Global Cybersecurity Outlook 2026 Regional Analysis East Asia and Pacific

Geopolitics –In East Asia and Pacific, only 64% report adapting their cybersecurity strategy in response to geopolitical developments, a proportion slightly lower than the average of the other regions (66%). –Nevertheless, geopolitically motivated cyberattacks remain the leading factor shaping cyber-risk mitigation strategies in the region, with 62% of organizations stating that they actively consider it in their approach. –With regard to critical infrastructure, 47% of organizations express confidence in their country’s ability to respond to a major cyber incident affecting critical infrastructure, which is the second-largest percentage after the Middle East and North Africa (84%). Rank Which cyber risks concern you most for your organization? Exploitation of software vulnerabilities Ransomware attack AI vulnerabilities –Additionally, 79% of organizations in the region report an increase in cyber-enabled fraud and phishing attacks, along with AI-related vulnerabilities (79%). Resilience –In East Asia and Pacific, 16% of organizations rate their cyber resilience as insufficient, while 18% assess it as exceeding their requirements. Most of the organizations (66%) rate their cyber resilience as meeting minimum requirements, in line with global levels (64%).Has your organization’s cybersecurity strategy evolved because of geopolitical volatility? How confident are you in the preparedness of the country in which you are based to respond to major cyber incidents targeting critical infrastructure?East Asia and PacificSouth Asia Europe and Central Asia Sub-Saharan Africa Latin America and the CaribbeanNorth America Yes No64%74% 26%24% 70% 30%Middle East and North Africa 76% 71% 29% 59% 41%62% 38%36% East Asia and Pacific South AsiaEurope and Central AsiaMiddle East and North Africa Sub-Saharan Africa Latin America and the CaribbeanNorth America Neutral Confident Not confident84% 47% 26% 27% 40% 25% 35% 40% 19% 40% 38% 32% 30% 37% 39% 24% 13% 38% 49%11% 4%Cybercrime –The GCO 2026 survey reveals that the exploitation of software vulnerabilities and ransomware attacks are the top two cyber risk concerns in the region. How would you rate your organization’s cyber resilience? Our cyber resilience is insufficientOur cyber resilience meets minimum requirementsOur cyber resilience exceeds our requirements16% 66%18%1 2 3 –The top three challenges to achieving cyber resilience in East Asia and Pacific are: 1. Rapidly evolving threat landscape and emerging technologies (62%) 2. Third-party and supply chain vulnerabilities (48%) 3. Cybersecurity skills and expertise shortage (44%) –Encouragingly, 92% report active engagement from their board in cybersecurity, in line with the global average of 93%.