IT Brief Asia - Technology news for CIOs & IT decision-makers
Asia
Guides
#
artificial intelligence
#
digital transformation
#
disaster recovery
#
hybrid & remote work
#
internet of things
Search
Story image
#
SIEM
#
Cloud Security
#
Application Security

Mid-market APAC firms boost cybersecurity but lag in AI use

Today
Author image
By Catherine Knowles, Journalist

Palo Alto Networks has released its first cybersecurity benchmark study for mid-market organisations in the Asia-Pacific and Japan region, highlighting increased investments but ongoing challenges in AI adoption and resilience.

The "2025 Cybersecurity Resilience in Mid-Market Organisations" report surveyed more than 2,800 organisations across 12 countries and various industries. The findings show that while cybersecurity budgets are rising and strategy maturity is improving, mid-market companies continue to face gaps in their use of artificial intelligence (AI), implementation of cybersecurity frameworks, and incident response capabilities.

The study found that 57% of organisations in the region plan to increase their cybersecurity spending over the next 12 months. Currently, cybersecurity accounts for 13.6% of total IT budgets, a notable rise from 6% in 2019. Investment priorities in the coming two years include areas such as cloud security, identity and access management (IAM), and security information and event management (SIEM).

AI adoption was identified as a key area where mid-market companies lag behind. While awareness of AI's importance is growing, the study indicated AI-related capabilities as among the lowest performing areas in current cybersecurity programmes. Many organisations are still in the early phases of integrating AI into their security workflows, which affects their ability to respond to increasingly sophisticated threats.

Michelle Saw, Vice President, Ecosystems, Asia-Pacific and Japan at Palo Alto Networks, commented on the findings. "Cybersecurity is no longer just an IT issue, it's a business priority. As threats grow more sophisticated and AI reshapes the threat landscape, our benchmark study reveals that many mid-market organisations are still catching up. This study helps mid-market organisations see where they stand and take the steps needed to achieve stronger security outcomes. It also highlights the growing importance of partners - who must now evolve their offerings to focus more deeply on education, integration, AI adoption, and advanced technical expertise to better support customer needs."

The report underscored the increasingly critical role of external partners in supporting cybersecurity operations. Currently, 53% of companies rely on partners for their cybersecurity needs, a figure projected to rise to 79% within two years. The research suggests that this shift reflects a need for greater external expertise, particularly as cyber threats become more advanced and the required technologies grow more complex.

Adoption of cyber frameworks, and specifically the NIST 2.0 standard, remains inconsistent. The study noted that the NIST 2.0 received the lowest adoption score among five benchmark categories, despite its relevance in establishing comprehensive security practices. Sectors such as financial services, telecommunications, and utilities were identified as frontrunners in framework implementation and understanding, while others continue to seek clearer guidance and support.

Regional performance varied, with India reporting the highest average score of 20.3 out of 25. This was followed by Indonesia at 20.65 and the Philippines at 20.21. Japan registered the lowest score of 16.67, indicating a need for increased investment and alignment in its cybersecurity approach. China, Vietnam and Malaysia were noted as demonstrating strong momentum in both investment and framework adoption.

Assessing overall maturity across five key areas – strategy execution, business integration, operational capabilities, solution maturity, and NIST 2.0 framework adoption – the region averaged a score of 19.01 out of 25. According to the report, this indicates moderate progress, but highlights ongoing opportunities to improve AI readiness, ransomware resilience, and robust framework alignment.

Tim Dillon, Founder, Director, Principal Analyst End User at Tech Research Asia, which collaborated with Palo Alto Networks on the report, commented: "The research indicates that mid-market organisations in the region have made notable advancements in strengthening their cybersecurity posture. However, there remains substantial opportunity for partners to support continued progress, particularly in the areas of workforce education and training, identity and access management, and application and data security."

Palo Alto Networks commissioned the study, which was conducted by Tech Research Asia and completed in April 2025.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Innovation forges a secure & sustainable technology future
Outpost24 expands platform for data & social threat defense
KPMG launches AI Trust suite to aid risk & compliance efforts
Astrikos.Ai appoints four senior leaders to drive global growth
Iktos makes Makya drug design AI accessible on AWS Marketplace
Top stories
DXC launches solution with SAP & Microsoft to boost AI use
SAS takes measured path with AI to deliver real-world gains
Panaseer launches tool to automate enterprise compliance tasks
AI adoption grows in Singapore retail as trust concerns persist
Hitachi Vantara details gains in energy efficiency & carbon cuts