We’re entering a new cycle of PC device growth, driven by the end-of-life of Windows 10 and natural enterprise upgrade cycles, brought into alignment by the COVID-era device boom. In Asia Pacific, PC shipments are expected to grow by 4-8% in 2025. The wide range reflects uncertainty linked to the US tariff regime, which could impact device pricing and availability in the region as manufacturers adjust to shifting demand globally.
To AI or Not to AI?
“AI PCs” (or Copilot PCs) are set to become a growing segment, but real AI benefits from these devices are still some way off. Microsoft’s announcement to embed Agentic AI capabilities into the OS marks the first step toward moving AI processing from the cloud to the desktop. However, for most organisations, these capabilities remain 12-24 months away.
This creates a strategic question: should organisations invest now in NPU-enabled devices that may not deliver immediate returns? Given typical refresh cycles of 3-5 years, it’s worth considering whether local AI processing could become relevant during that time. The safer bet is to invest in Copilot or AI PCs now, as the AI market is evolving rapidly; and the chances of NPUs becoming useful sooner rather than later are high.
Is the Desktop Being Left Behind?
PC market growth is concentrated in the laptop segment, drawing most manufacturers and chip providers to focus their innovation there. AI and Copilot PCs have yet to meaningfully enter the desktop space, where manufacturers remain largely focused on gaming.
This creates a gap for enterprises and SMEs. AI capabilities available on laptops may not be mirrored on desktops. Recent conversations with infrastructure and End-User Computing (EUC) managers suggest a shift in Asia Pacific toward laptops or cloud/ virtual desktop infrastructure (VDI) devices, including thin clients and desktops. If this trend continues, organisations will need to re-evaluate employee experience and ensure applications are designed to match the capabilities of each device type and user persona.
Fundamental EUC Drivers are Changing
As EUC and infrastructure teams revisit their strategies, several foundational drivers are undergoing significant change:
- Remote work is no longer a default. Once considered the norm for information workers, remote work is now being reconsidered. With some organisations mandating full-time office returns, device strategies must adapt to a more hybrid and unpredictable working model.
- Employee Experience is losing budget priority. During the pandemic, keeping employees productive and engaged was critical. But with rising cost pressures, growing automation through GenAI and Agentic AI, and changing labour dynamics, EX is no longer a top enterprise priority and budgets reflect that shift.
- Cloud-based EUC solutions are now enterprise-ready. Since 2022, cloud adoption in EUC has accelerated. Solutions like Microsoft 365, Google Workspace, AWS WorkSpaces, and VMware Horizon Cloud now offer mature capabilities. Unified Endpoint Management (UEM) is increasingly cloud-managed, enabling more scalable and agile IT operations.
- Zero-trust is moving security closer to the user. EUC security is evolving from perimeter-based models to identity-centric, continuous verification approaches. Investments in EDR, AI-driven threat analytics, MFA, biometric authentication, and proactive threat hunting are now standard, driven by the shift to zero trust.
- Device diversity is increasing. Standardised device fleets are giving way to more diverse options – touchscreen laptops, foldables, and a broader mix of PC brands. Enterprise offerings are expanding beyond traditional tiers to meet varied needs across user personas.
- Metrics are shifting from technical to outcome-based. Traditional KPIs like uptime and cost are giving way to metrics tied to business value – employee productivity, experience, collaboration, cyber resilience, and adaptability. EUC success is now measured in terms of outcomes, not just infrastructure performance.
Build a Modern and Future-Ready EUC Strategy
Organisations must reassess their plans to align with changing business needs, user expectations, and operational realities. Modern EUC strategies must account for a broad set of considerations.
Key factors to consider:
Strategic Business Alignment
- Business Outcomes. EUC strategies must align with core business goals such as boosting productivity, enhancing employee experience, improving customer outcomes, and driving competitive advantage. Consider how device choices enable new work models, such as remote/hybrid setups, gig workforce enablement, and cross-border collaboration.
- Digital Transformation Fit. Ensure EUC refresh cycles are integrated with broader digital transformation efforts – cloud migration, AI adoption, automation, and innovation. Devices should be future-ready, capable of supporting the AI and automation needs of 2026 and beyond. While some workloads may shift to the cloud, others like GenAI-powered video and image creation, may demand stronger local processing across the broader workforce, not just specialist teams.
Technology Considerations
- Device Selection. Move beyond the old “one device per persona” approach. Build a flexible device ecosystem that supports a range of employee types, from frontline workers to power users, while allowing for broader device choices based on real usage patterns. Evaluate form factors like desktops, laptops, tablets, smartphones, and thin/zero clients. With the rise of Desktop-as-a-Service (DaaS), thin clients are becoming more viable, offering cost savings and better security without compromising user experience.
- Flexibility of Choice. High-end features – lightweight design, long battery life, sleek aesthetics – are no longer limited to exec devices. I am currently writing this on a loan device – a Lenovo ThinkPad X1 Carbon Gen 13 Aura Edition – a freakishly light, powerful and slim device with LONG battery life – a device typically targeted towards the top tier of business leaders. But today, many of the features of this device run through the entire Lenovo laptop ecosystem – the “Aura” tag appears in many of the device SKUs and ranges. Hopefully the days of senior management getting the great looking devices and everyone else getting ugly bricks are behind us!
- Operating Systems and Compatibility. Ensure compatibility with current and planned business applications, cloud services, and collaboration tools. Consider ease of management and integration into existing IT ecosystems (such as Windows, macOS, Android, Chrome OS, Linux environments).
- Cloud Integration. Evaluate cloud-readiness and seamless integration capabilities with popular productivity suites (Microsoft 365, Google Workspace), hybrid cloud, and SaaS applications. Leverage VDI, DaaS or application virtualisation solutions to reduce hardware dependency and streamline maintenance.
User Experience
- Employee Productivity and Engagement. Even as EX slips down the priority list – and the budget – EUC leaders must still champion intuitive, user-friendly devices to boost productivity and reduce training and support demands. Seamless collaboration is critical across physical, remote, and hybrid teams. In-office collaboration is back in focus, but its value depends on digitising outcomes: laptops, smartphones, and tablets must enable AI-driven transcription, task assignment, and follow-up tracking from physical or hybrid meetings.
- Personalisation and Mobility. Where practical, offer device personalisation through flexible BYOD or CYOD models. Even in industries or geographies where this isn’t feasible, small touches like device colour or accessories, can improve engagement. UEM tools are essential to enforce security while enabling flexibility.
- Performance and Reliability. Choose devices that deliver the right performance for the task, especially for users handling video, design, or AI workloads. Prioritise long battery life and reliable connectivity, including Wi-Fi 6/7 and 5G where available. While 5G laptops are still rare across many Asia Pacific markets, that’s likely to change as networks expand and manufacturers respond to demand.
- Localised Strategy. Given the distributed nature of many organisations in the region, support and warranty strategies should reflect local realities. Tiered service agreements may provide better value than one-size-fits-all premium coverage that’s difficult to deliver consistently.
Security and Compliance
- Cybersecurity Posture. EUC teams typically work hand-in-hand with their cyber teams in the development of a secure EUC strategy and the deployment of the preferred devices. Cybersecurity teams will likely provide specific guidance and require compliance with local and regional regulations and laws. They will likely require that EUC teams prioritise integrated security capabilities (such as zero-trust architectures, endpoint detection and response – EDR solutions, biometrics, hardware-based security features like TPM). Consider deploying AI-driven endpoint threat detection and response tools for proactive threat mitigation.
- Data Privacy and Regulatory Compliance. Assess devices and management systems to ensure adherence to local regulatory frameworks (such as Australia’s Privacy Act, Singapore’s PDPA, or the Philippines’ Data Privacy Act). Deploy robust policies and platforms for data encryption, remote wiping, and identity and access management (IAM).
Management, Sustainability and Operational Efficiency
- Unified Endpoint Management (UEM). Centralise device management through UEM platforms to streamline provisioning, policy enforcement, patching, updates, and troubleshooting. Boost efficiency further with automation and self-service tools to lower IT overhead and support costs.
- Asset Lifecycle Management (ALM). While many organisations have made progress in optimising ALM – from procurement to retirement – gaps remain, especially in geographies outside core operations. Use device analytics to monitor health, utilisation, and performance, enabling smarter refresh cycles and reduced downtime.
- Sustainable IT and CSR Alignment. Choose vendors with strong sustainability credentials such as energy-efficient devices, ethical manufacturing, and robust recycling programs. Apply circular economy principles to extend device lifespan, reduce e-waste, and lower your carbon footprint. Align EUC strategies with broader CSR and ESG goals, using device refresh cycles as opportunities to advance sustainability targets and reinforce your organisation’s values.
Cost and Investment Planning
- Total Cost of Ownership (TCO). Evaluate TCO holistically, factoring in purchase price, operations, software licensing, security, support, warranties, and end-of-life costs. TCO frameworks are widely available, but if you need help tailoring one to your business, feel free to reach out. Balance CapEx and OpEx across different deployment models – owned vs leased, cloud-managed vs on-premises.
- Budgeting & Financial Modelling. Clearly define ROI and benefit realisation timelines to support internal approvals. Explore vendor financing or consumption-based models to enhance flexibility. These often align with sustainability goals, with many vendors offering equipment recycling and resale programs that reduce overall costs and support circular IT practices.
Vendor and Partner Selection
- Vendor Support & Regional Coverage. Select vendors with strong regional support across Asia Pacific to ensure consistent service delivery across diverse markets. Many organisations rely on distributors and resellers for their extended reach into remote geographies. Others prefer working directly with manufacturers. While this can reduce procurement costs, it may increase servicing complexity and response times. Assess vendors not just on cost, but on local presence, partner network strength, and critically, their supply chain resilience.
- Innovation & Ecosystem Alignment. Partner with vendors whose roadmaps align with future technology priorities – AI, IoT, edge computing – and who continue to invest in advancing EUC capabilities. Long-term innovation alignment is just as important as short-term performance.
Building a modern, future-ready EUC strategy isn’t just about devices – it’s about aligning people, technology, security, sustainability, and business outcomes in a way that’s cost-effective and forward-looking. But we know investment planning can be tricky. At Ecosystm, we’ve helped organisations build ROI models that make a strong case for EUC investments. If you’d like guidance, feel free to reach out – we’re here to help you get it right.
Digital transformation in Malaysia has entered a new phase: less about bold roadmaps, more about fixing what’s broken. With the digital economy expected to reach 25.5% of GDP by 2025, the challenge now is turning strategy into results. Leaders aren’t chasing the next big thing – they are focused on integration bottlenecks, talent gaps, and showing real ROI.
The technology isn’t the problem; it’s making it stick. AI, cloud, and data platforms only deliver value when backed by the right systems, skills, and governance. From aviation to agriculture, organisations are being forced to rethink how they work, how they hire, and how they measure success.
Through a series of interviews and roundtable conversations with Malaysian business and tech leaders, Ecosystm heard firsthand what’s driving – and holding back – digital progress. These weren’t polished success stories, but honest reflections on what it really takes to move forward. The five themes below highlight where Malaysia’s transformation is gaining ground, where it’s getting stuck, and what’s needed to close the gap between ambition and execution.
Theme 1. Ecosystem Collaboration Is Driving Malaysia’s Digital Momentum
Malaysia’s digital transformation is being shaped not by individual breakthroughs, but by coordinated momentum across government, industry, and technology providers. This ecosystem-first approach is turning national ambitions into tangible outcomes. Flagship initiatives like JENDELA, Digital Nasional Berhad’s 5G rollout, and cross-agency digital infrastructure programs are laying the groundwork for smarter public services, connected industries, and inclusive digital access.
The Ministry of Digital (MyDigital) is taking a central role in aligning AI, 5G, and cybersecurity efforts under one roof – helping speed up policy execution and improve coordination between regulators and the private sector. Major tech players like Microsoft, Google, Nvidia, and AWS are responding with expanded investments in local cloud regions, chip design collaborations, and foundational AI services designed for Malaysian deployment environments.
What’s emerging is not just a policy roadmap, but a digitally integrated economy – where infrastructure rollouts, vendor innovation, and government leadership are advancing together. As Malaysia targets to create 500,000 new jobs and reach over 80% 5G population coverage, the strength of these partnerships will be critical in ensuring national strategies translate into sector-level execution.
Theme 2. Laying the Groundwork for Malaysia’s AI Economy
With over 90% of online content projected to be AI-generated by 2025, Malaysia faces growing urgency to ensure that the systems powering AI development are secure, interoperable, and locally relevant. This is about more than data sovereignty – it’s about building the infrastructure to support scalable, trusted, and sector-wide AI adoption.
The National AI Office (NAIO), under MyDigital, is leading efforts to align infrastructure with national priorities across healthcare, manufacturing, agriculture, and public services. Initiatives include supporting domestic data centres, enabling cross-sector cloud access, and establishing governance frameworks for responsible AI use.
The priority is no longer just adopting AI tools, but enabling Malaysia to develop, fine-tune, and deploy them on infrastructure that reflects local needs. Control over this ecosystem will shape how AI delivers value — from national security to inclusive fintech. To support this, Budget 2025 allocates USD 11.7 million for AI education and USD 4.2 million for the National AI Framework. Programs like AI Sandboxes, alongside emerging public-private partnerships, are helping bridge gaps in talent and tooling.
Together, these efforts are laying the foundation for an AI economy that is scalable, trusted, and anchored in Malaysia’s long-term digital ambitions.
Theme 3. Malaysia’s Enterprise AI Landscape: Still in Its Early Stages
Malaysian enterprises are actively exploring AI to drive competitiveness, but widespread, production-grade adoption remains limited. While leading banks are leveraging AI for fraud detection and digital onboarding, and manufacturers are exploring predictive maintenance and automation, many companies face barriers in scaling beyond pilots. Core challenges include siloed data systems, unclear return on investment, and limited in-house AI talent. Even when tools are available, businesses often lack the capacity to integrate them meaningfully into workflows.
Cost is another concern. AI implementation, especially when reliant on third-party platforms or cloud infrastructure, can be prohibitively expensive for mid-sized firms. Without a clear link to bottom-line improvement, AI investments are frequently deprioritised. There’s also lingering uncertainty around governance and compliance, which can further slow enterprise momentum.
For AI to scale across Malaysia, enterprise strategies must align with operational realities – offering cost-effective, localised solutions that deliver measurable value and inspire long-term confidence in digital transformation.
Theme 4. Building on Regulation to Achieve True Cyber Resilience
Malaysia is ramping up its cybersecurity strategy with a stronger regulatory backbone and ecosystem-wide initiatives. The upcoming Cyber Security Bill introduces mandatory breach notifications, sector-specific controls, and licensing for Managed Security Operations Centres (SOCs). Agencies like NACSA are driving protections across 11 critical sectors, while the Cybersecurity Centre of Excellence (CCoE) in Cyberjaya is scaling SOC analyst training in partnership with international players. These efforts are complemented by Malaysia’s leadership role in IMPACT, the UN’s cybersecurity hub, and participation in ASEAN-wide resilience initiatives.
Despite this progress, enterprise readiness remains inconsistent. Malaysian businesses faced an average of 74,000 cyberattacks per day in 2023, yet many still rely on outdated playbooks and fragmented systems. Cybersecurity is often viewed through a compliance lens – meeting audit requirements rather than preparing for real-time recovery. Investments are still skewed toward perimeter defences, while response protocols, cross-team coordination, and real-time observability are underdeveloped.
True resilience requires a shift in mindset: cybersecurity must be treated as a board-level business function. It must be operationalised through simulations, automated response frameworks, and enterprise-wide drills. In a threat landscape that is both persistent and sophisticated, Malaysia must evolve from regulatory compliance to strategic continuity – where recovery speed, not just prevention, becomes the defining metric of cyber maturity.
Theme 5. Malaysia’s Digital Transformation Is Being Led by Industry, Not Policy
While national strategies like the New Industrial Master Plan 2030 set out broad ambitions, real AI-led transformation in Malaysia is taking shape from the ground up, driven by industrial leaders tackling operational challenges with data. Manufacturing and Energy firms, which together contribute over 30% of Malaysia’s GDP, are ahead of the curve. Leaders are using AI for predictive maintenance, digital twins, logistics optimisation, and emissions tracking, often outpacing regulatory requirements.
In some cases, cloud platforms now process millions of machine data points daily to reduce downtime and lower costs at scale. What sets these firms apart is their focus on well-integrated, usable data. Rather than running isolated pilots, they’re building interoperable systems with shared telemetry, open APIs, and embedded analytics, with a focus on enabling AI that adapts in real time.
Malaysia’s next leap in transformation will hinge on whether the data discipline seen in leading industries can be replicated across less-digitised sectors.
If we consider Agriculture – still contributing 7-8% of GDP and employing nearly 10% of the workforce – we find that it remains digitally fragmented. While drones and IoT devices are collecting NDVI and soil data, much of it remains siloed or underutilised. Without clean data pipelines or national integration standards, AI struggles to move from demonstration to deployment.
A Moment to Redefine Ambition
Malaysia stands at a point where digital ambition must evolve into digital maturity. This means asking harder questions – not about what can be built, but what should be prioritised, sustained, and scaled. As capabilities deepen, the challenge is no longer innovation for its own sake, but ensuring technology serves long-term national resilience, equity, and competitiveness. The decisions made now will shape not just digital progress – but the kind of economy and society Malaysia becomes in the decade ahead.
As rapid technological change, rising citizen expectations, and growing demands for efficiency and transparency converge, the public sector stands at a pivotal crossroads. Profound, system-wide transformation is no longer a future ambition – it is an urgent imperative. From streamlining services and optimising resources to strengthening engagement and building more resilient infrastructure, the challenges and opportunities facing governments are immense.
Now is the time to reimagine how innovation, technology, and a citizen-first mindset can come together to reshape the very fabric of the public sector.
Click here to download “Future Forward: Reimagining the Public Sector” as a PDF.
Smarter City Management with Digital Twin
GovTech Singapore faced challenges in managing data from smart infrastructure as part of its Smart Nation initiative. They needed a more efficient way to visualise and analyse data from sources like smart lamp posts to improve urban management and resource optimisation.
GovTech implemented a digital twin solution that integrates real-time data from environmental sensors and traffic cameras into a dynamic 3D visualisation platform, enhanced by AI-driven analytics for predictive maintenance and resource allocation.
This solution provided valuable operational insights, reduced maintenance costs, and improved responsiveness to urban challenges. It boosted scalability and performance, optimising city planning and advancing the Smart Nation initiative towards more sustainable and efficient urban development.
Digital Leap for Accessible Governance
Scattered across the Indian Ocean, the Maldives faced a major challenge: delivering government services to citizens spread over 1,000 islands without forcing them to travel. The Ministry of Environment, Climate Change and Technology aimed to build a digital economy that could bring essential services directly to every island, while cutting costs and supporting sustainability goals.
The Ministry unified government agencies on a single, secure digital platform, enabling cloud-based collaboration, virtual meetings, and streamlined access to services.
Now, 20,000 public servants collaborate online, reducing travel, paper use, and operational costs. Government services have become faster and more accessible, solar energy projects are managed more efficiently, and citizens can access services – from banking to legal hearings – without leaving their islands. With digitalisation now embedded, the Maldives is laying the groundwork for AI-driven innovation and further advances in sustainable governance.
Enhancing Urban Resilience
With rising flood risks and extreme weather, Melbourne Water needed a faster, smarter way to maintain its 4,000 stormwater grates. Manual inspections were slow, costly, and couldn’t keep up with intensifying storms. Crews struggled to inspect grates across 14,000 sq km, often arriving too late or checking clear grates. Frequent site visits drove up costs, safety risks, and stretched resources, while the city needed to scale inspections without overburdening crews.
Melbourne Water implemented a cloud-based image recognition system with real-time cameras, using AI to detect blockages and trigger work orders only when needed.
The system is expanding beyond trial sites to cover critical points in the drainage network, with early results showing tens of thousands in annual savings and further efficiency gains. By freeing up crews and reducing manual work, Melbourne Water is better prepared to manage flood risks and support the city’s sustainable growth.
Making the Cloud Shift to Address Bottlenecks
The Philippine national police force overhauled its outdated licensing system, where applicants endured weeks-long waits, repeated office visits, and costly delays. Staff were bogged down by manual checks, while on-prem systems struggled with capacity limits, poor scalability, and frequent outages.
By shifting to a cloud-native platform, processing times dropped from four weeks to 24 hours – a 96% improvement.
The system now handles 5x more applications daily, scaling automatically with demand. Secure cloud storage replaced legacy systems, freeing IT teams to focus on citizen services. A nationwide content network and built-in security keep access fast, reliable, and protected. The force is unifying IT on one cloud platform and rolling out disaster recovery to boost resilience and future-proof operations.
Streamlining Employee Services
The New Zealand Parliamentary Service needed a more efficient way to manage employee services. Previously reliant on 11 separate email inboxes and a third-party IT service desk, the system was slow, disjointed, and cumbersome. Onboarding and offboarding were a particularly time-sensitive challenge, often causing delays and frustrations.
To streamline operations, the service transitioned to a unified platform, consolidating services into a single portal.
This move cut response times from weeks to just two days and simplified access to essential services, improving employee satisfaction and operational efficiency. With real-time performance tracking and AI-driven case management, the Parliamentary Service is now equipped to scale and optimise service delivery as it continues its digital transformation.
Enhancing Weather Prediction
The Japan Meteorological Agency (JMA) faces the challenge of enhancing weather predictions, particularly for typhoons and torrential rains, as climate change increases their frequency and intensity.
JMA upgraded its supercomputing infrastructure to boost memory bandwidth and computational power, enabling higher-resolution forecasts and more accurate predictions for linear precipitation zones.
The result: JMA has improved the resolution of its local weather models, extending the forecast time for local predictions from 10 to 18 hours. The new system has also increased prediction accuracy for linear precipitation zones, raising the probability of forecasting these events 15 hours in advance from 33% to higher levels. Additionally, the new infrastructure has reduced the number of nodes needed for some weather prediction models by up to 80%, optimising computational resources for other forecasting needs.
Retail transformation is a continuous, dynamic journey of reinvention – driven by agility, experimentation, and the need to keep pace with ever-evolving consumer behaviour. It’s not a fixed destination but an ongoing process of innovation.
At its heart, retail transformation is about putting the customer squarely in control. It’s the strategic overhaul that allows retailers to truly understand individual desires, offering hyper-personalised journeys that blur the lines between online browsing and in-store discovery.
Click here to download “Future Forward: Reimagining Retail” as a PDF.
Enabling Growth with Smarter Sales and Distribution
India’s Tata Consumer Products, aiming to grow their FMCG market share, set out to digitise sales across the vast ‘kirana’-driven retail network.
The company replaced outdated tools with a system that streamlines distributor onboarding, order management, and retail execution – cutting setup times from days to minutes.
A mobile app gives field reps real-time inventory, auto-applied promos, and personalised KPIs, while dashboards give managers live territory insights. Built in seven months, the platform now handles 6M+ transactions monthly, supports 8,000 reps, 12,000 distributors, and 1.6M outlets. Centralised service and rapid feature rollouts keep Tata Consumer fast, responsive, and customer-focused.
Addressing Legacy Limitations
One of New Zealand’s leading grocery retailer, Foodstuffs South Island, faced growing limitations from aging ERP systems and hardware nearing end-of-life.
Instead of reinvesting in outdated tech, FSSI launched Project Petra – a leap to a unified, cloud-based ERP platform.
The shift enabled intelligent replenishment, robotic automation, and a vastly improved user experience. In 18 months, FSSI streamlined roles, rebuilt core apps, and completed a smooth go-live in just three days. The payoff: forecasting and replenishment times cut by up to 50%, faster transactions, seamless price updates, and real-time insights. What began as a tech upgrade became a full transformation – boosting agility, empowering teams, and fuelling future-ready growth.
Streamlining Workflows, Empowering Employees
UCC Group, the Japanese coffee pioneer, is brewing a transformation internally. With 88 locations across 21 countries, UCC faced mounting inefficiencies from outdated legacy systems – slow, complex workflows and clunky portals that frustrated employees and slowed approvals.
UCC replaced their legacy systems with a cloud-first, mobile-first platform.
VPNs were eliminated. Approvals that once took multiple logins now take one tap. A clean, co-designed portal replaced the old interface, putting ease of use first. E-signatures and digitised requests cut paper use by 90% – over 1.5 million forms saved. A new life-event portal launched in just one month, proving speed and simplicity can coexist. Now expanding globally, UCC is unifying ERP, data, and apps into a single, employee-first hub – built for scale, speed, and the future.
Scaling Customer Experience at Speed
Aditya Birla Fashion Retail Limited (ABFRL) faced the challenge of scaling their multi-brand presence without compromising customer experience. As growth surged across stores, online platforms, and marketplaces, their order management system struggled to keep up – putting fulfillment speed, accuracy, and satisfaction at risk.
To solve this, ABFRL implemented a scalable, multi-instance order management solution that streamlined inventory tracking, fulfillment, and refunds.
The result: 99.5% faster inventory sync, zero refund failures, smarter order decisions, and accurate delivery estimates across all channels. This strategic overhaul helped ABFRL maintain service excellence while fuelling sustainable growth – proving that operational agility is key to scaling customer experience at speed.
Solving Reliability & Scalability Challenges
Chicks Lifestyle is a trusted home-grown brand in Hong Kong known for quality innerwear and thermal wear. As they expanded online and geared up for sustainable growth, outdated on-prem systems began to strain under peak-season pressure – causing crashes, long checkout lines, and customer frustration.
To fix this, they migrated their core ERP and POS systems to the cloud in just six weeks with zero data loss.
The result: 99.99% uptime, 30% jump in efficiency, 15% faster checkouts, and 40% lower IT costs. Loyalty data access dropped from minutes to seconds, enabling personalised service at scale. With a stable, scalable tech backbone in place, Chicks Lifestyle is now exploring AI to power their next phase of innovation.
AI has become a battleground for geopolitical competition, national resilience, and societal transformation. The stakes are no longer theoretical, and the window for action is closing fast.
In March, the U.S. escalated its efforts to shape the global technology landscape by expanding export controls on advanced AI and semiconductor technologies. Over 80 entities – more than 50 in China – were added to the export blacklist, aiming to regulate access to critical technologies. The move seeks to limit the development of high-performance computing, quantum technologies, and AI in certain regions, citing national security concerns.
As these export controls tighten, reports have surfaced of restricted chips entering China through unofficial channels, including e-commerce platforms. U.S. authorities are working to close these gaps by sanctioning new entities attempting to circumvent the restrictions. The Department of Commerce’s Bureau of Industry and Security (BIS) is also pushing for stricter Know Your Customer (KYC) regulations for cloud service providers to limit unauthorised access to GPU resources across the Asia Pacific region.
Geopolitics & the Pursuit of AI Dominance
Bipartisan consensus has emerged in Washington around the idea that leading in artificial general intelligence (AGI) is a national security imperative. If AI is destined to shape the future balance of power, the U.S. government believes it cannot afford to fall behind. This mindset has accelerated an arms-race dynamic reminiscent of the Thucydides Trap, where the fear of being overtaken compels both sides to push ahead, even if alignment and safety mechanisms are not yet in place.
China has built extensive domestic surveillance infrastructure and has access to large volumes of data that would be difficult to collect under the regulatory frameworks of many other countries. Meanwhile, major U.S. social media platforms can refine their AI models using behavioural data from a broad global user base. AI is poised to enhance governments’ ability to monitor compliance and enforce laws that were written before the digital age – laws that previously assumed enforcement would be limited by practical constraints. This raises important questions about how civil liberties may evolve when technological limitations are no longer a barrier to enforcement.
The Digital Battlefield
Cybersecurity Threat. AI is both a shield and a sword in cybersecurity. We are entering an era of algorithm-versus-algorithm warfare, where AI’s speed and adaptability will dictate who stays secure and who gets compromised. Nations are prioritising AI for cyber defence to stay ahead of state actors using AI for attacks. For example, the DARPA AI Cyber Challenge is funding tools that use AI to identify and patch vulnerabilities in real-time – essential for defending against state-sponsored threats.
Yet, a key vulnerability exists within AI labs themselves. Many of these organisations, though responsible for cutting-edge models, operate more like startups than defence institutions. This results in informal knowledge sharing, inconsistent security standards, and minimal government oversight. Despite their strategic importance, these labs lack the same protections and regulations as traditional military research facilities.
High-Risk Domains and the Proliferation of Harm. AI’s impact on high-risk domains like biotechnology and autonomous systems is raising alarms. Advanced AI tools could lower the barriers for small groups or even individuals to misuse biological data. As Anthropic CEO Dario Amodei warns, “AI will vastly increase the number of people who can cause catastrophic harm.”
This urgency for oversight mirrors past technological revolutions. The rise of nuclear technology prompted global treaties and safety protocols, and the expansion of railroads drove innovations like block signalling and standardised gauges. With AI’s rapid progression, similar safety measures must be adopted quickly.
Meanwhile, AI-driven autonomous systems are growing in military applications. Drones equipped with AI for real-time navigation and target identification are increasingly deployed in conflict zones, especially where traditional systems like GPS are compromised. While these technologies promise faster, more precise operations, they also raise critical ethical questions about decision-making, accountability, and latency.
The 2024 National Security Memorandum on AI laid down initial guidelines for responsible AI use in defence. However, significant challenges remain around enforcement, transparency, and international cooperation.
AI for Intelligence and Satellite Analysis. AI also holds significant potential for national intelligence. Governments collect massive volumes of satellite imagery daily – far more than human analysts can process alone. AI models trained on geospatial data can greatly enhance the ability to detect movement, monitor infrastructure, and improve border security. Companies like ICEYE and Satellogic are advancing their computer vision capabilities to increase image processing efficiency and scale. As AI systems improve at identifying patterns and anomalies, each satellite image becomes increasingly valuable. This could drive a new era of digital intelligence, where AI capabilities become as critical as the satellites themselves.
Policy, Power, and AI Sovereignty
Around the world, governments are waking up to the importance of AI sovereignty – ensuring that critical capabilities, infrastructure, and expertise remain within national borders. In Europe, France has backed Mistral AI as a homegrown alternative to US tech giants, part of a wider ambition to reduce dependency and assert digital independence. In China, DeepSeek has gained attention for developing competitive LLMs using relatively modest compute resources, highlighting the country’s determination to lead without relying on foreign technologies.
These moves reflect a growing recognition that in the AI age, sovereignty doesn’t just mean political control – it also means control over compute, data, and talent.
In the US, the public sector is working to balance oversight with fostering innovation. Unlike the internet, the space program, or the Manhattan Project, the AI revolution was primarily initiated by the private sector, with limited state involvement. This has left the public sector in a reactive position, struggling to keep up. Government processes are inherently slow, with legislation, interagency reviews, and procurement cycles often lagging rapid technological developments. While major AI breakthroughs can happen within months, regulatory responses may take years.
To address this gap, efforts have been made to establish institutions like the AI Safety Institute and requiring labs to share their internal safety evaluations. However, since then, there has been a movement to reduce the regulatory burden on the AI sector, emphasising the importance of supporting innovation over excessive caution.
A key challenge is the need to build both policy frameworks and physical infrastructure in tandem. Advanced AI models require significant computational resources, and by extension, large amounts of energy. As countries like the US and China compete to be at the forefront of AI innovation, ensuring a reliable energy supply for AI infrastructure becomes crucial.
If data centres cannot scale quickly or if clean energy becomes too expensive, there is a risk that AI infrastructure could migrate to countries with fewer regulations and lower energy costs. Some nations are already offering incentives to attract these capabilities, raising concerns about the long-term security of critical systems. Governments will need to carefully balance sovereignty over AI infrastructure with the development of sufficient domestic electricity generation capacity, all while meeting sustainability goals. Without strong partnerships and more flexible policy mechanisms, countries may risk ceding both innovation and governance to private actors.
What Lies Ahead
AI is no longer an emerging trend – it is a cornerstone of national power. It will shape not only who leads in innovation but also who sets the rules of global engagement: in cyber conflict, intelligence gathering, economic dominance, and military deterrence. The challenge governments face is twofold. First, to maintain strategic advantage, they must ensure that AI development – across private labs, defence systems, and public infrastructure – remains both competitive and secure. Second, they must achieve this while safeguarding democratic values and civil liberties, which are often the first to erode under unchecked surveillance and automation.
This isn’t just about faster processors or smarter algorithms. It’s about determining who defines the future – how decisions are made, who has oversight, and what values are embedded in the systems that will govern our lives.
The tech industry is experiencing a strategic convergence of AI, data management, and cybersecurity, driving a surge in major M&A activity. As enterprises tackle digital transformation, these three pillars are at the forefront, accelerating the race to acquire and integrate critical technologies.
Here are this year’s key consolidation moves, showcasing how leading tech companies are positioning themselves to capitalise on the rising demand for AI-driven solutions, robust data infrastructure, and enhanced cybersecurity.
AI Convergence: Architecting the Intelligent Enterprise
From customer service to supply chain management, AI is being deployed across the entire enterprise value chain. This widespread demand for AI solutions is creating a dynamic M&A market, with tech companies acquiring specialised AI capabilities.
IBM’s AI Power Play
IBM’s acquisitions of HashiCorp and DataStax mark a decisive step in its push to lead enterprise AI and hybrid cloud. The USD 6.4B HashiCorp deal that got finalised this year, brings Terraform, a top-tier infrastructure-as-code tool that streamlines multi-cloud deployments – key to integrating IBM’s Red Hat OpenShift and Watsonx AI. Embedding Terraform enhances automation, making hybrid cloud infrastructure more efficient and AI-ready.
The DataStax acquisition strengthens IBM’s AI data strategy. With AstraDB and Apache Cassandra, IBM gains scalable NoSQL solutions for AI workloads, while Langflow simplifies AI app development. Together, these moves position IBM as an end-to-end AI and cloud powerhouse, offering enterprises seamless automation, data management, and AI deployment at scale.
MongoDB’s RAG Focus
MongoDB’s USD 220M acquisition of Voyage AI signals a strategic push toward enhancing AI reliability. At the core of this move is retrieval-augmented generation (RAG), a technology that curbs AI hallucinations by grounding responses in accurate, relevant data.
By integrating Voyage AI into its Atlas cloud database, MongoDB is making AI applications more trustworthy and reducing the complexity of RAG implementations. Enterprises can now build AI-driven solutions directly within their database, streamlining development while improving accuracy. This move consolidates MongoDB’s role as a key player in enterprise AI, offering both scalable data management and built-in AI reliability.
Google’s 1B Bet on Anthropic
Google’s continued investment in Anthropic reinforces its commitment to foundation model innovation and the evolving GenAI landscape. More than a financial move, this signals Google’s intent to shape the future of AI by backing one of the field’s most promising players.
This investment aligns with a growing trend among cloud giants securing stakes in foundation model developers to drive AI advancements. By deepening ties with Anthropic, Google not only gains access to cutting-edge AI research but also strengthens its position in developing safe, scalable, and enterprise-ready AI. This solidifies Google’s long-term AI strategy, ensuring its leadership in GenAI while seamlessly integrating these capabilities into its cloud ecosystem.
ServiceNow’s AI Automation Expansion
ServiceNow’s USD 2.9B acquisition of Moveworks completed this year, marking a decisive push into AI-driven service desk automation. This goes beyond feature expansion – it redefines enterprise support operations by embedding intelligent automation into workflows, reducing resolution times, and enhancing employee productivity.
The acquisition reflects a growing shift: AI-powered service management is no longer optional but essential. Moveworks’ AI-driven capabilities – natural language understanding, machine learning, and automated issue resolution – will enable ServiceNow to deliver a smarter, more proactive support experience. Additionally, gaining Moveworks’ customer base strengthens ServiceNow’s market reach.
Data Acquisition Surge: Fuelling Digital Transformation
Data has transcended its role as a byproduct of operations, becoming the lifeblood that fuels digital transformation. This fundamental shift has triggered a surge in strategic acquisitions focused on enhancing data management and storage capabilities.
Lenovo Scaling Enterprise Storage
Lenovo’s USD 2B acquisition of Infinidat strengthens its position in enterprise storage as data demands surge. Infinidat’s AI-driven InfiniBox delivers high-performance, low-latency storage for AI, analytics, and HPC, while InfiniGuard ensures advanced data protection.
By integrating these technologies, Lenovo expands its hybrid cloud offerings, challenging Dell and NetApp while reinforcing its vision as a full-stack data infrastructure provider.
Databricks Streamlining Data Warehouse Migrations
Databricks’ USD 15B acquisition of BladeBridge accelerates data warehouse migrations with AI-driven automation, reducing manual effort and errors in migrating legacy platforms like Snowflake and Teradata. BladeBridge’s technology enhances Databricks’ SQL platform, simplifying the transition to modern data ecosystems.
This strengthens Databricks’ Data Intelligence Platform, boosting its appeal by enabling faster, more efficient enterprise data consolidation and supporting rapid adoption of data-driven initiatives.
Cybersecurity Consolidation: Fortifying the Digital Fortress
The escalating sophistication of cyber threats has transformed cybersecurity from a reactive measure to a strategic imperative. This has fuelled a surge in M&A aimed at building comprehensive and integrated security solutions.
Turn/River Capital’s Security Acquisition
Turn/River Capital’s USD 4.4 billion acquisition of SolarWinds underscores the enduring demand for robust IT service management and security software. This acquisition is a testament to the essential role SolarWinds plays in enterprise IT infrastructure, even in the face of past security breaches.
This is a bold investment, in the face of prior vulnerability and highlights a fundamental truth: the need for reliable security solutions outweighs even the most public of past failings. Investors are willing to make long term bets on companies that provide core security services.
Sophos Expanding Managed Detection & Response Capabilities
Sophos completed the acquisition of Secureworks for USD 859M significantly strengthens its managed detection and response (MDR) capabilities, positioning Sophos as a major player in the MDR market. This consolidation reflects the growing demand for comprehensive cybersecurity solutions that offer proactive threat detection and rapid incident response.
By integrating Secureworks’ XDR products, Sophos enhances its ability to provide end-to-end protection for its customers, addressing the evolving threat landscape with advanced security technologies.
Cisco’s Security Portfolio Expansion
Cisco completed the USD 28B acquisition of SnapAttack further expanding its security business, building upon its previous acquisition of Splunk. This move signifies Cisco’s commitment to creating a comprehensive security portfolio that can address the diverse needs of its enterprise customers.
By integrating SnapAttack’s threat detection capabilities, Cisco strengthens its ability to provide proactive threat intelligence and incident response, solidifying its position as a leading provider of security solutions.
Google’s Cloud Security Reinforcement
Google’s strategic acquisition of Wiz, a leading cloud security company, for USD 32B demonstrates its commitment to securing cloud-native environments. Wiz’s expertise in proactive threat detection and remediation will significantly enhance Google Cloud’s security offerings. This move is particularly crucial as organisations increasingly migrate their workloads to the cloud.
By integrating Wiz’s capabilities, Google aims to provide its customers with a robust security framework that can protect their cloud-based assets from sophisticated cyber threats. This acquisition positions Google as a stronger competitor in the cloud security market, reinforcing its commitment to enterprise-grade cybersecurity.
The Way Ahead
The M&A trends of 2025 underscore the critical role of AI, data, and security in shaping the technology landscape. Companies that prioritise these core areas will be best positioned for long-term success. Strategic acquisitions, when executed with foresight and agility, will serve as essential catalysts for navigating the complexities of the evolving digital world.
2025 is already shaping up to be a battleground for cybersecurity. With global cybercrime costs projected to reach USD 10.5T, by year’s end, the stakes have never been higher. Cybercriminals are getting smarter, using AI-driven tactics and large-scale exploits to target critical sectors. From government breaches to hospital data leaks and a surge in phishing scams, recent attacks highlight the growing financial and operational toll of cyber threats.
As cyber threats intensify, the demand for stronger defences, top-tier cybersecurity talent, and global collaboration has never been more urgent.
Here’s a look at the recent cyber developments that are shaping 2025.
Click here to download “Cyber Lessons from the Frontlines” as a PDF.
Major Security Breaches: A Costly Wake-Up Call
Cyberattacks are becoming more targeted, disruptive, and costly – impacting governments and organisations worldwide.
In Singapore, mobile wallet fraud is surging, with phishing tactics causing USD 8.9K in losses – 80% linked to Apple Pay. In the UK, security flaws in government IT systems have exposed sensitive data and infrastructure. South Africa’s government-run weather service (SAWS) was also forced offline, disrupting a critical resource for airlines, farmers, and emergency responders. Across the Atlantic, a data breach at a Georgia hospital compromised 120,000 patient records, while BayMark Health Services, the largest addiction treatment provider in the US, alerted patients to a similar breach.
What steps are governments, tech providers, and enterprises taking to protect themselves, critical infrastructure, and individuals?
Protecting Critical Infrastructure: The Digital Backbone
As global connectivity expands, securing critical infrastructure is paramount to sustaining growth, stability, and public trust.
Undersea cables, which carry much of the world’s internet traffic, are a major focus. While tech giants like Amazon, Meta, and Google are expanding these networks to boost global data speed and reliability, the need for protection is just as urgent – prompting the EU to invest nearly a billion dollars in securing them against emerging threats.
Governments and tech providers alike are stepping up. The European Commission has introduced a cybersecurity blueprint to strengthen crisis coordination, rapid response, and information sharing. Meanwhile, Microsoft is investing USD 700M in Poland’s cloud and AI infrastructure, working with the Polish National Defense to enhance cybersecurity through AI-driven strategies.
Quantifying Cyber Risk: Standardised Threat Assessment
As cyber threats grow more sophisticated, so must our ability to detect, measure, and respond to them.
A major shift in cybersecurity is underway – one that prioritises standardised threat assessment and coordinated defense.
The UK is leading the charge with a new cyber monitoring centre that will introduce a “Richter Scale” for cyberattacks, ranking threats much like earthquake magnitudes. Emerging countries are also joining in; Vietnam is strengthening its cyber defences with a new intelligence-sharing platform designed to improve coordination between the government and private sector.
By quantifying cyber risks and enhancing intelligence-sharing, these efforts are shaping global cybersecurity norms, improving response times, and building a more resilient digital ecosystem.
Beyond Defence: Proactive Measures to Combat AI-Driven Cybercrime
Cyber threats evolve faster than defences can keep up – a single click on a malicious email can lead to a breach in just 72 minutes.
With AI making cyberattacks more sophisticated, governments are taking an active role in cyber law enforcement.
Indonesia set up a cyber patrol to monitor and regulate harmful online content while also working to create a safer digital space for children. Thailand, Cambodia, and Laos are cooperating to curb cross-border scams through intelligence sharing and joint enforcement efforts.
Building Trust Online: Digital Identity Solutions
Governments are moving beyond enforcement to strengthen security with digital identity frameworks.
The EU is leading this shift with large-scale pilots for digital identity wallets, designed to offer citizens a secure, seamless way to verify credentials for services, transactions, and age-restricted content. By 2026, each EU member state will issue its own wallet, built on unified technical standards to ensure cross-border interoperability and stronger cybersecurity.
Digital identity wallets mark a major shift in data security, giving citizens greater control over their information while strengthening online trust. By securing identity verification, governments are reducing fraud and identity theft, creating a safer digital landscape.
Closing the Gap: Global Cyber Education Push
Cybersecurity education is no longer just for IT teams – it’s essential at every level, from executives to employees, to build long-term resilience.
Again, governments and tech giants alike are stepping up to bridge the skills gap and enhance cyber awareness.
Singapore is leading by example with a cyber-resilience training program for board directors, ensuring corporate leaders understand cyber risk management. AWS is investing USD 6.35M to support cybersecurity education in the UK, and Microsoft is expanding its global training efforts. The company has partnered with Kazakhstan to strengthen public sector cybersecurity and has committed to training one million South Africans in AI and cybersecurity by 2026.
The Path Forward: A Collective Responsibility
The cybersecurity landscape underscores a crucial truth: resilience can’t be built in isolation. Governments, businesses, and individuals must move past reactive measures and adopt a collective, intelligence-driven approach. As threats grow more sophisticated, so must our commitment to collaboration, vigilance, and proactive defence.
In an increasingly interconnected world, securing the digital landscape is not just necessary – it’s a shared responsibility.
AI is reshaping the tech infrastructure landscape, demanding a fundamental rethinking of organisational infrastructure strategies. Traditional infrastructure, once sufficient, now struggles to keep pace with the immense scale and complexity of AI workloads. To meet these demands, organisations are turning to high-performance computing (HPC) solutions, leveraging powerful GPUs and specialised accelerators to handle the computationally intensive nature of AI algorithms.
Real-time AI applications, from fraud detection to autonomous vehicles, require lightning-fast processing speeds and low latency. This is driving the adoption of high-speed networks and edge computing, enabling data processing closer to the source and reducing response times. AI-driven automation is also streamlining infrastructure management, automating tasks like network provisioning, security monitoring, and capacity planning. This not only reduces operational overhead but also improves efficiency and frees up valuable resources.
Ecosystm analysts Darian Bird, Peter Carr, Simona Dimovski, and Tim Sheedy present the key trends shaping the tech infrastructure market in 2025.
Click here to download ‘Building the AI Future: Top 5 Infra Trends for 2025’ as a PDF
1. The AI Buildout Will Accelerate; China Will Emerge as a Winner
In 2025, the race for AI dominance will intensify, with Nvidia emerging as the big winner despite an impending AI crash. Many over-invested companies will fold, flooding the market with high-quality gear at bargain prices. Meanwhile, surging demand for AI infrastructure – spanning storage, servers, GPUs, networking, and software like observability, hybrid cloud tools, and cybersecurity – will make it a strong year for the tech infrastructure sector.
Ironically, China’s exclusion from US tech deals has spurred its rise as a global tech giant. Forced to develop its own solutions, China is now exporting its technologies to friendly nations worldwide.
By 2025, Chinese chipmakers are expected to rival international peers, with some reaching parity.
2. AI-Optimised Cloud Platforms Will Dominate Infrastructure Investments
AI-optimised cloud platforms will become the go-to infrastructure for organisations, enabling seamless integration of machine learning capabilities, scalable compute power, and efficient deployment tools.
As regulatory demands grow and AI workloads become more complex, these platforms will provide localised, compliant solutions that meet data privacy laws while delivering superior performance.
This shift will allow businesses to overcome the limitations of traditional infrastructure, democratising access to high-performance AI resources and lowering entry barriers for smaller organisations. AI-optimised cloud platforms will drive operational efficiencies, foster innovation, and help businesses maintain compliance, particularly in highly regulated industries.
3. PaaS Architecture, Not Data Cleanup, Will Define AI Success
By 2025, as AI adoption reaches new heights, organisations will face an urgent need for AI-ready data, spurring significant investments in data infrastructure. However, the approach taken will be pivotal.
A stark divide will arise between businesses fixated on isolated data-cleaning initiatives and those embracing a Platform-as-a-Service (PaaS) architecture.
The former will struggle, often unintentionally creating more fragmented systems that increase complexity and cybersecurity risks. While data cleansing is important, focusing exclusively on it without a broader architectural vision leads to diminishing returns. On the other hand, organisations adopting PaaS architectures from the start will gain a distinct advantage through seamless integration, centralised data management, and large-scale automation, all critical for AI.
4. Small Language Models Will Push AI to the Edge
While LLMs have captured most of the headlines, small language models (SLMs) will soon help to drive AI use at the edge. These compact but powerful models are designed to operate efficiently on limited hardware, like AI PCs, wearables, vehicles, and robots. Their small size translates into energy efficiency, making them particularly useful in mobile applications. They also help to mitigate the alarming electricity consumption forecasts that could make widespread AI adoption unsustainable.
Self-contained SMLs can function independently of the cloud, allowing them to perform tasks that require low latency or without Internet access.
Connected machines in factories, warehouses, and other industrial environments will have the benefit of AI without the burden of a continuous link to the cloud.
5. The Impact of AI PCs Will Remain Limited
AI PCs have been a key trend in 2024, with most brands launching AI-enabled laptops. However, enterprise feedback has been tepid as user experiences remain unchanged. Most AI use cases still rely on the public cloud, and applications have yet to be re-architected to fully leverage NPUs. Where optimisation exists, it mainly improves graphics efficiency, not smarter capabilities. Currently, the main benefit is extended battery life, explaining the absence of AI in desktop PCs, which don’t rely on batteries.
The market for AI PCs will grow as organisations and consumers adopt them, creating incentives for developers to re-architect software to leverage NPUs.
This evolution will enable better data access, storage, security, and new user-centric capabilities. However, meaningful AI benefits from these devices are still several years away.
Ecosystm research shows that cybersecurity is the most discussed technology at the Board and Management level, driven by the increasing sophistication of cyber threats and the rapid adoption of AI. While AI enhances security, it also introduces new vulnerabilities. As organisations face an evolving threat landscape, they are adopting a more holistic approach to cybersecurity, covering prevention, detection, response, and recovery.
In 2025, cybersecurity leaders will continue to navigate a complex mix of technological advancements, regulatory pressures, and changing business needs. To stay ahead, organisations will prioritise robust security solutions, skilled professionals, and strategic partnerships.
Ecosystm analysts Darian Bird, Sash Mukherjee, and Simona Dimovski present the key cybersecurity trends for 2025.
Click here to download ‘Securing the AI Frontier: Top 5 Cyber Trends for 2025’ as a PDF
1. Cybersecurity Will Be a Critical Differentiator in Corporate Strategy
The convergence of geopolitical instability, cyber weaponisation, and an interconnected digital economy will make cybersecurity a cornerstone of corporate strategy. State-sponsored cyberattacks targeting critical infrastructure, supply chains, and sensitive data have turned cyber warfare into an operational reality, forcing businesses to prioritise security.
Regulatory pressures are driving this shift, mandating breach reporting, data sovereignty, and significant penalties, while international cybersecurity norms compel companies to align with evolving standards to remain competitive.
The stakes are high. Stakeholders now see cybersecurity as a proxy for trust and resilience, scrutinising both internal measures and ecosystem vulnerabilities.
2. Zero Trust Architectures Will Anchor AI-Driven Environments
The future of cybersecurity lies in never trusting, always verifying – especially where AI is involved.
In 2025, the rise of AI-driven systems will make Zero Trust architectures vital for cybersecurity. Unlike traditional networks with implicit trust, AI environments demand stricter scrutiny due to their reliance on sensitive data, autonomous decisions, and interconnected systems. The growing threat of adversarial attacks – data poisoning, model inversion, and algorithmic manipulation – highlights the urgency of continuous verification.
Global forces are driving this shift. Regulatory mandates like the EU’s DORA, the US Cybersecurity Executive Order, and the NIST Zero Trust framework call for robust safeguards for critical systems. These measures align with the growing reliance on AI in high-stakes sectors like Finance, Healthcare, and National Security.
3. Organisations Will Proactively Focus on AI Governance & Data Privacy
Organisations are caught between excitement and uncertainty regarding AI. While the benefits are immense, businesses struggle with the complexities of governing AI. The EU AI Act looms large, pushing global organisations to brace for stricter regulations, while a rise in shadow IT sees business units bypassing traditional IT to deploy AI independently.
In this environment of regulatory ambiguity and organisational flux, CISOs and CIOs will prioritise data privacy and governance, proactively securing organisations with strong data frameworks and advanced security solutions to stay ahead of emerging regulations.
Recognising that AI will be multi-modal, multi-vendor, and hybrid, organisations will invest in model orchestration and integration platforms to simplify management and ensure smoother compliance.
4. Network & Security Stacks Will Streamline Through Converged Platforms
This shift stems from the need for unified management, cost efficiency, and the recognition that standardisation enhances security posture.
Tech providers are racing to deliver comprehensive network and security platforms.
Recent M&A moves by HPE (Juniper), Palo Alto Networks (QRadar SaaS), Fortinet (Lacework), and LogRhythm (Exabeam) highlight this trend. Rising player Cato Networks is capitalising on mid-market demand for single-provider solutions, with many customers planning to consolidate vendors in their favour. Meanwhile, telecoms are expanding their SASE offerings to support organisations adapting to remote work and growing cloud adoption.
5. AI Will Be Widely Used to Combat AI-Powered Threats in Real-time
By 2025, the rise of AI-powered cyber threats will demand equally advanced AI-driven defences.
Threat actors are using AI to launch adaptive attacks like deepfake fraud, automated phishing, and adversarial machine learning, operating at a speed and scale beyond traditional defences.
Real-time AI solutions will be essential for detection and response.
Nation-state-backed advanced persistent threat (APT) groups and GenAI misuse are intensifying these challenges, exploiting vulnerabilities in critical infrastructure and supply chains. Mandatory reporting and threat intelligence sharing will strengthen AI defences, enabling real-time adaptation to emerging threats.
