Traditional defences fall short in the region's rapidly digitising landscape, with vulnerabilities in cloud, OT, supply chains, and critical sectors like healthcare. For CIOs, CISOs and CROs, the industrialisation of cyber threats requires pivoting to practical defence strategies against industrialised cyber threats that operate like efficient enterprises, powered by AI agents and automated workflows compressing attack lifecycles to minutes.

What does a resilience strategy look like? What should be the approach taken by organisations to achieve machine-speed adaptability in 2026.

For more on this, we are joined by Jonas Walker, director of threat intelligence, Fortinet.

1.       Describe what for you is an industrialisation of cybercrime?

2.       How has this industrialisation of cybercrime in Asia necessitated a shift from reactive to proactive defence strategies?

3.       What role do AI-enabled agents play in accelerating attack stages, and how can defenders in the region counter this by operationalising threat intelligence at machine speed?

4.       Why must defences prioritise refining established controls over novel innovations, and what does this mean for managing dwell times in environments with expanding OT and IoT exposures?

5.       How are botnets and insider recruitment threats amplifying industrial-scale attacks, and what defensive measures should leaders implement to disrupt these?

6.       In recent years, governments around Asia have raised concerns around the vulnerability of critical infrastructure. Can you suggest 1 or 2 practical strategies to mitigate blended threats such as ransomware and data extortion, including essential tools and frameworks like integrated SecOps for automated detection and containment?

7.       In the context of today’s hybrid, meaning human and machine workers, why is identity governance becoming central to defence? More importantly, how can it be enforced in AI-driven cloud environments?

8.       What is the answer to Asia’s perennial security skills gap? How can organisations build specialised expertise in areas like detection engineering and AI operations to support resilient defences?

9.       What practical incentives can Asia’s leaders leverage to disrupt cybercrime ecosystems and enhance accountability, and how can CISOs and CIOs work together to strengthen long-term defence strategies against evolving industrialised threats?

In 2025, AI is reshaping the COO’s mandate across Asia, shifting focus from process efficiency to strategic orchestration. According to McKinsey (2024), 68% of APAC operations leaders report AI-driven automation freeing up 20–30% of planning capacity, enabling greater emphasis on resilience and innovation. 

Accenture highlights that AI-powered predictive operations are now table stakes in manufacturing and logistics hubs like Vietnam and Singapore. 

However, Gartner cautions that only 35% of Asian firms have mature data governance to support enterprise AI at scale. 

For COOs, the imperative is clear: integrate AI into core operational workflows while navigating talent gaps and ethical AI frameworks unique to Asia’s fragmented regulatory landscape.

Questions

1.       Define AI as viewed from the perspective of the COO.

2.       How is AI redefining the strategic scope of the COO beyond traditional operational efficiency in Asian organisations? 

3.       In organisations where CEOs increasingly own AI strategy in Asia Pacific, how can COOs ensure day-to-day operations, processes, and KPIs stay tightly aligned with that strategy, including their role in cross-functional AI governance and enterprise-wide AI scaling? 

4.       Which high-value operational domains (e.g. supply chain, customer operations, risk and compliance, manufacturing, warehousing, etc) in Asia offer the greatest near-term returns from generative and agentic AI, and how should COOs prioritise them, including which industries are leading in AI-driven operational transformation? 

5.       What new operating models are emerging as AI blurs the lines between planning, execution, and decision-making, and how should the COO mandate evolve when AI and automation become core to the business model in Asian markets? 

6.       How can COOs redesign operating models to integrate “digital labour” and AI agents alongside human teams, including how leading Asian firms are reskilling operations talent to work effectively alongside AI systems while addressing employee job-fear and skills gaps? 

7.       What new leadership, data, and AI literacy capabilities must operations leaders and middle management in Asia develop to manage AI-augmented teams effectively? 

8.       What governance frameworks are needed for responsible and ethical AI use in operations, ensuring alignment with Asia’s diverse regulatory and ethical standards on data privacy, security, model risk, transparency, fairness, and brand trust? 

9.       What metrics beyond cost savings should COOs adopt to measure AI’s impact on resilience, service quality, growth, and overall business value in Asia’s volatile markets? 

10.   How should COOs structure partnerships with consulting firms and technology providers to accelerate AI-enabled operations without creating long-term vendor lock-in? 

11.   Given constrained budgets and competing priorities for 2026, what capital allocation and business case criteria should COOs apply to scale AI in operations while avoiding hype-driven investments, addressing pressing data governance and infrastructure gaps?

12.   What is Teceze?

13.   What i

As we approach 2026, the promise of artificial intelligence across Southeast Asia and Hong Kong is palpable, driven in part by aspirations for unparalleled efficiency and innovation. 

Yet, for AI to truly deliver on this promise for business leaders, a critical threshold of trust and security must be crossed. 

The emergence of agentic AI—autonomous systems that can act, access data, and execute tasks—represents both the pinnacle of this potential and its greatest peril. 

With the region's rapid digital acceleration and complex regulatory tapestry, securing these agents from large-scale data breaches and operational disruption is no longer a future consideration; it is the definitive security mandate for 2026. 

The journey from hype to secured value depends on the governance, design, and vigilance we enact today.

FutureCISO spoke to Ray Canzanese, director of Netskope Threat Labs, about the approaches the things that need to happen for AI to deliver on its promises in 2026.

Questions:   

1.       What is the most interesting observation you’ve seen in 2025?

2.       As ASEAN releases its AI Guide and regional regulations evolve, what should be the priority for a CISO building a governance framework for agentic AI in 2026?

3.       Why does agentic AI fundamentally change the cyber risk profile for an organisation, and how does this exacerbate threats in our interconnected Southeast Asian business landscape?

4.       You’ve suggested the first major agentic AI-driven data breach could occur in 2026. What might a typical attack chain look like, targeting a poorly secured agent in a multinational based in Singapore or Hong Kong?

5.       The principle of least privilege is challenging with dynamic AI agents. What are the practical steps for security leaders to implement effective permission models without stifling innovation?

6.       How can frameworks like the Model Context Protocol (MCP) be leveraged to enforce a 'security-by-design' approach for AI agents, and is the industry in our region adopting them quickly enough?

7.       With organisations here often using a mix of global and local AI providers, how should we approach the unique third-party and supply chain risks introduced by agentic AI ecosystems?

8.       Beyond technical controls, what changes in day-to-day security operations (SecOps) are needed to monitor and respond to anomalous agent behaviour in real-time?

9.       How can CISOs effectively communicate the tangible business risks—and secured value—of agentic AI to boards, CFOs, and COOs who are eager for competitive advantage?

10.   Looking ahead to 2026, what one metric will indicate that an organisation in our region has successfully secured its agentic AI initiatives and is ready to scale?

As we move into 2026, AI is no longer a strategic experiment—it’s the engine of operational transformation. Across Asia, COOs are stepping beyond traditional oversight roles to become chief orchestrators of AI infrastructure: the complex, dynamic backbone that powers everything from real-time customer insights to autonomous supply chains. 

But what does it truly mean to build “AI-ready” infrastructure in a region defined by rapid innovation, diverse regulatory regimes, and intensifying pressure on energy and talent?

In this PodChats for FutureCOO, we are joined by Tejaswini Tilak, VP, Marketing, APAC, Digital Realty, who will share her perspective on Orchestrating the organisation’s AI Infrastructure as viewed by the COO in 2026.

1.       How can we ensure our AI infrastructure investments deliver long-term operational agility and business value amid rapidly shifting AI models, regulations, and market conditions across Asia?

2.       What operating model enables us to efficiently manage both compute-intensive AI training and real-time, low-latency inference—especially as business units demand responsiveness from factory floors to customer touchpoints?

3.       As AI inference moves closer to end users and industrial operations, how must we evolve our edge and colocation footprint to guarantee uptime, performance, and disaster resilience across diverse Asian markets?

4.       Given Asia’s patchwork of data sovereignty laws, how can we standardize data governance across markets while enabling seamless AI operations and avoiding regulatory penalties or business delays?

5.       Beyond raw compute, which operational metrics—such as time-to-decision, energy-per-inference, or cost-per-AI-outcome—should drive our AI infrastructure strategy and investment reviews?

6.       How do we balance the surging energy demands of AI with our corporate sustainability commitments and operational cost targets—without compromising scalability or performance?

7.       What strategic partnerships—with digital infrastructure providers, energy utilities, and technology vendors—are essential to de-risk and accelerate our AI operational roadmap across Asia in 2026–2027?

8.       Drawing from your observations in the market in 2025, what advise can you offer COOs and other members of the C-Suite when it comes to their investment strategies for 2026? 

9.       With 2026 just around the corner, what are you expectations of things to come?

For the modern COO, the future of operational excellence in Asia hinges on perfecting human–AI collaboration and workforce orchestration. This is not about mere automation but about creating a synergistic ecosystem where human intuition and machine intelligence coalesce. 

In 2026, with Asia's diverse and rapidly evolving labour markets, the ability to orchestrate this new workforce is paramount to driving productivity, innovation, and agility. As a practising COO in the region notes, “The most successful organisations will be those that can best choreograph their human and digital talent to perform in unison.” 

Mastering this is no longer a competitive advantage but a core operational necessity. In this exclusive interview with FutureCOO, Bhaskar Roy, Chief of AI Products and Solutions at Workato, offers his perspective on the human-AI collaboration as it evolves with maturing use and industry of what the technology can and cannot do.

1.       (Define) What is Human-AI collaboration? (new role: agent manager)

a.       How would COOs define a strategic vision for Human–AI collaboration that aligns with their organisation’s core business objectives and creates a tangible competitive advantage in the Asian market? (operational efficiency - HR, drive growth – sales/marketing, improving customer experience/success)

2.       What new organisational structures and operational workflows are required to support integrated human and AI teams? (teaming up with CIO, upskilling, 

3.       Do you expect human-AI collaboration to diminish the proliferation of operational silos?

4.       Do we apply the same adoption principles used in RPA to AI? (Which specific operational processes and decisions are best suited for full automation, enhanced human judgement with AI insights, or entirely new collaborative tasks?)

5.       What are the most critical new skills—both for human employees and leadership—that COOs (and functional leaders) must develop to thrive in this new collaborative environment?

6.       How do COOs, working with CHROs, ethically manage the transition for our existing workforce, ensuring robust reskilling and upskilling pathways that align with future operational needs?

7.       What key performance indicators (KPIs) and metrics can COOs, functional leaders and HR use to measure the effectiveness and ROI of Human–AI collaboration, moving beyond simple productivity gains?

8.       How will the COO's role evolve from managing people and processes to orchestrating a fluid, hybrid workforce of employees, contractors, and AI agents?

9.   Any recommendations for how to design a technology infrastructure that is both scalable and flexible enough to integrate new AI capabilities rapidly as they emerge? (partner to set guardrails, partner to identify the right tech, 

10.   Into 2026, can you share your expectations on the human-AI collaboration landscape as it develops in Asia?

11.   Questions that a COO needs to consider as they look to adopt human-AI collaboration?

As IoT adoption accelerates and cross-border supply chains deepen, the region faces escalating risks from fragmented regulations, AI-driven malware, and legacy infrastructure gaps. Traditional prevention models are faltering against sophisticated, fast-moving threats. Instead, governments and enterprises are shifting toward containment-first frameworks—rapid isolation of compromised nodes, segmented supply chain networks, and resilient recovery protocols. This reckoning reflects Southeast Asia’s dual reality: digital economies expanding at breakneck speed, yet exposure widening. By embracing containment as the new prevention, the region positions itself not to eliminate breaches, but to survive and adapt within them.

Following the case of Singapore’s pivot in 2025–2026 toward containment-first cybersecurity, perhaps there is merit in treating containment as the new paradigm.

In this PodChats for FutureIoT, Kenny Ng, Head of Network Business Division, APAC, Alcatel-Lucent Enterprise, offers his perspective on how containment is the new prevention.

1. Given that third-party digital partners were the primary attack vector in 2025, what is the most effective way to enforce "never trust, always verify" without crippling operational efficiency?
2. Beyond multi-factor authentication, what specific contextual factors—such as device posture, time of access, and requested application—should enterprises use to dynamically grant vendors the least privilege required?
3. For Operational Technology environments, which are often air-gapped or rely on legacy systems, how can enterprises practically implement micro-segmentation to create containment zones without disrupting critical processes?
4. How do security and operational leaders rigorously define and enforce the boundary between corporate IT network and production OT network to prevent a cross-functional breach?
5. With the mindset of "containment, not prevention," what are the key metrics IT and OT should track to measure their success in limiting the blast radius of a potential incident, rather than just counting blocked attacks?
6. How can organisations redesign their incident response playbooks to prioritise the immediate isolation of compromised segments, thereby containing a threat before it can move laterally?
7. What is the business case for prioritising investment in ZTA over traditional perimeter defences, and how can enterprises demonstrate its ROI to the board through enhanced business continuity and reduced operational risk?
8. As organisations implement ZTA, how can they ensure seamless interoperability between existing security investments and new ZTA-enabling technologies to avoid creating new security gaps?
9. How must the roles and responsibilities of IT and OT security teams evolve and collaborate to manage a unified Zero Trust policy across both corporate and production environments?
10. Looking beyond their own enterprise, how can businesses encourage or mandate the adoption of Zero Trust principles across their entire supply chain to strengthen the collective ecosystem resilience?

By 2026, the paradigm of network defence is set to undergo its most profound shift. For CISOs and Heads of Networking, the escalating velocity of AI-powered threats is rendering human-scale response obsolete. 

According to Cybersecurity Ventures, these attacks are projected to cost the world $60 billion annually by 2025, creating pervasive and costly risk. 

In this landscape, a self-defending network is no longer a futuristic concept but a strategic imperative. It represents the evolution from human-led, reactive security to an AI-native architecture capable of autonomous threat detection, isolation, and remediation, ensuring business resilience.

In this PodChats for FutureCISO, we are joined by Nick Harders, APJ Systems Engineering Director, HPE Networking, to talk to us about why enterprises must reframe their security strategy around a self-defending network in 2026.

1.       What is your definition of self-healing, AI-driven networks?

2.       How can we effectively measure the ROI of self-healing, AI-driven networks beyond traditional uptime metrics, perhaps in terms of risk reduction or operational expenditure savings?

3.       As we deploy agentic AI for autonomous network operations, what new governance and audit frameworks are required to ensure its decisions remain aligned with business objectives and compliance mandates?

4.       In a region with diverse data sovereignty laws, how can we design our autonomous network architecture to ensure data for AIOps and security analytics is processed and stored compliantly across different Asian jurisdictions?

5.       With AI-powered threats capable of social engineering and polymorphic code, how do we ensure our AI-native defences can adapt quickly enough without generating excessive false positives that disrupt business?

6.       To what extent can we trust predictive insights from our network AI, and what processes are needed for human teams to validate and act upon these proactive recommendations?

7.       Given the increased reliance on AI, how do we protect AI's own infrastructure—the data pipelines, models, and control loops—from becoming a primary target for sophisticated threat actors?

8.       With the attack surface expanding to include every connected user and device, how does a converged NetSec strategy fundamentally change our approach to implementing and enforcing a zero-trust architecture?

9.       As networking and security teams converge, how do we bridge the cultural and skills gap to create unified "NetSec" engineers, and what does their new career path look like?

10.   What is the realistic division of responsibility between human teams and AI agents in a security incident response loop, and where should the final 'kill chain' authority lie?

11.   What strategic, human-centric skills should we be prioritising in the recruitment and training of our next-generation NetSec professionals?

12.   What are your expectations in 2026 and advise for CISOs and CIOs?

In 2026, governments across Asia grapple with escalating cybersecurity challenges amid rapid digital transformation and geopolitical tensions. AI-powered threats, including sophisticated phishing and deepfakes, pose significant risks, with IDC forecasting that 76.5% of Asia/Pacific enterprises lack confidence in detecting such attacks. 

Ransomware continues to evolve, targeting critical infrastructure, while supply chain vulnerabilities expose sensitive data—Gartner predicts 45% of global organisations will face software supply chain attacks by 2025, a trend persisting into 2026. 

Cloud adoption amplifies hybrid environment breaches, compounded by espionage-driven incursions, as Verizon reports 25% of APAC cyberattacks motivated by spying, with public administration the most targeted sector. Regulatory mandates demand robust compliance, straining resources in an era of legacy systems and talent shortages.

In this PodChats for FutureCISO, Aaron Bugal, Field CISO, APJ, Sophos, walks us through some of the coming cybersecurity issues government CISOs as well as those in the private sector, will find important in 2026.

1.       How can government CISOs effectively measure and improve their cybersecurity resilience, moving beyond compliance-based checklists to ensure the continuous delivery of essential citizen services during an attack?

2.       What strategies, have proven, most effective for securing legacy systems that remain critical to national operations, given they cannot be immediately replaced?

3.       With Gartner highlighting that by 2026, 50% of C-level executives will have performance requirements tied to cybersecurity risk, how can government CISOs best align their security metrics with national-level outcomes? 

4.       How can CISOs proactively defend against state-aligned (sponsored) actors who are increasingly targeting digital public services and critical infrastructure for espionage and disruption?

5.       Name one CISO strategy for managing third-party and supply chain risk, particularly as organisations, both private and public, rely on an ecosystem of partners to deliver complex, cloud-native government services?

6.       Given IDC's prediction that by 2026, 70% of organisations will consider environmental sustainability in their cloud purchase decisions, how can CISOs balance security, sovereignty, and sustainability in their technology procurements?

7.       How are government CISOs addressing the critical cybersecurity skills gap, and what new models for talent acquisition and retention must be developed to compete with the private sector? 

a.       How to avoid burnout?

8.       To what extent have CISOs integrated security into the entire application lifecycle (DevSecOps) for their national digital identity and other citizen-facing platforms?

9.       Name a governance and technical framework for the safe and ethical adoption of AI, both to enhance a government’s cyber defences and to mitigate its potential malicious use by threat actors?

10.   How are government CISOs collaborating with regional counterparts and international bodies to share threat intelligence and establish coordinated response protocols for cross-border cyber incidents?

11.   What is that one final advice for government CISOs as their update their cybersecurity strategies for 2026?

In 2025, Asia's digital economy surges beyond $330 billion in Southeast Asia alone, yet escalating cyber threats loom large for business, finance, and security leaders. SMS fraud is projected to intensify, with over 50% of telecom providers anticipating growth, fuelled by AI-enhanced smishing and artificially inflated traffic costing billions globally. Key concerns include ransomware, supply chain disruptions, and mobile payment scams eroding profitability and customer trust in finance, retail, e-commerce, and logistics. Opportunities lie in proactive, no-code tools for real-time detection, AI-driven prevention, and cross-sector collaborations, fostering operational agility and regulatory compliance amid a cybersecurity market reaching $74.22 billion.

Igor Mostovoy, Product Director of CPaaS, 8x8

1.       Who/What is 8x8?

2.       What are the latest projections for SMS fraud costs in Asia by 2026, including the impact of sophisticated threats like AIT on customer acquisition and operational margins?

3.       Beyond direct financial losses, what quantifiable effects do major SMS fraud incidents have on brand reputation and customer churn rates in key Asian markets?

4.       How might artificially inflated traffic and AI-powered scams like smishing affect e-commerce profitability and supply chain operations in logistics?

5.       Are our current fraud defences reactive, requiring developer intervention and causing delays, or can business teams detect and act in real time?

6.       What strategies can finance, and operations leaders employ to maintain customer trust amid rising threats, whilst ensuring secure communication channels during Southeast Asian expansion?

7.       How can we better integrate fraud management across operations, finance, and security teams to dismantle internal silos and enhance organisational agility?

8.       What capabilities are essential for proactively blocking fraudulent SMS traffic before it impacts customers or systems, including the use of no-code tools for non-technical teams?

9.       What role will regulatory changes and cross-industry collaborations play in combating digital fraud and strengthening security in retail and finance sectors?

10.   How would real-time visibility into SMS traffic patterns, powered by behavioural analysis, improve data-driven decisions on marketing spend and channel reliability?

11.   What is the total cost of ownership of fragmented fraud tools compared to integrated platforms, and how can robust defences be leveraged as a competitive trust advantage?

12.   (team sport) Into 2026, what is your advice for CISOs, CFOs and marketeers on the topic Proactive Fraud Defence?

The Silent Engine of Digital Resilience: Why Developer Experience Is Now a Boardroom Priority

In the boardrooms of Jakarta, Singapore, Tokyo, and Seoul, CIOs are no longer just asking, “How fast can we ship software?” They’re asking, “How sustainably can our developers innovate under mounting pressure—from regulators, customers, and competition?”

Across Asia, digital transformation has shifted from optional to existential. But the hidden bottleneck isn’t infrastructure or cloud spend—it’s developer productivity and experience (DevEx). As regulatory landscapes tighten (think Singapore’s PDPA amendments, Japan’s revised APPI, and Thailand’s Personal Data Protection Act enforcement), and as AI-augmented development reshapes workflows, enterprises that treat DevEx as a cost centre are falling behind those that treat it as a strategic asset.

In this PodChats for FutureCIO, Toh Soon Seah (Sia), founder and CTO, Netgain, discusses why developer experience is a boardroom priority, and how to turn DevEx into a core enterprise value.

1. What is developer experience (DevEx)?
2. Why is DevEx suddenly a C-suite priority in Asia in 2025–2026?
3. How are tightening data privacy regulations—from Singapore’s PDPA to Korea’s PIPA—reshaping the way engineering teams build software?
4. What role does cognitive load play in developer productivity, and why are leading Asian enterprises investing in internal developer platforms (IDPs) to reduce it?
5. Can AI-augmented development coexist with regulatory compliance, or does it introduce new risks?
6. How are companies in Asia embedding compliance into the developer workflow—not as a gate, but as guardrails?
7. What measurable business outcomes (beyond speed) are organizations seeing from mature DevEx practices—e.g., talent retention, audit readiness, incident reduction?
8. Why is “developer onboarding time” now a KPI for CIOs in digitally ambitious markets like Vietnam and Indonesia?
9. How do cultural and operational differences between countries in Asia influence DevEx strategies?
10. What are the pitfalls of treating DevEx as an IT initiative rather than an enterprise-wide value driver?
     
    1. Do you see this trend towards use of platforms a positive step in appdev?
11.  
12. Looking ahead to 2026, what will separate the digital leaders from the laggards in Asia’s competitive tech landscape—code volume, or developer enablement?

The corporate treasury function in Southeast Asia (SEA) and Hong Kong is navigating a complex landscape defined by monetary policy divergence, rapid technological adoption, and evolving regulatory demands. 

The role is transforming from an operational cost-centre to a strategic value-driver, focusing on resilience, efficiency, and strategic advisory. Key issues for 2026 will be mastering data analytics for decision-making, managing currency volatility in a multi-polar world, and integrating sustainability into the core of treasury operations.

In this PodChats for FutureCFO, we are joined by Pulat Yunusmetov, director, Zanders Singapore.

1.       What is the function of treasury?

2.       What do you mean by a proactive treasury? 

3.       Since you brought up the topic of the pandemic. What did you experienced or see during the pandemic that triggered this desire to transform treasury to a proactive function?

4.       The pandemic may be over, but we continue to experience economic volatility in the form of the wars in Eastern Europe and the Middle East, socio-political turbulence in many parts of the world, as well as more pronounced natural calamities in Asia. How have these events impacted corporate treasury?

5.       In 2025, do you think treasury is still an interesting career to pursue?

6.       You have built your career around the treasury function. How would you describe your journey over the years? Drawing from your own experience, what are the career prospects for treasury roles in the years to come?

7.       What skills do I need to have to be good at a treasury role?

8.       In the last couple of years, we’ve noticed an increased curiosity and interest around artificial intelligence as applied to the finance function. In what ways will AI, and its variants – GenAI, agentic AI, AI agents – impact the treasury function and profession?

9.       In 2026, what will be the biggest challenge or challenges facing the treasury function?

10.   What is the business of Zanders Singapore?

In 2025 identity has become the new (security) perimeter, making identity security attacks a primary threat vector for organisations throughout the region. Threat actors are targeting user credentials and privileged access pathways, moving beyond traditional network-based assaults to exploit identities as the weakest link. 

This is forcing CISOs to re-evaluate their defence-in-depth strategies, with a pronounced focus on securing privileged access management (PAM) as a critical control point. As organisations adopt zero trust architectures, we are seeing just-in-time and just-enough-access privileges becoming standard practice. But what about the use of AI in identity management?

In this PodChats for FutureCISO, we are joined by Nigel Tan, Delinea’s director of sales engineering in APAC, shares his views on how is AI altering identity and access management strategies?

1.       Before we start, give us the 30-second elevator pitch of who Delinea is.

2.       How is AI Redefining Identity and Access Management?

3.       Please identify emerging AI-driven IAM use cases in Southeast Asia and Hong Kong? 

4.       How do you see Agentic AI potentially changing Privileged Access Management (PAM)?

5.       We may have covered this in the earlier questions, what are the cybersecurity risks of AI-Enhanced IAM? Please cite 2025 incidents on the same topic.

6.       Efforts are underway to come up with regional regulations around AI use. Can we expect something similar around AI in IAM?

7.       Can AI improve IAM for hybrid workforces?

8.       You mentioned earlier about identity access rights that have become dormant. What role would GenAI/Agentic AI play in identity lifecycle management?

9.       Deepfake cases are growing in Asia. How should CISOs prepare for AI-enabled identity fraud?

10.   What skills will security teams need for AI-driven IAM? How about endusers?

11.   What is the future of AI in IAM for Southeast Asia and Hong Kong?

The conversations in the boardrooms of Southeast Asia and Hong Kong have fundamentally shifted. Two years ago, the discourse around Artificial Intelligence was dominated by fear: fear of disruption, fear of competitors moving faster, and crucially, fear of emerging regulation. 

Today, in late 2025, that fear has crystallised into strategy. For forward-thinking CIOs and functional leaders, AI regulation is no longer an obstacle to be circumvented; it has become a catalyst for building a durable competitive advantage—what industry leaders now call “The Governed Advantage.”

In this new paradigm, efficiency is taking a backseat to trust with consumers, partners and investors allocating their capital and loyalty to businesses that demonstrably deploy AI responsibly. 

In a region characterised by disjointed and patchy regulation, winners are those that moved from a mindset of compliance to one of operationalisation – embedding governance into the very fabric of their AI lifecycle and strategy.

CIOs are building targeted use cases—in fraud detection, hyper-personalised customer engagement, or predictive supply chain management—that have built-in governance, proving that rigour enables velocity, not the opposite.

In this PodChats for FutureCIO, Russell Fishman, Global Head of AI Solutions at NetApp, joins us to share his views on how we can achieve the operationalisation of trusted AI in 2026  

Rusell, welcome to PodChats for FutureCIO.

1.       Name the most important characteristics of a trusted AI as viewed from the POV of a CIO?

2.       What are the top 3 drivers pushing enterprises in the region to accelerate trusted AI adoption?

3.       What are businesses in the region doing right (and wrong) in their current approach to responsible AI? 

4.       Why do we continue to have a data problem?

5.       (Chinese philosophy about risks and opportunity) Why should CIOs see the evolving regulatory landscape in SEA+HK as an opportunity?

6.       Given the evolving nature of the technology and regulation, how should a CIO approach the company’s AI strategy so that it is adaptive, scalable and sustainable?

7.       How should CIOs architect their AI strategy to support innovation while staying compliant?

8.       What role does technology infrastructure, particularly data management, play in enabling this new era of governed AI?

9.       Looking ahead to 2026, what is the single most important action a CIO should take now?

In 2025, Asian CISOs navigate a hardened regulatory landscape where updated Cyber Security Acts and PDPA amendments significantly raise the stakes. With stringent new rules on cross-border data transfers, mandatory breach notifications, and AI governance, compliance is a primary battlefield. Regulators are flexing enhanced audit powers and levying multi-million-dollar fines, making unpreparedness a critical corporate risk.

The challenge lies in harmonizing these diverse, evolving mandates across jurisdictions while countering sophisticated threats like ransomware and cloud account takeovers. However, this pressure also creates strategic opportunities. 

Joining us on this PodChats for FutureCISO is Ananth Nag, APAC VP, Rubrik.

QUESTIONS:

1.       How do the latest amendments to the PDPA and equivalent ASEAN frameworks (e.g., Malaysia’s PDPA, Brunei’s PDPO) redefine consent, DPO obligations, and lawful data processing for 2026?

2.       Under the new Cyber Security Act, what designation criteria classify organisations as critical information infrastructure owners—and what heightened obligations follow?

3.       What mandatory incident reporting timelines, formats, and cross-jurisdictional protocols must be embedded into our response plans for countries like Thailand, Vietnam, and Singapore?

4.       How should CISOs evolve their incident response and breach notification strategies to align with the operational convergence of the Cyber Security Act and PDPA mandates?

5.       Which sovereign cloud providers and data residency architectures satisfy both national regulations and the ASEAN Digital Economy Framework for cross-border flows?

6.       What evidence of “reasonable security arrangements”—including DPIAs (impact assessment), encryption standards, and privacy-by-design—will regulators demand during audits across ASEAN?

7.       How are third-party and supply chain obligations expanding under these acts, and how must vendor contracts and due diligence be updated to mitigate cascading liability?

8.       In what ways are regulators leveraging AI for compliance monitoring—and how can we ethically deploy AI while meeting emerging governance mandates for automated decision-making?

9.       What penalties (fines, imprisonment, operational suspension) should compliance heads budget for, and what cyber resilience benchmarks (e.g., NIST-aligned) must we certify against to avoid them?

10.   How do we future-proof our compliance strategy amid ASEAN regulatory convergence—through board-level cyber governance metrics, strategic regulator partnerships, and anticipatory investment in ransomware/supply-chain resilience? What is your advise for Navigating the New Cyber Security Act & PDPA in 2026?

The ASEAN region’s enterprises are no longer choosing between legacy systems and cloud-native architectures; they are converging them. This is where Zero Trust Network Access (ZTNA) and Cybersecurity Mesh Architecture (CSMA) cease to be competing paradigms and become symbiotic enablers.

For ASEAN CISOs and CIOs, this duality is not theoretical—it’s operational. Regulatory mandates from Singapore’s MAS Technology Risk Management Guidelines, Bank Negara Malaysia’s Cyber Security Framework, Indonesia’s OJK Regulation No. 12/2023, and Thailand’s Personal Data Protection Act (PDPA) demand granular control over data residency and access.

With regulation, pressure to innovate securely, and new technologies like AI making their influence known, what is the path forward for CISOs and CIOs to safeguard resilience without double headcount or budget?

In this PodChats for FutureCISO, Steve Riley, Vice President and Field CTO, Netskope, shares is perspective on How ASEAN CISOs Are Rebuilding Security for a Borderless Cloud Era.

1.       How can CISOs effectively integrate Zero Trust Network Access (ZTNA) principles to secure access in multi-cloud environments without impeding business agility?

2.       In what ways might Cybersecurity Mesh Architecture (CSMA) unify their fragmented security tools across hybrid IT infrastructures?

3.       What role will AI and emerging technologies play in amplifying cloud security risks, and how can CIOs/CISOs mitigate them proactively?

4.       What has worked with regards to how organisations approach use of ZTNA and CSMA?

5.       Any recommendation for quantifying the ROI of shifting from perimeter-based firewalls to a zero-trust + mesh model—not just in cost savings, but in risk reduction?

6.       What long-term metrics should CISOs track to evaluate the success of their cloud security strategy in a rapidly changing Southeast Asian landscape?

7.       Why platforms when it comes to cybersecurity? How does it map to defense-in-depth?

8.       How will we address the increased complexity of managing a distributed security model while adhering to Zero Trust principles?

9.       What would be a realistic roadmap for evolving security posture to embrace both CSMA and Zero Trust?

In 2024, there were 440,000 detected cyber threats to critical infrastructure, and the U.S. Critical Infrastructure experienced a surge in attacks, including the Volt Typhoon and Chinese Telecom Network Infiltration. For 2025, projections indicate 30% of critical infrastructure organizations will experience a security breach, and major attacks on the sector are expected to continue, according to Gartner.

As we welcome 2026, what would a maturing artificial intelligence present to critical infrastructure, and how should CISOs strengthen their cybersecurity strategies to reflect the evolving technology, regulatory, geopolitical and business landscape in the coming years.

Joining us on PodChats for FutureCISO is Lim Hsin Yin, vice president of sales for ASEAN at Cohesity for her views on the topic of Resilience in Action: Critical Infrastructure Defence.

1.       What is Cohesity?

2.       How robust are enterprises’ data resilience strategies in Asia—including immutable backups, air-gapped copies, and recovery drills—in ensuring operational continuity after ransomware or destructive cyber-attacks? What KPIs are being used to measure its effectiveness?

3.       To what extent have enterprises in ASEAN integrated IT and OT security teams, tools, and processes to achieve unified threat visibility and coordinated response across our entire critical infrastructure estates, especially considering legacy systems prevalent in the region?

4.       How are CISOs continuously re-evaluating and managing third-party and supply chain risks—especially for vendors linked to OT environments—to prevent breaches similar to regional supply chain attacks like MOVEit or airport data centre infiltrations?

5.       What zero-trust and segmentation measures have CISOs prioritised to protect industrial control systems (ICS) and OT environments against increasingly sophisticated hacktivist and state-backed threat actors targeting ASEAN and Hong Kong critical infrastructure?

6.       How are enterprises leveraging real-time, cross-border threat intelligence sharing within ASEAN to detect and disrupt pre-positioning and advanced persistent threats (APTs), as exemplified by campaigns like Volt Typhoon?

Coming into 2026, what are you expecting as far as critical infrastructure defense, and what should operators of critical infrastructure be taking in terms of their defense structure?
 

In 2025 identity has become the new (security) perimeter, making identity security attacks a primary threat vector for organisations throughout the region. Threat actors are targeting user credentials and privileged access pathways, moving beyond traditional network-based assaults to exploit identities as the weakest link. 

This is forcing CISOs to re-evaluate their defence-in-depth strategies, with a pronounced focus on securing privileged access management (PAM) as a critical control point. As organisations adopt zero trust architectures, we are seeing just-in-time and just-enough-access privileges 

As organisations mature in their understanding and use of AI, FutureCISO becoming standard practice. But what about the use of AI in identity management?

In this PodChats for FutureCISO, we are joined by Nigel Tan, Delinea’s director of sales engineering in APAC, shares his views on how is AI altering identity and access management strategies?

1.       Before we start, give us the 30-second elevator pitch of who Delinea is.

2.       How is AI Redefining Identity and Access Management?

3.       Please identify emerging AI-driven IAM use cases in Southeast Asia and Hong Kong? 

4.       How do you see Agentic AI potentially changing Privileged Access Management (PAM)?

5.       We may have covered this in the earlier questions, what are the cybersecurity risks of AI-Enhanced IAM? Please cite 2025 incidents on the same topic.

6.       Efforts are underway to come up with regional regulations around AI use. Can we expect something similar around AI in IAM?

7.       Can AI improve IAM for hybrid workforces?

8.       You mentioned earlier about identity access rights that have become dormant. What role would GenAI/Agentic AI play in identity lifecycle management?

9.       Deepfake cases are growing in Asia. How should CISOs prepare for AI-enabled identity fraud?

10.   What skills will security teams need for AI-driven IAM? How about endusers?

11.   What is the future of AI in IAM for Southeast Asia and Hong Kong?

For Chief Operating Officers, CFOs, and heads of warehousing, logistics, and retail across Asia, 2026 will be defined by one overarching theme: strategic resilience through intelligent automation. The region's blistering e-commerce growth, coupled with persistent geopolitical and supply chain volatilities (as highlighted by analysts like BCG regarding the fragmentation of global trade), is forcing a fundamental rethink of operational models.

By 2026, we will see the full maturation of trends nascent in 2024. AI and machine learning will transition from pilot projects to the core operational nervous system of high-performance warehouses. Their primary role will be predictive: forecasting demand spikes with greater accuracy, pre-empting maintenance on automated guided vehicles (AGVs) and robotics to prevent downtime, and dynamically optimising inventory placement to slash picking times and maximise cube utilisation.

In this PodChats for FutureIoT, we are joined by Ms Vivien Tay, APAC Vertical Lead for Warehousing, Transport & Logistics, Zebra Technologies.

1.       At the operational level, briefly describe the business environment today from the perspective of the supply chain. 

2.       Given the fragmentation of global trade routes, how are organisations in Asia leveraging AI and data analytics to build more regionalised and resilient supply chains to mitigate geopolitical risks?

3.       How are enterprises integrating predictive analytics into daily operations to move from reactive problem-solving to pre-empting issues in inventory management, maintenance, and order fulfilment?

4.       Given that most organisations have existing warehouse management systems (WMS), name one proven approach for integrating new AI-powered software with existing legacy systems without causing disruptive downtime.

5.       Beyond labour displacement, can you share a proven approaches/framework for measuring the full ROI of automation investments, including improved accuracy, enhanced safety, reduced shrinkage, and increased employee retention?

6.       Many technologies fail as they move from pilot to scale, how can organisations ensure that the automation technologies they implement today are scalable and flexible enough to adapt to unpredictable demand cycles and future business growth?

7.       With increasing focus on ESG, how are organisations using automation to measure and reduce their carbon footprint through optimised energy use, waste reduction, and smarter inventory planning?

8.       As operations become more reliant on connected IoT devices and AI, what enhanced cybersecurity measures can be implemented to protect against operational shutdowns and data breaches?

9.       How is investment in real-time visibility technology directly translating into a superior and more transparent customer experience for e-commerce and retail partners?

10.   Our topic is strategic resilience through intelligent automation what is your advise for warehousing and supply chain leaders in 2026?

In 2025, AI and automation are reshaping Asia’s cybersecurity landscape, empowering both defenders and adversaries. CISOs face intelligent, self-evolving threats—from AI-generated deepfakes to autonomous malware—exploiting the region’s rapid digitalisation and IT/OT convergence. 

While AI-driven SOAR and predictive analytics enhance response, over-reliance risks blind spots, especially with regionally biased data. Regulatory shifts in Japan, Singapore, India and beyond demand accountability in AI use, placing CISOs at the nexus of compliance and innovation. 

The rise of cross-border, AI-powered attacks underscores the need for resilient, adaptive security strategies. CISOs must balance automation with human oversight, secure generative AI platforms, and strengthen supply chain defences. 

Success hinges on anticipating threats, ensuring ethical AI deployment, and upskilling teams to operate effectively in an era of intelligent cyber conflict. The challenge is not just technical—but strategic, regional, and human.

In this PodChats for FutureCISO, Kylie Watson, head of security at DXC Technology, shares her views on AI, automation and the next generation of threats.

1.       Our topic is AI, automation and the next generation of threats. Please describe for us the relationship between all three as viewed from the perspective of a security professional.

2.       How can CISOs ensure the integrity and security of third-party AI models integrated into their core business systems?

3.       In your view, are incident response playbooks used by enterprises in Asia resilient enough to handle AI-powered, self-evolving malware?

4.       What safeguards are in place to detect and prevent deepfake-driven social engineering attacks targeting regional executives?

5.       How can enterprises maintain compliance with emerging AI governance regulations across multiple Asian jurisdictions?

6.       To what extent are organisations auditing training data for bias, leakage, or adversarial manipulation in our automated systems?

7.       Can current detection tools distinguish between legitimate automation and malicious AI-driven lateral movement?

8.       How are enterprises preparing for supply chain attacks that exploit vulnerabilities in open-source AI frameworks?

9.       Are security teams equipped with the skills to monitor, interpret, and challenge AI-driven security decisions?

10.   How can enterprises build adaptive, intelligence-led defences that evolve in tandem with next-generation threats? What is the role of the CISO here?

11.   Coming into 2026, how should CISOs and the security team prepare for the further deepening of the integration of AI into the organisational workflow?

While traditional automation and GenAI are making inroads in 2025, Southeast Asian CFOs face persistent efficiency challenges demanding more sophisticated solutions. 

Agentic AI emerges as a promising, albeit complex, answer by enabling autonomous execution of intricate finance workflows.

Its potential lies not just in incremental efficiency gains, but in fundamentally reshaping the finance function's operating model towards greater speed, accuracy, and strategic focus. Success hinges on overcoming significant data, governance, and talent challenges.

In this PodChats for FutureCFO, Nikhil Parambath, Regional Vice President, Asia, BlackLine, offers his thoughts and some suggestions for senior finance leaders looking to step out of the shadows of AI and into the real-world possibilities of Agentic AI as applied within the finance function.

Nikhil, welcome to PodChats for FutureCFO

1.       Which specific finance processes (e.g., closing, reconciliation, reporting, compliance) still represent the biggest bottlenecks to efficiency and strategic agility within the finance function in Asia in 2025?

2.       Where have traditional automation tools (like RPA) fallen short in delivering the transformative efficiency gains finance needs, particularly in our complex, diverse SEA operating environments?

3.       From your observation, how would you assess finance leaders in Southeast Asia in terms of their understanding of AI, Generative AI and Agentic AI (framed in the context of 2025)?

4.       For SEA finance leaders prioritising efficiency in 2026, what are the 1-2 most compelling, near-term practical applications of Agentic AI within core finance operations (e.g., dynamic forecasting, intelligent reconciliation, autonomous fraud detection)?

5.       What foundational data governance and integration challenges must SEA finance functions urgently address now to be ready to leverage this technology effectively in 2026?

6.       As AI agents potentially execute multi-step processes autonomously, how should finance leaders rethink internal controls, audit trails, and human oversight mechanisms to ensure accuracy, compliance, and ethical operation?

7.       How can Agentic AI agents be practically integrated with existing ERP systems, legacy platforms, and other best-of-breed finance applications common across SEA businesses without creating untenable complexity or risks?

8.       If Agentic AI takes over complex operational execution, how must the skillset and role of the finance professional evolve in 2026? What does "strategic business partnering" look like in this context, and how do we upskill our SEA teams?

9.       Traditional cost savings aside, what new metrics should CFOs use to evaluate the true efficiency and strategic value delivered by Agentic AI implementations within the finance function in 2026 (e.g., speed to insight, reduction in manual intervention points, improved forecast accuracy)?

10.   Finally, any recommendations for how should SEA finance leaders strike the optimal balance for 2026 and beyond?

2025 has seen deepfake technology become alarmingly accessible and sophisticated, fuelling a surge in high-impact incidents that erode confidence in institutions, media, and digital interactions. 

The proliferation of AI-powered deepfakes represents an existential threat to digital trust across Southeast Asia and Hong Kong. 

Singapore's leadership in countermeasures, including watermarking and advanced authentication, is crucial, yet recent CSA survey data reveals a stark reality: 75% of Singaporeans cannot reliably identify deepfakes, despite 78% believing they can. This confidence gap underscores the urgent need for robust digital identity verification and advanced IAM strategies.

In this PodChats for FutureCISO, Jasie Fon, regional vice president for Asia at Ping Identity, covers some of the key issues, challenges and opportunities CISOs will find important in 2026.

1.       How severe is deepfake as a threat to businesses, governments and individuals in Asia in 2025?

a.       Should AI take credit for the rise of deepfakes in the region?

2.       How has AI impacted the cybersecurity function at organisations?

3.       In your view, is the (identity and access management) IAM roadmap of most organisations in Asia sufficiently aggressive in deploying phishing-resistant (FIDO2/Passkeys) and continuous authentication to mitigate deepfake-enabled account takeover? (DCI?)_

4.       In your view, do current incident response plan explicitly include procedures for dealing with deepfake-based fraud, extortion, or reputational attacks?

5.       With 2026 coming, does the rise in deepfake threat require CISOs to revise their cybersecurity strategy?

a.       Will this necessitate revising the cybersecurity budget priority and allocation?

6.       How will emerging regulations across ASEAN and Hong Kong specifically mandate deepfake detection and mitigation for customer interactions and internal communications?

7.       How can CISOs, CIOs and CFO effectively measure the ROI and efficacy of their deepfake detection investments across communication channels?

8.       What is your expectation around cybersecurity in 2026? Any recommendations for CISOs and CIOs in the coming year?

Across APJ boardrooms, the initial excitement around generative AI has hardened into a pressing demand: “Show me the real impact.”

Experiments are done, budgets are spent. Now, the C-suite wants tangible results from their AI investments. 

The answer emerging isn't just smarter automation; it's a leap towards autonomy. 

Welcome to the era of Agentic AI. 

To be clear, these aren’t your standard run of the mill tools; they are intelligent, independent agents capable of perceiving complex situations, reasoning through options, and taking decisive action – often without human intervention (but with the option for humans to intervene just in case). 

Agentic AI free your staff from repetitive tasks, can adapt dynamically, and orchestrate decisions at unprecedented speed and scale. 

For the fast-moving, diverse, and efficiency-critical markets of APJ, Agentic AI has shifted from a 'nice-to-have' novelty to a competitive imperative. 

This is the move From Automation to Autonomy, fundamentally redefining how enterprises make decisions."

In this PodChats for FutureCIO, we are joined by Grant Case, chief data officer at Dataiku, for his take on how organisations can use agentic AI to redefine how they make business decisions.

1. What exactly is Agentic AI, and why should APJ enterprises be prioritizing it right now, beyond the initial generative AI hype?"

2. What specific market pressures and business opportunities in APJ are making the adoption of Agentic AI so critical at this moment?"

3. CXOs need clear business value. Beyond efficiency gains, how does Agentic AI unlock innovation and ensure alignment with measurable ROI for executives?

4. Can you share concrete examples of APJ enterprises leveraging Agentic AI today? What specific competitive advantages are they realizing?

5. Diving into the tech: How does Dataiku's Universal AI Platform specifically enable the development and orchestration of these autonomous agents?

6. Autonomy raises concerns. How does Dataiku ensure essential governance, maintain human control, and enable seamless integration of Agentic AI within complex existing enterprise environments?

7. For a CIO looking to embrace this, what does a practical roadmap look like – from establishing the vision to achieving enterprise-wide scale with Agentic AI?

8. What's your advice on starting points? How can organizations begin small with Agentic AI, prove concrete ROI quickly, and then expand capabilities safely and effectively?

9. You talked about the 'Do It For Me' economy. How will Agentic AI evolve over the next 2-3 years to fulfill this expectation within APJ enterprises?

10. What is your advice for C-suites in 2026?

Data centre COOs in Southeast Asia face a dual challenge in 2026: managing rapid AI-driven growth while ensuring sustainability and regulatory compliance. 

Key challenges include strained local grids unable to meet intense power demands from densified AI workloads, increasing public opposition due to environmental concerns, and complex, uneven regional regulations. 

COOs must navigate costly infrastructure upgrades, such as adopting medium-voltage power distribution and integrating innovative power architectures like solid-state transformers to improve efficiency and reduce losses.

The good news is, COOs who balance technological innovation with stakeholder collaboration will transform their operations, achieve aligned sustainability objectives while supporting the digital economy’s growth in an increasingly regulated environment.

In this PodChats for FutureCOO, Daniel Pointon, group CTO for STT GDC, shares his perspective on How to Achieve Data Centre Sustainability and Regulatory Alignment in 2026 from the perspective of the COO.

1.       Perhaps to start off, give us a short brief of the business of STT GDC.

2.       In 2025, give us a brief around the state of DC operations in Southeast Asia? (13 Gigawatts)

3.       How will AI workload growth influence energy consumption and infrastructure needs?

4.       How are data centre operations taking national sustainability initiatives? 

5.       How do you see Asia regional regulations on carbon emissions impacting data centre operations?

6.       What new technologies can improve both sustainability and compliance affordably?

7.       For 2026, any advice for how COOs can integrate sustainability goals with business growth targets effectively?

8.       Identify 3 best practices for engaging stakeholders to secure public and regulatory support?

In 2026, Southeast Asia and Hong Kong stand at a pivotal moment in the integration of agentic AI, a technology that empowers machines to make autonomous decisions. 

While organisations can harness agentic AI to streamline operations and enhance customer experiences, they also face significant challenges, including ethical concerns and workforce displacement. 

Leaders are racing ahead to adopt these innovations, seeking competitive advantages that promise to reshape industries. As they navigate this tipping point, the balance between opportunity and risk becomes crucial, defining the future landscape of work in the region.

In this PodChats for FutureCIO, Adhil Badat, managing director for Asia Pacific and Japan at Rackspace Technology, shares his perspective on how organisations are pushing forward agentic AI adoption in the quest to accelerate transformation and innovation.

1.       How different is agentic AI from traditional AI?

2.       What is the connection between robotic process automation (RPA) to agentic AI? 

3.       What preparations are necessary for adopting agentic AI?  

4.       What competitive advantages do AI leaders currently enjoy? 

5.       Referring to the Rackspace report, The AI Acceleration Gap: Why Some Enterprises Are Surging Ahead, How will the 250% surge in AI investments affect scalability? 

6.       In 2025, CFOs we spoke to are demanding greater transparency and accountability when it comes to technology investments. What strategies are AI leaders using to maximise RoAI (return on AI investments)? 

7.       Speaking of use cases, in your experience, what are the most impactful real-world applications of agentic AI? 

8.       We’ve heard of AI hallucinations. How about with agentic AI. Is agentic AI also susceptible to hallucinations. And while are on the topic, how can organisations address ethical concerns surrounding agentic AI? 

9.       Generative AI gave rise to a new skills requirement: prompt engineering. What about for agentic AI? What skills will the workforce need when they use agentic AI? 

10.   I mentioned earlier CFOs demanding proof their investments are delivering the promised ROI. How should leaders measure the success of agentic AI initiatives? 

11.   It can be argued that in Asia, Singapore led the way with regards to provide guardrails and frameworks with AI use. Specific to agentic AI use, what regulatory considerations must organisations keep in mind, and how to do so for those that operate in multiple markets?

a.       What about Australia (in terms of regulations)?

12.   Last question, what will Agentic AI evolve into in 2026? How should CIOs plan their AI strategy to tap this next evolution of Agentic AI? 

13.   In my experience, when it comes to technology, the most successful organisations rarely go it alone. For those seeking to maximise the return on their Agentic AI investments, who do they partner with internally and externally?

This 2026, agentic transformation is set to revolutionize Asia's boardrooms, shifting the focus from traditional digital automation to autonomous AI agents capable of decision-making and task execution with minimal human input. 

This transition promises unparalleled agility and efficiency, empowering organizations to enhance productivity while alleviating mundane tasks. 

But not everything is a walk in the park. Given Asia's fragmented digital ecosystems, the rise of agentic AI underscores the urgent need for robust data management, integrated connectivity, and strong governance frameworks to maximize AI's potential – safely. 

Visionary leaders view this transformation not merely as a tech upgrade but as a strategic overhaul, necessitating new leadership styles, accountability, and trust-building. 

Successfully embracing this shift will enable Asian enterprises to compete on a global scale, accelerating innovation, optimizing workflows, and augmenting human creativity with AI-driven “digital employees,” – all while ensuring compliance, transparency, and security in an increasingly complex environment.

In this PodChats for FutureCIO, David Irecki, CTO for APJ at Boomi, discusses how agentic transformation will reshape not just the boardroom but the rest of leadership.

1.       What distinguishes agentic transformation from traditional digital automation and why does it matter?

2.       In this agentic transformation paradigm, what is the role of agentic AI and to what extent is it critical to achieving agentic transformation? Why can’t this be done in the traditional approach of digital transformation?

3.       What comprises agentic transformation?

4.       Who should lead an agentic transformation initiative? What experiences, qualifications and expertise must this person have?

5.       What new leadership roles and cultural shifts are necessary to drive agentic transformation?

6.       What practical metrics should be used to guide an agentic transformation initiative?

7.       Coming into 2026, what is your advise for the board, the C-suite and functional leaders as they try to create, nurture an agentic strategy that transforms the enterprise from top to bottom?