For year now, Asia's cyber threat landscape has been marked by escalating nation-state attacks and rampant cloud breaches. In 2026, it stands to be transformed by integrating agentic AI for proactive threat detection. 

This autonomous technology could pre-empt lateral movements, reduce alert fatigue, and enable real-time breach containment, bolstering defences for organisations amid high cloud saturation and sophisticated adversarial tactics.

In this PodChats for FutureCISO, we are joined by Andrew Kay, Director of Systems Engineering APJ at Illumio, to share with us his views on how CISOs in Asia can use behavioural AI to shields against multi-cloud vulnerabilities.

1.       How are Asian organisations employing machine learning algorithms, such as graph neural networks, within AI frameworks to manage hybrid cloud complexities and mitigate nation-state-sponsored APTs?

2.       What specific vulnerabilities in multi-cloud environments, exacerbated by Asia's high cloud saturation, enable east-west lateral movement, and how can agentic AI utilise behavioural analytics to pre-empt such exploits?

3.       How do AI-driven security graphs, leveraging real-time entity resolution and anomaly detection via unsupervised learning, offer a dynamic topology of workloads, users, and communications to identify subtle deviations indicative of threats?

4.       Amid Asia's exposure to APTs, how can agentic AI leverage multi-agent systems for real-time threat correlation, accelerating decision trees and automating containment protocols like micro-segmentation?

5.       What capabilities might agentic AI provide in tailoring threat intelligence feeds and remediation workflows to specific roles, such as integrating with SOAR platforms for threat hunters or generating compliance-aligned reports for analysts?

6.       What technical risks arise from agentic AI deployment, including prompt injection vulnerabilities or model drift leading to erroneous autonomous decisions, and what mitigation strategies, such as human-in-the-loop safeguards, are suitable for Asian regulatory environments?

7.       Under which conditions could agentic AI interoperate with existing EDR (Endpoint Detection and Response) and XDR (Extended Detection and Response) tools to orchestrate automated responses, such as dynamic access controls, in expansive cloud infrastructures?