APAC organizations are now entering a new phase of Gen AI adoption, moving beyond experimentation to leveraging the technology to drive business value. How does cloud resiliency keep pace?
The growing shift toward leveraging AI for business value comes with urgent security challenges — from ransomware to a lack of visibility across distributed systems.
While organizations have three key priorities as they scale the use of Gen AI – cloud resilience, security of their Gen AI applications, and managing costs while scaling their security operations – how can hyperscalers and cloud solution providers help?
CybersecAsia.net talked to Bryce Boland, Head of Security Solution Architecture, APJ, Amazon Web Services, about the challenges, priorities and solutions:
How has the security threat landscape changed with the growing adoption of Gen AI across APAC? What are some best practices for scaling security operations cost-efficiently as Gen AI adoption grows?
Boland: Rapid innovation in AI is driving a shift from exploration to real-world application for organizations in Asia Pacific (APAC), with Gartner predicting that 33% of enterprise software apps will include agentic AI by 2028.
As companies continue to drive business value with Gen AI, they are also managing larger volumes of sensitive data and new integration points between systems. Securing these Gen AI workloads at scale remains a key concern for many organizations.
Bad actors are attempting to exploit Gen AI to their advantage, such as by more convincing phishing lures and deepfakes, but it’s important to understand that the same security principles that have applied before are just as relevant today.
It’s also important to note that security teams are also utilizing Gen AI to strengthen their security posture. At AWS, we recommend some of the following best practices for security teams:
- First, organizations need clear visibility of their security posture, including their identity infrastructure and access activity. They need to know where their data resides, how it’s being accessed, and what risks exist across their environment. A unified view allows them to identify issues and act swiftly to resolve them, before they escalate.
- Second, this visibility can be complemented with automation for time-consuming tasks such as compliance checks, threat detection and low-level remediation. By automating these processes, security teams can focus on higher-value work and respond to emerging threats faster and more consistently.
- Ultimately, by building their Gen AI workloads on a secure and resilient foundation like AWS, organizations set themselves up for long-term success – with resilience at the core of everything designed, including cloud infrastructure.
We continuously innovate to ensure we deliver the most reliable and secure platform for our customers across APAC. This foundation is what has helped millions of our customers develop their Gen AI solutions on the cloud already.
What are the most urgent security challenges APAC organizations face as they move beyond experimentation to scaled deployment of Gen AI? How can they simplify cloud security at scale, particularly to protect Gen AI workloads from emerging threats?
Boland: As organizations start scaling their Gen AI innovations, three key security priorities have emerged:
- A strong emphasis on resilience to ensure that data and applications remain secure and available.
Companies need to ensure that as they scale up their Gen AI workloads, they keep maintaining availability and recovery readiness in mind. This is why millions of customers choose AWS as the right place to build, migrate and manage their applications and workloads on cloud infrastructures with proven resilience, security, and high availability.
For example, AWS completely re-imagined virtualization infrastructure with the AWS Nitro System, the foundation for all of our modern EC2 instances. Nitro offloads networking and storage virtualization from the main server to AWS-designed hardware delivering bare-metal performance, all while providing an unparalleled layer of security and isolation for customer workloads. - As cloud operations scale, there is a growing need for solutions that strengthen their security posture without adding operational complexity or cost.
Identity and access underpin every aspect of cloud security, yet many are finding it increasingly challenging to manage across complex environments. They are seeking ways to enable their security teams to be more efficient and focus resources on higher-value work.
For instance, AWS Security Hub, now in preview, streamlines security operations by providing customers with a unified view of their organization’s security posture, making it easier to identify and remedy active threats and vulnerabilities. At re:Inforce, we also announced a preview of AWS Shield Network Security Director, which gives customers end-to-end visibility into their network topology and helps identify potential gaps or misconfigurations. - As AI models move into production, businesses are seeking the confidence that their security foundations can keep pace with innovation.
This means adopting solutions that can scale with the business while maintaining strong protection for Gen AI workloads across the entire tech stack and against AI-powered threats. At AWS, we continue to lead on security innovations that our customers need.
For example, we extended Amazon GuardDuty’s Extended Threat Detection coverage to monitor Amazon Elastic Kubernetes Services (Amazon EKS) containers for advanced threats. We enhanced Amazon Inspector Code Security to make it easier for developers to identify and fix vulnerabilities early in the build process.
Together, these innovations allow us to better support customers across APAC, giving them the tools and visibility to scale securely and confidently as they grow their Gen AI capabilities.
How are different industries in APAC — like financial services and digital-native services — approaching the security challenges of Gen AI?
Boland: Across APAC, the adoption of Gen AI is reshaping how industries think about security, driving new improvements to risk management, data protection, and governance.
In financial services, the focus is on trust and data protection. These organizations operate in a highly regulated environment and must ensure that their systems and customer data remain secure as they modernize and scale.
For example, we worked closely with Singlife, a leading financial services company in Singapore, to securely migrate its entire business to the cloud over 18 months, with zero downtime and zero security incidents. We also helped them to establish more than 150 security checks and managed guardrails to safeguard sensitive financial data and maintain full regulatory compliance.
Meanwhile, digital-native services are prioritizing speed and scalability while ensuring security is embedded from the start. A good example is Grab, a superapp in ASEAN, who has been on their Gen AI journey with AWS since 2023. To ensure customer trust and uphold strong security standards, Grab implemented Amazon Bedrock Guardrails, which implements essential safeguards across model, prompt and application levels, to streamline and standardize protections for its Gen AI applications. As of May 2025, the company is using these guardrails across all their critical production systems.
