Against this backdrop, private AI is a new operating reality – one where enterprises must harness AI safely, securely and responsibly, while satisfying boards’ expectations for costs, accountability, regulatory compliance and risk oversight.
Across Asia Pacific, data sovereignty is shifting from a technical consideration to a strategic business priority. As organisations accelerate AI adoption, regulators, customers and boards are deep-diving into issues such as where sensitive data lives, who controls it, and how AI can be deployed at scale without diluting accountability for increasing regulatory, reputational and operational risk.
The International Data Corp notes that only 7% of enterprises in Asia Pacific are highly prepared in terms of governance, risk and compliance (GRC) capabilities to support new AI and data regulations. At the same time, governments across the region are tightening sovereign AI and data localisation requirements, with Vietnam as the first country in Southeast Asia to pass a formal AI law in December 2025. Organisations are now pressured to rethink cloud strategies and reassess how AI models are trained, deployed and monitored. They can no longer rely solely on globally distributed, opaque AI environments, as visibility, control, and accountability over data, models, and infrastructure become imperative.
