From cloud-first government strategies to rapid fintech growth and the proliferation of e-commerce, the region is increasingly reliant on digital infrastructure as the backbone of economic activity. But with that progress comes a stark reality: the region’s cyber threat landscape has intensified dramatically over the past 24 months, particularly for critical sectors such as finance, healthcare, and logistics.
The speed and scale of digitisation have exposed systemic vulnerabilities across both public and private sectors. In 2023 alone, several ASEAN countries reported a surge in ransomware incidents, phishing campaigns powered by generative AI, and targeted attacks on digital supply chains. According to Interpol, Southeast Asia remains one of the world’s fastest-growing targets for cybercrime, with small and medium-sized enterprises (SMEs) especially at risk due to underinvestment in security infrastructure and skills shortages.
Here are the top 5 cybersecurity startups in Southeast Asia protecting businesses from digital threats and providing digital security solutions
Against this backdrop, artificial intelligence (AI) is emerging as a crucial component in the region’s cybersecurity arsenal. AI-driven platforms are helping organisations detect threats in real time, automate response mechanisms, and reduce dependence on overstretched security teams. This shift is not just about defending against attacks—it’s about embedding cyber resilience directly into the fabric of digital operations.
However, implementing AI-powered cybersecurity at scale across Southeast Asia is far from straightforward. Many organisations still operate on legacy infrastructure and maintain a reactive approach to security, upgrading systems only after experiencing breaches. Moreover, fragmented data privacy regulations and the rise of data localisation laws complicate the use of AI, which often requires large, cross-border datasets for training and optimisation.
Governments across the region are beginning to respond. Initiatives such as Singapore’s Safer Cyberspace Masterplan, Malaysia’s Cybersecurity Strategy 2020–2024, and the expected ASEAN Digital Economy Framework Agreement (DEFA) in 2025 signal a growing consensus on the need for coordinated cyber governance. But regulation alone is not enough. Businesses must proactively build organisational cyber resilience—training teams, integrating secure-by-design principles, and selecting the right partners to deliver scalable, AI-ready solutions that align with both compliance and operational goals.
The urgency is real. As cyber threats grow more sophisticated, static defences are no longer viable. The opportunity, and necessity, for AI lies in its ability to enable dynamic, autonomous protection across endpoints, networks, and data centres. For Southeast Asia’s digital economy to thrive, AI-enabled cybersecurity must move from a future aspiration to an operational standard. Over the next two to three years, the organisations that succeed will be those that treat security not as an afterthought, but as foundational infrastructure for digital growth. We speak to Nima Baiati, Executive Director and General Manager of Commercial Cybersecurity Solutions at Lenovo, about the future of the region and why this matters.
How has the threat landscape evolved in Southeast Asia over the past 12–24 months, particularly in industries like finance, healthcare, and logistics that are critical to the region’s digital economy?
As more businesses in the economy become more digitalised, the number of cyberattacks and threats is bound to increase.
The threat landscape in Southeast Asia has intensified dramatically over the past 12-24 months, mirroring the region’s ongoing digitalisation. The escalating and targeted threat environment underscores a fundamental truth: cyber resilience must be built-in and pervasive. The increasing pressure on industries highlights the urgent need for robust endpoint protection and comprehensive security solutions that can effectively defend against evolving threats and ensure continuity in the face of persistent attacks.
Lenovo’s portfolio of cybersecurity solutions – ThinkShield – evolves with the modern threat landscape to protect businesses and adapt to the needs of the workforce. Security vulnerabilities from the supply chain to the endpoint are covered by a layered defence of hardware, software, and services.
Many businesses in Southeast Asia still rely on legacy infrastructure. What are the core challenges regional companies face when trying to implement AI-powered cybersecurity tools at scale?
The first challenge is that there is still a mindset among many business leaders that ‘good enough’ is acceptable and viewing security and IT as a compliance process. This mindset is starting to shift, especially in countries in Southeast Asia where there are now top-down initiatives around AI. Increasingly, CEOs and boards are starting to recognise that if they don’t leverage AI and digitalisation to adapt, they may not be able to remain competitive in the future.
Secondly, it could be that top management is not seeing the need to implement AI-powered cybersecurity tools at scale. Unfortunately, in many markets, decision makers do not see the value of upgrading cybersecurity systems until after they face an attack. We’ve been seeing this mindset shift the last couple of years in the region; however, with technology accelerating at a pace we’ve not seen before, driven by AI, the velocity of the shift in mindset must increase.
Thirdly, data privacy is a paramount concern, especially in markets with stringent regulations. AI in cybersecurity necessitates handling vast amounts of sensitive data, raising complex compliance issues, particularly regarding cross-border data flows and transparent AI decision-making to avoid bias and maintain customer trust. This underscores the foundational need for modern, secure endpoint infrastructure in providing a trusted platform capable of integrating with and leveraging these next-generation security capabilities effectively.
One thing that stands out when it comes to AI is that Southeast Asia is in the game, be it in investments in data centres in Singapore, Thailand, Malaysia, or around top-down initiatives to invest in AI and its infrastructure. With that, there’s a strong reason why organisations in Southeast Asia must adopt AI security solutions.
AI’s ability to deliver real-time threat detection and automated response is often cited as a game-changer. In practice, how effective has this been in Southeast Asia, and what success stories or use cases stand out?
AI-enabled cybersecurity solutions’ ability to deliver real-time threat detection and automated response is indeed proving to be a significant game-changer in Southeast Asia, helping organisations move towards more proactive and efficient security postures. We see the practical effectiveness in faster threat identification and reduced manual workloads across various sectors.
For example, a leading logistics provider in the region leveraged Lenovo’s ability to deliver robust end-to-end solutions and harnessed the power of automation, robotics, and AI through Lenovo, managing its warehouse operations to reduce costly human interventions and cut out delays. Through these, they streamlined and integrated their systems through Lenovo, introducing robots to maximise the use of their warehouse space. Built to integrate with existing software, the Warehouse Execution System (WES) makes it easier to manage robots and other automated equipment on the warehouse floor. Choosing the right partner and technology was crucial, as our customer had to also prepare for future automation and AI potential. The benefits of the Lenovo solution for our customer were rapid and measurable, helping transform their manufacturing sites into fully automated, state-of-the-art facilities, increasing order processing by up to 40%.
Lenovo’s end-to-end security solutions significantly strengthened another one of our customers’ cybersecurity posture through a multi-layered approach. The company initially secured ThinkPad L14 laptops bundled with Lenovo Premier Support for 24/7 technical assistance, then dramatically enhanced their security by implementing ThinkShield services with over 1,300 licenses for SentinelOne-powered autonomous endpoint protection. This AI-driven endpoint detection and response (EDR) solution provides real-time threat protection across their Lenovo device fleet, offering integrated antivirus capabilities that can be customised to their specific environment. As the company scaled to over 1,000 employees using Lenovo devices daily, they expanded their security infrastructure further by partnering with Lenovo to deploy ThinkSystem SR650 servers as the foundation of their new hybrid cloud strategy, demonstrating how Lenovo’s end-to-end security ecosystem supported their growth from endpoint protection to comprehensive data centre security.
This kind of tangible impact underscores AI’s potential, and Lenovo is directly contributing to this by integrating AI-powered endpoint security with ThinkShied Extend Detection & Response (XDR) through our partnership with SentinelOne. This collaboration is bringing autonomous, real-time protection directly to Lenovo devices, providing customers with intelligent, self-defending capabilities and significantly enhancing their security and resilience against the evolving threat landscape in the region.
How are companies in Southeast Asia navigating the tension between data localisation laws and the need to train and deploy robust AI models?
Navigating the tension between diverse data localisation and sovereignty laws across Southeast Asia and the data-intensive needs of training and deploying robust AI models is a significant challenge for regional companies. AI thrives on large, often cross-border datasets, while localisation mandates restrict data movement, creating a complex compliance landscape that can hinder model development and scalable deployment. Companies are addressing this by strategically leveraging local data infrastructure, exploring hybrid and edge computing architectures to process data closer to its source, and implementing robust data anonymisation and privacy-by-design principles.
Effectively balancing these regulatory requirements with the need for AI-driven insights demands flexible and secure infrastructure. For example, Lenovo provides the foundational hardware and solutions, from intelligent edge devices to robust data centre systems, that enable businesses to meet data residency obligations while building and deploying the localised AI models crucial for innovation and competitiveness in the diverse Southeast Asian market.
Beyond tools and platforms, how are companies in Southeast Asia building cyber resilience at the organisational level, from training and governance to incident response readiness?
Beyond implementing tools and platforms, companies in Southeast Asia are building cyber resilience at the organisational level through a multi-pronged approach focusing on people, processes, and technology integration. This involves strengthening governance with clearer security policies, enhancing human defences through regular and effective cybersecurity awareness training for all employees, and rigorously developing and practising incident response plans to minimise the impact of potential breaches.
A key aspect is establishing a fundamentally secure and manageable IT environment that underpins these efforts. Companies recognise that this requires expertise and scale, often partnering with providers known for secure and easily managed endpoint solutions to ensure devices are secure from the start and streamlined for ongoing management. This foundational security approach is critical for building organisational resilience and enabling security teams to focus on higher-level tasks like training, governance, and response readiness.
As the region’s digital economy expands, where do you see the biggest opportunities and gaps for AI-driven cybersecurity in Southeast Asia over the next two to three years?
Cyberattacks in Southeast Asia are projected to continue rising due to ongoing digital transformation, with increasing sophistication and diversification of attack methods. The integration of emerging technologies like AI in cyberattacks and the expansion of cryptocurrency-related threats will further shape the threat landscape in 2025 and beyond.
As Southeast Asia’s digital economy continues its rapid expansion over the next two to three years, the opportunities for AI-enabled cybersecurity solutions are immense, primarily in enabling more proactive and effective defences against increasingly sophisticated threats, including Generative AI phishing attacks and ransomware. AI-enabled security solutions offer the potential to significantly enhance real-time threat detection, automate responses, reduce the burden on limited security teams, and provide deeper insights from vast amounts of data. This is crucial for protecting critical sectors like finance, healthcare, and logistics, which are increasingly targeted, and for building greater resilience across the region’s digital infrastructure.
However, significant gaps in the adoption and effective deployment of AI-driven cybersecurity persist. These include a shortage of skilled professionals capable of implementing and managing these advanced tools, challenges related to data privacy and navigating diverse data localisation laws for AI training, and the cost and complexity of integrating AI solutions with existing legacy systems. Ultimately, the need to bridge these gaps also requires strategic investment in talent development, clearer regulatory guidance, and importantly, leveraging technology partners that can provide the foundational secure and AI-ready platforms necessary for organisations to effectively adopt and operationalise AI in their cybersecurity strategies.