Asia's CISOs and CIOs face a uniquely complex cyber landscape in 2025. The convergence of AI-driven attacks and deepfakes intensifies disinformation and social engineering threats, demanding adaptive strategies. Simultaneously, securing sprawling IoT ecosystems against supply chain vulnerabilities call for more adaptive, scalable and resilient solutions.

Regional disparities in 5G and cloud adoption create systemic resilience gaps, necessitating stronger public-private partnerships. Ethical deployment of autonomous response systems and safeguarding AI algorithms against poisoning are critical.

CISOs must also navigate stringent data localisation laws amidst a cyber skills shortage, balancing AI orchestration with upskilling. Quantifying the ROI of resilience investments in emerging technologies remains a key priority for justifying essential budgets.

Joining me on PodChats for FutureCISO is Sunny Tan, Head of Security Business for AMEA, BT Business

1. How has the convergence of AI-driven attacks and deepfake technologies reshaped the threat landscape, and what adaptive strategies must CISOs prioritise to counter disinformation and social engineering?

2. In what ways can blockchain architectures mitigate supply chain vulnerabilities, particularly in securing IoT ecosystems across Asia’s manufacturing and logistics sectors?

3. How do regional disparities in digital infrastructure—such as uneven 5G rollout or cloud adoption—create systemic risks, and what role should public-private partnerships play in bridging resilience gaps? (mention The Cyber Agile Organisation")

4. With AI-powered autonomous response systems gaining traction, how can CISOs ensure ethical deployment to prevent unintended escalation during cyber incidents?

5. What safeguards are necessary to secure AI training data and algorithms against poisoning attacks, particularly as organisations rely on machine learning for predictive analytics?

6. How can CISOs reconcile stringent data localisation laws in markets like China and India with the operational demands of multinational businesses seeking regional cloud solutions?

7. Amid a shortage of skilled cyber professionals, should organisations prioritise AI-driven security orchestration or invest in upskilling programmes to build human-machine synergies?

8. What metrics should CISOs adopt to quantify the ROI of cyber resilience investments, particularly when justifying budgets for emerging technologies like deception platforms or homomorphic encryption?

9. Final Advise for CISOs given the prevailing uncertainties in 2025?