews Asia: Let me start by asking how you see the landscape of cybersecurity in APAC evolving this year? What new and unique challenges are CISOs and security managers facing now?
Zollo: The single biggest shift we are seeing across Asia Pacific is a change in who, or what, poses the insider risk. For years, security teams focused on human users as their main concern. In 2026, the picture is significantly more complex, given that AI systems have moved from being tools that people use, to systems that operate with substantial autonomy inside corporate environments. They authenticate, they access data, and they make decisions with a speed and scale that no human team can match.
Our 2026 Data Threat Report found that seven out of 10 organisations across Asia Pacific cite AI as their top data security risk. What is striking about that figure is not the technology itself, but what it reveals about how organisations have handled its deployment. These systems are being granted access to enterprise data with far fewer controls than those applied to human users. That is a structural vulnerability, and it sits at the heart of what CISOs are now grappling with.
On top of that, the fundamentals of security in the region remain under pressure. Identity infrastructure has become the primary attack surface in APAC. A similar seven of 10 organisations tell us that credential theft is the leading attack technique against their cloud infrastructure. The cloud estate is also expanding fast, with organisations managing an average of 89 SaaS applications, and in turn, with each integration point a potential entry path.
The challenge for security leaders this year is not a lack of tools, but instead lacking both clear visibilities, as well as a governance model that has yet to catch up with the pace of AI adoption.
iTNews Asia: We are seeing more remote work and increased reliance on cloud services, which are further expanding the attack surfaces? Employees often have automated access to enterprise data, but they have fewer controls.
Zollo: When your employees are working remotely, your data is distributed across dozens of cloud and SaaS environments, and your AI systems are accessing that data automatically, the old model of securing a defined boundary simply does not hold. What organisations need to do is build their security posture around the data itself, rather than the network surrounding it.
iTNews Asia: What should companies do to mitigate against these increased risks?
Zollo: Visibility is a starting point; you cannot protect what you cannot see, and across Asia Pacific, only a third of organisations know where all their data resides. In an environment where AI agents are continuously ingesting and acting on data, that gap becomes critical.
From there, the priority must be identity governance and encryption. Least-privileged access, which means granting only the strictly necessary rights to any user or system, must apply to AI systems as rigorously as it applies to human employees. Just as importantly, encryption should be treated as a baseline, not an optional layer.
We found that nearly half of sensitive cloud data in the Asia Pacific region remains unencrypted. That is a significant exposure point that organisations need to address with urgency. At the end of the day, the mindset shift that matters most is treating data security as foundational to operations, rather than as a function that runs alongside.
iTNews Asia: Across the region, investment is not keeping pace with the rapid expansion of AI-driven access and automation. AI models have also highlighted significant security gaps, exposing weaknesses in prompt filtering, data retention policies, and information exposure risks. Do APAC organisations need to rethink their traditional cybersecurity posture?
Zollo: Very much so, and the rethink must be substantive. While the traditional security posture was built around human users and perimeter defenses, AI operates differently. That requires a different approach.
The investment picture illustrates the gap well. About a third of organisations in the region have dedicated budgets for AI security. The majority are still trying to cover AI risks using security programs designed for a fundamentally different operating model. As AI systems authenticate and act autonomously at scale, those programs simply were not built to handle that workload.
Vulnerabilities like prompt filtering, data retention, and information exposure are a direct consequence of deploying AI systems without first understanding how they interact with enterprise data. When an AI model has access to a broad set of data sources and operates without clear policies governing what it can retain, share, or surface, the exposure risk is significant and often invisible until something goes wrong.
What organisations need is a data-first AI security strategy. That means classifying data before AI touches it, defining clear access policies for AI systems, and ensuring encryption and key management extend to the environments where AI operates. For example, we found that Singapore and Hong Kong are ahead of the APAC average when it comes to dedicated AI security budgets. That suggests that the awareness is already there. The challenge is translating that awareness into action fast enough to match the exposure.
iTNews Asia: How effective have AI monitoring tools to track and regulate how employees interact with AI systems? While well-intentioned, do you think these solutions also introduce additional layers of risk?
Zollo: We can all agree that AI monitoring tools serve an important function, and they are increasingly necessary as organisations try to get visibility into how employees are using AI systems. However, the challenge is that monitoring alone does not constitute governance.
One of the consistent themes in this year's report is that tool sprawl is itself a security risk. We found that three quarters of APAC organisations we polled are today running 5 or more data protection and monitoring tools simultaneously.
At the same time, about a third say they have high confidence in their understanding of the tools they already have. Adding more monitoring layers without addressing that underlying complexity can create coverage gaps and increase the operational burden on already stretched security teams.
There is a structural issue that monitoring tools can’t resolve. When alerts and logs don't have clear escalation paths to leadership, they improve detection at an operational level without necessarily translating into better decisions at the top. Security posture only improves when the right information reaches the right people.
The most effective approach combines monitoring with clear data governance frameworks and consolidated tooling. Monitoring tells you what is happening. Governance tells you what should and should not happen. Both are needed, and they work best when the tooling environment is rationalised rather than layered continuously.
iTNews Asia: You’ve mentioned that the real challenge for APAC leaders isn’t just adopting AI, but it’s about gaining visibility into where data lives and how identities are being used. How important is it for APAC organisations to fully understand the risk landscape of AI tools before allowing them to process enterprise data?
The speed of AI adoption across Asia Pacific is genuinely impressive, and the operational benefits are real. That said, understanding the risk landscape ahead of deployment is crucial. A real concern is that governance frameworks are being built after the fact, if they are being built at all.
- Andy Zollo, Senior Vice President, Application & Data Security (APJ), Thales.
Zollo: When an AI system is granted access to enterprise data, it brings with it a set of assumptions about what data it can reach, how it can use that data, and what it can retain. If the organisation has not already answered those questions, the AI will effectively answer them through its behavior, and that behaviour may expose sensitive data to unintended parties or create compliance risks that were entirely avoidable.
iTNews Asia: What must businesses do to ensure that AI-driven data interactions are governed effectively?
Zollo: There are several things organisations need to do before allowing AI to process enterprise data.
Data classification must be a foundational element. If you do not know what data you hold and how sensitive it is, you cannot make informed decisions about what an AI system should access.
Identity governance comes next. AI systems need access controls and audit trails just as human users do. Encryption must be consistent across the environments where AI operates, including cloud and SaaS platforms where, at present, nearly half of sensitive data in the region sits unencrypted.
Organisations that get this right will find that strong governance accelerates AI adoption, because it builds the internal confidence to move quickly. Conversely, the organisations that skip it will eventually face an incident that forces the conversation under much less favourable conditions.
iTNews Asia: Cyber criminals are now using AI to extract corporate intelligence, manipulate authentication processes, and launch automated cyberattacks. Are these risks, as well as the scale of attacks, going to get worse with agentic AI? What advice can you give?
Zollo: Agentic AI introduces a new dimension to this challenge. When attackers can deploy AI agents that operate continuously, adapt their approach based on what they encounter, and act across multiple systems simultaneously, the speed and sophistication of attacks increase substantially. Take credential theft, for example, as the most widely cited attack technique against cloud infrastructure in the region. Adding agentic AI into the mix simply makes those attacks faster and harder to interrupt.
For larger enterprises, the response requires a combination of investment in AI-aware identity security, encryption infrastructure, and data governance. For smaller enterprises, the resource constraints are real, and the approach must be proportionate. That means focusing on the highest-impact fundamentals: understanding where sensitive data lives, applying multi-factor authentication consistently, and choosing cloud and SaaS providers who offer strong encryption and key management options rather than requiring organisations to build that capability from scratch.
What I would say to any organisation, regardless of size, is that the threat is not going to wait for your security program to mature. The criminals adopting AI are doing so precisely because it allows them to scale their operations against targets that have not yet adjusted their defenses.
Starting with clear data visibility and identity controls gives you a foundation that is effective against a broad range of attack types, including the AI-powered ones that are becoming increasingly common across the region.
