Singapore is ahead of APAC in AI security budgets, but visibility gaps remain — Thales

Singapore organisations are spending more on AI-specific security than most of their Asia-Pacific peers, but the investment may not be keeping pace with the scale of the threat. Thales' 2026 Data Threat Report found that seven out of 10 organisations across APAC identify AI as their top data security risk, with credential theft remaining the leading attack technique against cloud infrastructure. The report also reveals that organisations in Singapore and Hong Kong are ahead of the APAC average when it comes to dedicated AI security budgets.

Thales' Andy Zollo, SVP for Application & Data Security in APJ, told iTNews Asia that the core problem isn't a lack of security tools — it's visibility and governance. AI systems are being deployed across enterprises with far fewer controls than those applied to human users, creating a structural vulnerability. With organisations managing an average of 89 SaaS applications, each integration point represents a potential entry path for attackers.

Why it matters for Singapore: The fact that Singapore leads APAC in AI security budgets is a positive signal, but budget alone doesn't close the vulnerability gap. As Singaporean enterprises and government agencies rapidly adopt AI tools, the structural weakness Thales identifies — AI systems operating with less oversight than human employees — is a risk that local CISOs need to address now, before attackers exploit it at scale.