With rapidly changing market conditions, organizations have broadened their perspectives, shed age-old practices, and embraced novelties to strengthen their market positions in 2024. What about 2025?
With the technological landscape evolving each year, enterprises are compelled to look into various aspects of their businesses and understand how technology is contributing to their overall growth. Businesses that don’t adopt digital technology run the risk of becoming obsolete as these technologies grow more integrated into daily operations.
We have identified six key priorities for 2025 that modern organizations in Southeast Asia should consider while navigating through the challenging digital landscape in order to remain competitive and resilient in a rapidly evolving environment.
For Southeast Asia’s digital economy to continue achieving double-digit growth in 2025 across gross merchandise value, organizations need to focus on the following priorities: scaling up AI usage, democratizing cybersecurity, implementing a distributed governance model for compliance, reengineering experiences, embracing sustainability, and focusing on outcome-driven IT.
For Southeast Asia’s digital economy to continue achieving double-digit growth in 2025 across gross merchandise value, organizations need to focus on the following priorities: scaling up AI usage, democratizing cybersecurity, implementing a distributed governance model for compliance, reengineering experiences, embracing sustainability, and focusing on outcome-driven IT.
1. Democratizing cybersecurity
According to pwc, “The number of mega breaches experienced by Asia Pacific organizations in the past three years has risen considerably: in 2023, 35% of organizations say they have experienced data breaches costing anywhere from US$1m to US$20m over the last three years.” This highlights how managing cyber risk at all levels of the workforce — and not restricting it to just the top organizational level — should be a priority for security leaders in 2025.
This involves the democratization of cybersecurity, which essentially makes everyone in an organization responsible for its defense. Organizations stand to benefit from proactive security management, increased cyber resilience, cost savings, increased efficiency, and innovation in security practices.
Organizations should ensure employees undergo dedicated continuous security engagement programs. Since the biggest challenge to democratizing security is poorly equipped employees and ill-defined processes, organizations should also ensure that employees only have limited access to self-service tools and services.
2. Distributed governance model for compliance
Multiple regulations and audits will soon force privacy and compliance leaders to implement a distributed compliance framework to ensure pervasive compliance. The general practice so far has been to entrust compliance to a central team; however, the job is intrinsic to every department within an organization.
The central compliance team is primarily responsible for program management. It should have a pulse of what’s happening in the industry and map the requirements evolving out of relevant regulations and standards. This central compliance team should keep leadership updated about the evolving landscape and macro challenges posed.
On the other hand, the execution of the compliance program should be broad, empowering business functions at all levels. Each team and business function should undergo training to understand risk management and use it consistently to address non-conformities flagged during audits as well as for root cause analysis of incidents.
3. Reengineering experiences
In any organization, customers and employees are regarded as the most valuable assets. Every single interaction they have, be it with either a human or a machine, is critical in shaping their overall experience. These experiences are crucial in determining the fate of an organization, making them a strategic priority for leadership.
Ease of use, availability, consistency, being proactive with changes, contactless digital experiences, and keeping the feedback loop open are some key user expectations that can’t be ignored. This approach involves reimagining and redesigning an organization’s existing technology architecture, which may have scalability and compatibility issues, to deliver better than before. It also includes leveraging emerging technologies such as AI, generating actionable insights from data analytics platforms, and customising workflows to enhance employee engagement and customer satisfaction.
A major challenge to reengineering includes context setting—the size of the enterprise and the productivity hit taken during the shift. Another challenge would be ensuring IT security while at the same time ensuring those measures don’t hinder or impact the user experience.
4. Outcome-driven IT
Modern-day enterprises are powered by IT, which now occupies a place at the top of the management table. Any failure that results in services being unavailable or disrupted can result in huge business implications. IT leaders will need to clearly demonstrate the value generated by their IT investments or risk shrinking budgets. That clarity can be gained by aligning IT with not only operational efficiency but also with business velocity and opportunity costs.
In 2025, CIOs need to focus closely on KPIs and metrics that provide a direct link to the business outcomes that depend on them. For instance, in the healthcare industry where there is a constant focus on safeguarding data and compliance management, metrics that track user behavior and anomalies, ensure continuous availability of critical assets, and give visibility into critical and high-risk vulnerabilities and incidents are most vital since they all affect business operations.
5. Scaling up AI usage
The past couple of years were significant for AI as a lot of enterprises ran pilots to harness its capabilities. As we approach 2025, enterprises will view AI integration from the lens of scaling up its usage and generating ROI.
It will also be a big year for AI in cybersecurity. With attacks becoming more sophisticated by leveraging AI, traditional cybersecurity measures may not be enough to defend against them. This is where investing in AI for defense becomes crucial. Investing in augmented AI is also becoming increasingly important as it can significantly enhance employee productivity. Additionally, we can expect to see more LLMs being utilized in the enterprise setting. These LLMs will be equipped with agents that can make real-time API calls and augment their generative capabilities.
To realize all this, it’s crucial for companies to have a solid data strategy in place. This includes streamlining relevant processes and ensuring that they are in sync with that strategy. CIOs must prioritize data sovereignty and data preparation—operating on encrypted data—to guarantee the success of AI implementation.
6. Embracing sustainability
Investments in GPUs are skyrocketing as they play a critical role in training deep learning models and supporting faster computing. However, their energy requirements, which are difficult to maintain and constitute massive carbon footprints, call for immediate intervention.
A sustainable outlook reduces the environmental damage inflicted by such advanced technologies, meets the demands of environmentally conscious customers, helps adhere to compliance standards, and improves efficiency, making it a key competitive differentiator and a strategic priority for organizations in 2025.
Organizations should conduct internal environmental audits, raise their investments to explore alternate energy sources, and gain carbon credits. This will empower enterprises to secure their business posture, gain competitive advantage, and enhance their operational efficiency in the ever-changing digital ecosystem.
By embracing and staying ahead of transformative technology changes, Southeast Asia’s enterprises will be able to drive business growth in a sustainable and secure manner in the next year and for years to come.
