Get the report: How to Achieve CIO-CEO Alignment in the Era of AI

close
magnifying glass
Get Started
magnifying glass
chevron
Support Language
close
Your Network of Tomorrow
Your Network of Tomorrow
Plan your path toward a faster, more secure, and more resilient network designed for the applications and users that you support.
chevron Get the white paper
Experience Netskope
Get Hands-on With the Netskope Platform
Here's your chance to experience the Netskope One single-cloud platform first-hand. Sign up for self-paced, hands-on labs, join us for monthly live product demos, take a free test drive of Netskope Private Access, or join us for a live, instructor-led workshops.
chevron Experience Netskope
A Leader in SSE. Now a Leader in Single-Vendor SASE.
Netskope is recognized as a Leader Furthest in Vision for both SSE and SASE Platforms
2X a Leader in the GartnerĀ® Magic Quadrant for SASE Platforms
One unified platform built for your journey
chevron Get the report
Securing Generative AI for Dummies
Securing Generative AI for Dummies
Learn how your organization can balance the innovative potential of generative AI with robust data security practices.
chevron Get the eBook
Modern data loss prevention (DLP) for Dummies eBook
Modern Data Loss Prevention (DLP) for Dummies
Get tips and tricks for transitioning to a cloud-delivered DLP.
chevron Get the eBook
Modern SD-WAN for SASE Dummies Book
Modern SD-WAN for SASE Dummies
Stop playing catch up with your networking architecture
chevron Get the eBook
Understanding where the risk lies
Advanced Analytics transforms the way security operations teams apply data-driven insights to implement better policies. With Advanced Analytics, you can identify trends, zero in on areas of concern and use the data to take action.
chevron Watch the demo
The 6 Most Compelling Use Cases for Complete Legacy VPN Replacement
The 6 Most Compelling Use Cases for Complete Legacy VPN Replacement
Netskope One Private Access is the only solution that allows you to retire your VPN for good.
chevron Get the eBook
Colgate-Palmolive Safeguards its "Intellectual Propertyā€ with Smart and Adaptable Data Protection
Colgate-Palmolive Safeguards its "Intellectual Propertyā€ with Smart and Adaptable Data Protection
chevron Read the case study
Netskope GovCloud
Netskope achieves FedRAMP High Authorization
Choose Netskope GovCloud to accelerate your agencyā€™s transformation.
chevron Learn about Netskope GovCloud
Netskope Technical Support
Netskope Technical Support
Our qualified support engineers are located worldwide and have diverse backgrounds in cloud security, networking, virtualization, content delivery, and software development, ensuring timely and quality technical assistance
chevron Technical Support
Netskope video
Netskope Training
Netskope training will help you become a cloud security expert. We are here to help you secure your digital transformation journey and make the most of your cloud, web, and private applications.
chevron Explore Netskope Training
""
Achieve Business Value with Netskope One SSE
Netskope One Security Service Edge (SSE) enables enterprises to achieve considerable business value by consolidating business critical security services within the Netskope One platform
chevron Get the study
Let's do great things together
""
Netskopeā€™s partner-centric go-to-market strategy enables our partners to maximize their growth and profitability while transforming enterprise security.
chevron Netskope Partners
Threat Labs Report

Threat Labs Report: Asia 2025

This report analyzes the primary cybersecurity risk trends impacting organizations within the Asia region. It addresses the increasing adoption of generative AI (genAI) tools and their associated data security challenges. Furthermore, it highlights the growing number of data policy violations, where sensitive information is increasingly being leaked through unauthorized cloud services, personal applications, and genAI platforms.

Share via Tags
Cloud Security Generative AI Threat Labs Reports
Change the language
DeutschEnglishEspaƱolFranƧaisPortuguĆŖsę—„ęœ¬čŖž

Jump to a section

In This Report GenAI usage
GenAI: Adoption and usage trends GenAI: App usage and data policy violation
Agentic AI adoption
Rise of enterprise genAI platform Rising use of genAI APIs outside the browser
Malware downloads
Malware distribution via cloud apps
Cloud apps usage
Personal apps activity Data policy violations in personal applications Addressing personal app data violations
Recommendations Netskope Threat Labs About This Report
11 min read

In This Report link link

This report explores recent trends in the adoption and governance of generative AI applications, enterprise AI platforms, API usage, cloud app activity, and data policy violations across 37 Asia countries, including India, Japan, Singapore, Indonesia and Malaysia. It highlights how organizations are balancing rapid innovation with the need for stronger data protection, compliance, and risk management controls.

  • GenAI usage: Adoption of genAI across Asia is accelerating, with 93% of organizations now using genAI applications. Personal genAI usage remained steady through 2024 before declining sharply in 2025, as organizations shifted toward approved enterprise genAI solutions that offer better data security and compliance.
  • Agentic AI: As AI adoption matures, organizations are moving beyond basic genAI tools toward Agentic AI platforms that can autonomously perform tasks, make decisions, and integrate with enterprise systems. This shift from SaaS-based tools to enterprise-grade solutions with private model hosting provides greater control, data governance, and operational efficiency.
  • GenAI APIs: Integration of genAI APIs beyond the browser is expanding rapidly. 57% of organizations in Asia connect to api.openai.com, followed by api.assemblyai.com (32%) and api.anthropic.com (24%), underscoring the rise of embedded AI services within enterprise workflows and backend systems.
  • Malware distribution: Attackers are exploiting trusted cloud platforms to deliver malware. Microsoft OneDrive, GitHub, and Google Drive are the most common sources, reflecting the risks of malicious content hosted on legitimate services.
  • Cloud app usage: Personal cloud applications remain widely used in workplace environments, blurring the line between personal and corporate data management. LinkedIn, ChatGPT, and Google Drive are the most commonly used personal apps across Asia.
  • Data policy violations: Analysis shows that regulated data (44%), source code (33%), and intellectual property (14%) account for most policy violations in personal apps. These findings highlight the persistent challenge of safeguarding sensitive and proprietary data in unapproved environments.

 

GenAI usage link link

GenAI: Adoption and usage trends

GenAI adoption is rapidly accelerating across Asia, with 93% of organizations now using genAI applications, up from 84% just a year ago. In the region, 98% of organizations use tools that incorporate genAI-powered features, and 98% rely on applications that leverage user data for training. Overall, 92% of organizations in Asia have adopted genAI apps directly, placing regional adoption slightly above global trends, where 90% of organizations have embraced cloud-based genAI solutions.

Chart showing the percentage of organizations using genAI apps in Asia

While overall adoption has grown, the use of personal genAI accounts remained largely consistent at around 79% through December 2024, before showing a sharp decline from January 2025 onward, declining to 35% by September 2025. In contrast, adoption of organization-approved genAI solutions rose significantly during the same period, increasing from 17% to 55%. This is a very promising trend, showing that most organizations have been successful in migrating users away from personal genAI apps where the organization has little control over data security, to enterprise genAI solutions that provide more robust controls and auditing capabilities. Organizations that have not yet made the switch should look to this trend as inspiration to prioritize secure, enterprise-grade genAI solutions that enable innovation while ensuring compliance and reducing the risk.

Chart showing genAI usage personal vs organization account breakdown in Asia

In Asia, the top 10 most widely used genAI applications closely reflect global adoption patterns. ChatGPT leads the list, used by 75% of organizations, while Google Gemini follows closely at 74%, making the two platforms nearly equal in popularity across the region. Microsoft Copilot has been adopted by 50% of organizations, with Microsoft 365 Copilot at 47%, underscoring rising demand for genAI solutions integrated directly into productivity platforms. The remainder of the top 10 is made up of a diverse mix of domain-specific applications and embedded AI tools tailored to business needs and regional use cases.

Chart of most popular genAI apps based on the percentage of organizations using those apps in Asia

The chart below illustrates how the popularity of the top 10 genAI applications has evolved across Asia over the past year, highlighting the rapid pace of change in the regional landscape. ChatGPT usage has remained largely constant, maintaining its position as the most widely used app. In contrast, Google Gemini has shown strong momentum, rising from 45% in September 2024 to 74% by September 2025, reflecting accelerating adoption across the region. Both Microsoft Copilot and Microsoft 365 Copilot recorded notable growth beginning between late 2024 and early 2025, driven by their integration into widely used productivity platforms. Notably, Grok has entered the top 10 for the first time, signaling the emergence of new competitors in Asiaā€™s genAI ecosystem.

Chart showing the most popular apps by percentage of organizations in Asia

 

GenAI: App usage and data policy violation

As genAI adoption accelerates across enterprises in Asia, the risks tied to data exposure are becoming a critical concern. Organizations in the region are increasingly relying on genAI tools for tasks such as summarizing large documents, generating content, and streamlining software development workflows. However, these use cases require users to share potentially sensitive data with genAI applications, expanding the surface for data security threats.

Data security remains a pressing issue as genAI becomes embedded in daily business operations, with risks around data loss growing in relevance. The rise of shadow AI further compounds the challenge, as employees continue to adopt tools outside of official approval channels. Security teams can’t secure what they do not see, and as AI usage becomes increasingly sophisticated and widespread, it is critical that they prioritize gaining visibility of individuals experimenting with AI within their organization to ensure sensitive data is not exposed through these deployments and usage.

Analysis of recent data policy violations shows that the most common type of sensitive information exposed to genAI apps in Asia is source code, accounting for 62% of all incidents. Regulated data makes up 18% of violations, while intellectual property represents 14%. Other exposures, including passwords and API keys, are also present, though their frequency is lower than the global trend.

Chart showing the type of data policy violations for genAI apps in Asia

Organizations across Asia are taking a cautious approach to genAI tools, with many blocking specific applications due to security, privacy, or compliance concerns. While policies vary by company, some apps are restricted far more often than others, highlighting where organizations see the greatest risks. If any of the apps listed below are present in your environment, consider reviewing their usage and assessing whether applying restrictions at the category level may offer stronger protection than managing each tool individually

In the region, DeepSeek tops the list of most blocked genAI applications, with 46% of organizations restricting access. Concerns primarily center on transparency and the risks tied to rapidly emerging genAI platforms. ZeroGPT follows closely at 43%, primarily due to the way it handles user data, including storing submitted content and reports of redirecting information to third-party websites.

These patterns suggest that organizations in Asia are not only reacting to risks tied to specific applications, but also reinforcing their broader strategies for managing genAI within established risk and compliance frameworks.

Chart showing the most blocked genAI apps by percentage of organizations enacting a blanket ban on the app in Asia

 

Agentic AI adoption link link

Rise of enterprise genAI platform

As genAI adoption matures across Asia, organizations are increasingly shifting their focus from SaaS-based tools to more flexible and privacy-conscious enterprise genAI platforms. Unlike SaaS genAI apps, which gained traction for their ease of use and quick deployment, these platforms provide greater control by allowing businesses to host models privately and integrate them within their own infrastructure. They also support the development of custom applications and AI agents tailored to specific business needs.

Currently, 46% of organizations in Asia are using at least one of the three major genAI platforms, while 25% are using at least two, and 6% are using all three. This shift is being driven in large part by the accessibility of genAI services through major cloud providers. OpenAIā€™s services via Azure and Amazon Bedrock lead the market, each adopted by 31% of organizations, while Google Vertex AI follows with 14%. Adoption rates in Asia are slightly higher than global averages, reflecting a strong regional appetite for enterprise-grade genAI solutions and significant potential for further expansion.

Chart showing the cloud AI framework adoption by percentage of organizations in Asia

 

Rising use of genAI APIs outside the browser

Even when AI agents and applications are deployed on-premises, the underlying models are often hosted in the cloud, including through SaaS or enterprise genAI platforms. These agents and apps typically connect to dedicated API endpoints rather than browser-based interfaces. For example, interactions with OpenAI in a browser occur through chatgpt.com, while programmatic access for custom tools, internal workflows, or AI agents typically routes through api.openai.com.

Currently, 57% of organizations in Asia are connecting to api.openai.com, underscoring OpenAIā€™s strong lead in non-browser (native app or agent) genAI usage. Other widely used genAI APIs include api.assemblyai.com (32%) and api.antrhopic.com (24%), reflecting a broader trend toward embedding SaaS AI services directly into backend processes and enterprise workflows.

Cart showing the top 10 SaaS AI API domains by percentage of organizations in Asia

 

Malware downloads link link

Malware distribution via cloud apps

Attackers are increasingly exploiting trusted cloud platforms to distribute malware, taking advantage of the fact that users are more likely to interact with files hosted on familiar services. Microsoft OneDrive is now the most commonly exploited platform for malware distribution, with 11% of organizations in Asia detecting malware downloads from it each month. GitHub follows closely at 10%, driven by its popularity among developers and its role in hosting open-source tools that attackers can repurpose. Google Drive ranks third at 7.4%, reflecting its widespread use across enterprises and individuals alike. While these cloud providers actively detect and remove malicious content, the brief period before detection often provides attackers with a sufficient window of opportunity to execute their campaigns.

Chart showing top apps for malware downloads in Asia

 

Cloud apps usage link link

Personal apps activity

Across Asia, the extensive use of personal cloud applications in workplace environments continues to blur the boundary between corporate and personal data management. LinkedIn remains the most commonly used personal app, present in 84% of monitored environments, followed closely by personal ChatGPT and Google Drive, each at 82%. While much of this activity stems from legitimate intentions, such as staying connected, boosting productivity, or simplifying collaboration, it still introduces data security risks, particularly when sensitive information is involved. From personal genAI accounts to widely used collaboration tools, these apps continue to represent potential points of data exposure, especially when used for sharing outside approved corporate channels or by employees leaving an organization.

Chart showing the top apps for upstream activities to personal apps in Asia

Data policy violations in personal applications

Across Asia, instances of employees attempting to share sensitive data via personal cloud applications are regularly observed. Analysis of such incidents shows that regulated data, including personal, financial, and healthcare information, accounts for 44% of all data policy violations. Source code follows at 33%, reflecting the ongoing risk of developers or technical staff inadvertently or purposefully uploading sensitive business assets to personal cloud services. Intellectual property represents 14% of violations, underscoring the exposure of proprietary data outside approved environments.

These findings highlight the growing challenge of safeguarding commercially sensitive information in unapproved or unmanaged applications.

Chart showing data policy violations for personal apps in Asia

Addressing personal app data violations

In order to reduce the risk of data leaks through personal cloud applications, organizations in Asia are actively deploying a range of tools and controls. Enhancing employee awareness, and strengthening and enforcing clear data-handling policies are essential steps to maintain compliance and reduce insider and external data exposure risks.These measures include blocking all uploads to personal apps, implementing real-time user coaching to guide safer decision-making, and using data loss prevention (DLP) technologies to stop sensitive information from being uploaded to unmanaged services. Personal Google Drive is the most common focus of such controls, which are used in 40% of organizations in the region. ChatGPT follows at 26%, while personal Gmail accounts are restricted by 25% of organizations. These deployments reflect ongoing efforts across Asia to curb unauthorized data movement and strengthen safeguards against data exposure related to the use of personal accounts.

Chart showing the top apps for upstream blocks in personal apps in Asia

 

Recommendations link link

With the growing use of genAI tools, both managed and personal, and the misuse of personal cloud apps, it is essential to strengthen visibility, refine policies, and prioritize proactive defenses to protect your organization in this fast-changing threat landscape.

Based on the trends uncovered in this report, Netskope Threat Labs strongly encourages organizations across the Asia region to take a fresh look at their overall security posture:

  • Inspect all HTTP and HTTPS downloads, including all web and cloud traffic, to prevent malware from infiltrating your network. Netskope customers can configure theirĀ Netskope One NG-SWG with a threat protection policy that applies to downloads from all categories and applies to all file types.
  • Block access to apps that do not serve any legitimate business purpose or that pose a disproportionate risk to the organization. A good starting point is a policy to allow reputable apps currently in use while blocking all others.
  • Use DLP policies to detect potentially sensitive information, including source code, regulated data, passwords and keys, intellectual property, and encrypted data, being sent to personal app instances, genAI apps, or other unauthorized locations.
  • Use Remote Browser Isolation (RBI) technology to provide additional protection when there is a need to visit websites that fall into categories that can present a higher risk, like newly observed and newly registered domains.

 

Netskope Threat Labs link link

Staffed by the industry’s foremost cloud threat and malware researchers, Netskope Threat Labs discovers, analyzes, and designs defenses against the latest cloud threats affecting enterprises. Our researchers are regular presenters and volunteers at top security conferences, including DefCon, BlackHat, and RSA.

About This Report link link

Netskope provides threat protection to millions of users worldwide. Information presented in this report is based on anonymized usage data collected by the Netskope One platform relating to a subset of Netskope customers based in Asia, and with prior authorization.

The statistics in this report are based on the period from September 1, 2024, through September 30, 2025. Stats reflect attacker tactics, user behavior, and organization policy.

Related resources

Results