Cybersecurity and AI threats outpacing readiness, study says

Fortinet Accelerate 2026 Asia-Pacific took place on May 19 in Hanoi

On May 19, global cybersecurity firm Fortinet announced the findings of a new study conducted by Forrester Consulting, revealing that organisations across the Asia-Pacific are struggling to keep pace as cybersecurity complexity and AI-driven threats are straining their current ability to respond effectively.

The study highlights cybersecurity risks driven by more advanced attackers and increasingly complex environments, and continued investment in cybersecurity and AI. The findings point to a clear shift towards simplifying security architectures, improving operational efficiency, and embedding AI into unified platforms.

Cyber risk is increasingly driven by both external threats and internal complexity. 75 per cent of organisations cite AI-driven threats as a top concern, while 71 per cent highlight fragmented tools and architectures and overwhelming alert volumes.

Security operations are under pressure, with 51 per cent of organisations reporting that alert volume makes it difficult to distinguish real threats, and 48 per cent still relying on manual workflows. And cybersecurity maturity remains constrained, with 68 per cent of organisations at an intermediate stage and only 16 per cent reaching advanced levels.

These findings highlight a clear shift, as complexity moves beyond an operational challenge to become a core driver of cyber risk.

"As organisations continue to accelerate digital transformation and AI adoption, many are re-evaluating how they manage security across increasingly distributed environments. We are seeing a stronger focus on simplifying operations, improving visibility across domains, and enabling security teams to operate more efficiently at scale," said Peerapong Jongvibool, senior director of Fortinet in Southeast Asia. "This is driving growing interest in integrated, platform-based approaches that can help organisations strengthen resilience while reducing operational complexity."

Complexity and threats

Organisations are accelerating their move towards unified, platform-based security architectures. While only 25 per cent operate a unified platform today, this is expected to rise to 51 per cent over the next 12-24 months. The shift is being driven by the need to reduce tool sprawl (58 per cent), improve integration (52 per cent), and manage growing hybrid complexity (49 per cent).

Despite these challenges, organisations continue to prioritise improving threat detection (40 per cent) and incident response (39 per cent), underscoring the growing gap between security expectations and operational reality. Future priorities reflect this transition, with organisations focusing on automation, improved visibility, and platform consolidation to enhance efficiency and scale operations.

However, challenges remain: 51 per cent cite migration cost and disruption as barriers, and 46 per cent remain uncertain about platform capabilities across domains.

Despite these concerns, organisations are expecting to see these benefits through consolidation. 90 per cent of organisations expect improvements in operational metrics, with over 60 per cent anticipating gains of at least 10 per cent in areas such as detection and response times, analyst productivity, and overall efficiency.

The findings suggest that platform-based security is becoming an increasingly important operational approach for organisations seeking to reduce complexity and improve efficiency.

Nguyen Gia Duc, country manager of Fortinet Vietnam, said customers today are dealing with increasingly complex environments, where fragmented tools, limited visibility, and growing alert volumes are making it harder to detect and respond to threats effectively. At the same time, they are looking to leverage AI to improve speed and efficiency, but often lack the integrated foundation to do so.

"At Fortinet, we are helping organisations simplify their security architecture and strengthen resilience through a unified, platform-based approach that brings together visibility, automation, and AI-driven intelligence," Duc said.

Readiness and integration lag

AI is emerging as both a growing threat vector and a critical enabler of defence. 89 per cent of organisations plan to increase AI budgets, with over half expecting double-digit growth. More than 60 per cent expect AI to improve detection accuracy, accelerate response, and strengthen overall security posture. Organisations also see AI as key to reducing complexity, with 58 per cent expecting consistent policy enforcement, 57 per cent centralised control, and 56 per cent reduced manual workflows.

However, readiness gaps persist: fragmented environments, limited automation, and lack of unified data are hindering effective AI adoption. Many organisations are still building the foundational capabilities required to operationalise AI at scale. This underscores that realising AI’s potential in security operations depends heavily on having integrated environments and unified data foundations in place.

Kelvin Chua, senior regional director of Systems Engineering at Fortinet Southeast Asia said,"Organisations are placing significant expectations on AI to transform security operations, from improving detection to accelerating response. However, AI can only deliver meaningful outcomes when it is built on an integrated foundation. Without unified visibility and connected data across environments, AI risks amplifying complexity rather than reducing it. Integration is what enables AI to operate at scale and deliver real security impact."

This study was commissioned by Fortinet. To create this profile, Forrester Consulting supplemented the research with custom survey questions asked of 585 Asia-Pacific decision-makers and influencers of their organisation’s cybersecurity solutions.

Foreign firms in Vietnam squeezed by cyber threats and stricter data rules As Vietnam tightens its legal framework on data protection and cyber threats grow more sophisticated, foreign-invested enterprises (FIEs) are facing mounting pressure on two fronts: safeguarding critical data and complying with increasingly stringent regulations.

Digital future for SMEs: no transformation without cybersecurity shield As digital transformation becomes a matter of survival for businesses, a forum held in Hanoi on April 15 underscored that digital growth cannot be achieved without robust cybersecurity, data protection and resilience in the online environment.

ASEAN Foundation launches plan to combat online scams The ASEAN Foundation has launched Scam Ready ASEAN, a regional initiative aimed at strengthening prevention against online scams across Southeast Asia.