AI-specific security has rapidly emerged as a top enterprise priority, ranking second only to cloud security, in Singapore and across the Asia-Pacific region, according to Thales.
Thales tapped S&P Global Market Intelligence 451 Research to conduct a research that covered nearly 3,200 respondents in 20 countries across a variety of seniority levels.
Findings from Singapore show that nearly half (49%) of Singapore respondents said they are prioritizing AI security investments over other security needs, signaling a shift in how organizations are allocating budgets in response to the accelerated adoption of AI.
However, only 37% of APAC respondents said they are making AI security investments as their top security spending priority. This which indicates that while AI security is a significant concern across the region, most organizations are balancing it alongside other established security investments, even as Singapore is generally more advanced in recognizing and responding to AI-related security risks.
Cloud is now an essential part of modern enterprise infrastructure, but many organizations are still building the skills and strategies needed to secure it effectively.
The variability of controls across cloud providers, combined with the distinct mindset required for cloud security, continues to challenge security teams.
This pressure is only increasing as AI initiatives drive more sensitive data into cloud environments, amplifying the need for robust, adaptable protections.
This year’s Thales Cloud Security Study confirms that cloud security remains a top concern for enterprises in Asia Pacific, and globally. Cloud security emerged as a top priority for organizations across the region.
In Singapore, 60% of respondents ranked cloud security among their top five security priorities, with 18% identifying it as their highest priority. This closely mirrors the broader APAC trend, where 60% of respondents also placed cloud security in their top five priorities and 15% ranked it as their number one concern.
Meanwhile, AI security—a new addition to this year’s spending priorities—was ranked by 40% of Singapore respondents in their top 3 pressing security disciplines, significantly behind the 59% average for APAC respondents.
Despite this regional difference, the inclusion of AI security as a new spending category underscores its rapidly growing importance across the region. Despite sustained investment, cloud security remains a complex, persistent challenge that goes beyond technology to include staffing, operations, and the evolving threat landscape.
The average number of public cloud providers per organization has risen to 2.1 in Singapore and in APAC, with most also maintaining on-prem infrastructure. This growing complexity is driving security challenges with 69% of Singaporean respondents reporting that cloud is harder to secure than on-prem, versus only 58% in APAC.
As organizations expand through growth or M&A, they’re also seeing a surge in SaaS usage, now averaging 77 applications per enterprise in Singapore, and 81 applications per enterprise in APAC, complicating access control and data visibility.
This complexity extends to security operations, with many teams struggling to align policies across varied platforms. The study found that 49% of Singaporean organizations use five or more tools for data discovery, monitoring, or classification, and 57% use five or more encryption key managers.
Comparatively, 58% of APAC organizations use five or more tools for data discovery, monitoring, or classification, and 55% use five or more encryption key managers.
Cloud-based assets face significant threat exposure, with three of the Top 5 most targeted assets in reported attacks being cloud-based across both Singapore and the broader APAC region. A quarter (25%) of Singapore respondents saw an increase in user credential attacks such as password stuffing, compared to 19% for APAC overall. This underscore growing concerns around stolen credentials and insufficient access controls.
Meanwhile, 88% of Singaporean organizations and 85% of APAC organizations say at least 40% of their cloud data is sensitive, yet only 76% in Singapore have implemented multifactor authentication (MFA), while APAC organizations lag further behind at just 66%, leaving critical data exposed.
Compounding the issue, human error remains a major contributing factor in cloud security incidents, from misconfigurations to poor credential management.
