It’s clear that cloud services are no longer a novelty in Asia Pacific (Apac), but rather a core part of organisational strategies to drive significant transformation.
A recent IDC study found that almost 90% of businesses in the region now have meaningful workload deployments on multiple public clouds. The ability to leverage scalable, flexible, and on-demand resources is no longer just an advantage – it’s a key point of difference for companies that need to deliver products to users faster, scale into international markets, and even create new business models that did not previously exist.
From AI-powered applications to the rise of edge computing, cloud services are the foundation for businesses to unlock new possibilities and drive unprecedented levels of efficiency. But how does that foundation hold up to stress? Given technology’s profound impact on the region’s digital future, the evolution of cloud services, which continue to be deeply integrated into our daily lives and critical infrastructure, demands close scrutiny.
With increased adoption, comes greater security threats
The rapid evolution of artificial intelligence (AI), exemplified by innovations such as agentic AI and the emergence of new players like China’s DeepSeek, is driving greater AI pervasiveness and making waves across industries.
From interacting with chatbots to generating personalised reports, day-to-day tasks have become that much easier to navigate. Additionally, as more companies move their workloads to the cloud, many turn to edge computing to enhance data processing and analysis by distributing IT infrastructure.
See also: The next milestone for AI: Building a global trustworthy AI ecosystem
This convergence of trends, however, introduces significant complexity. With advanced AI models running in the cloud and data being processed closer to the edge, the attack surface for cyber threats has expanded dramatically.
According to SUSE’s Securing the Cloud 2024 report, Apac IT decision-makers reported an average of 2.6 cloud-related security incidents in the past year, with 64% of teams having confirmed a cloud security incident over the last 12 months. Such threats – ranging from AI-powered cyberattacks to edge security breaches – aim to disrupt, overwhelm and exploit vulnerabilities in cloud environments. Given this reality, organisations in the region will need to adopt comprehensive strategies that can strengthen their cloud security posture and ensure the long-term sustainability of their cloud ecosystems.
Investing in collaborative solutions powered by open source
See also: Escaping the tech debt trap
Security can be greatly reinforced by collaborative measures. Where security is concerned, open source has the benefit of an engaged, proactive community that can work together to address vulnerabilities efficiently.
Open source principles such as collaborative improvements, knowledge-pooling, and transparency can significantly enhance an organisation’s approach to security. These allow companies to stay ahead of emerging threats by collaborating on pre-emptive measures and benefiting from peer-reviewed solutions.
Collaboration encourages innovation. From retail and hospitality to automotive and manufacturing, open source has helped companies across industries drive innovation and fortify security in equal measure.
NTT Data Singapore is one such example. The company delivers innovative IT and business solutions to public and private organisations to support them on their modernisation journeys. Given that their clients include providers of critical national services, security is paramount. Adopting integrated open source solutions like containerisation has allowed them to monitor and manage security throughout the development lifecycle. Ultimately, this helps accelerate innovation and the operational efficiency of mission-critical infrastructure.
Utilising effective cloud-native and AI-powered security tools
To achieve proactive, scalable, and efficient security, companies will have to leverage the necessary tools that fit their unique requirements. No two organisations are identical so each company’s cloud security strategy must be tailored and aligned with their infrastructure, workloads, as well as regulatory demands.
For instance, National Payments Corporation of India (NPCI) uses a unified cloud-native platform that’s 100% open source to modernise their retail payment system infrastructure. By implementing a container orchestration platform tailored to their needs, the company has been able to centralise the management of their cloud environment.
To stay ahead of the latest tech trends, click here for DigitalEdge Section
In doing so, NPCI has been able to support payment volumes at scale with over 18 billion transactions a month. This has helped to further enhance their security safeguards, allowing them to efficiently isolate applications, monitor developer permissions and control access to sensitive data. Implementing such robust and regulated security measures within their containerised environment ultimately protects them from any potential data loss.
Prioritising digital resilience to mitigate security risks
As companies deepen their investments in their digital infrastructure, resilience and interoperability must become key considerations. If one part of an infrastructure fails, it is critical for a company to have preemptive measures in place, ensuring that they have the necessary "digital backup power". Consider this: smartphones have various chat, messaging, banking, and browser apps. Why? If one goes down, it’s possible to quickly switch to another without downtime. This is how digital resiliency is built into mobile devices. Companies need to be more proactive in doing the same for their digital infrastructure.
Digital resilience necessitates rigorous evaluation and verification processes, especially concerning the security integrity of third-party vendor software. SUSE’s report underscores this, revealing that Apac IT decision-makers prioritise leveraging vendor-backed software (44%) and certifying software build processes (39%) to mitigate supply chain risks.
While vendor assurances are crucial, in-house auditing is indispensable for uncovering hidden vulnerabilities, malicious code, or backdoors that may have eluded vendor scrutiny. Taking a zero-trust approach to verification and access, coupled with robust data encryption and continuous monitoring, allows for real-time detection of anomalies and potential breaches.
Every cloud has its silver lining
AI and edge computing will continue to evolve in unprecedented ways, and inevitably, so will the threats that arise from such transformation. Recent developments such as DeepSeek exemplify how entire market models might shift as a result of new entrants and product developments.
The speed of such developments only serves to further emphasise that we should not lose sight of key security concerns as market dynamics continue to evolve. By embedding key principles into security strategies, organisations will be able to not only enhance their defences but also foster a culture of innovation, openness and continuous improvement, which will be particularly critical in navigating an increasingly unpredictable threat landscape in the dynamic economies that make up Asia Pacific.
Gayathri Peria is the general manager for Southeast Asia at SUSE
