In 2024, FutureCISO dialogues with C-suite leaders including CISOs and cybersecurity practices highlight key trends in the region including AI-driven threats, increased board-level engagement, and a focus on compliance and data privacy.

In 2025, Southeast Asia's cybersecurity landscape demands that CISOs and CIOs consider integrating cybersecurity with business objectives.

CISOs must frame cybersecurity as a business enabler, demonstrating ROI through narratives that emphasize resilience, regulatory alignment, and sustained growth in Asia’s hyperconnected economy. In other words, CISOs must articulate their cybersecurity strategies in business terms, ensuring that security is a core element of growth and risk management.

In this PodChats for FutureCISO, we are pleased to have as our guest expert, James McLeary, Group CIO and CISO, Bumrungrad International Hospital in Thailand.

1. Define for us what is a cybersecurity posture.

2. What are the long-term business benefits of maintaining a robust cybersecurity posture, and how can these be articulated to stakeholders? Who are the stakeholders who should be keen/interested on cybersecurity posture?

3. What role does compliance with regulations play in justifying cybersecurity spending, and how can/should CISOs present this to the board?

4. Speaking of justification, how can CISOs/CIOs quantify the return on investment (ROI) of their cybersecurity initiatives to demonstrate their value to stakeholders?

5. Is it possible to align cybersecurity investments to support the broader business objectives of the organization?

6. Cite 3 (max) examples of how prevention offers tangible ROI of cybersecurity investments.

7. Cite an example of a successful cyber risk narrative that CISOs can use to illustrate the business value of cybersecurity investments.

8. IT and OT processes are increasing in complexity, do you anticipate cybersecurity solutions and processes?