APAC Threat Intelligence Latest Insights: 79% of Enterprises to Increase Investment in Threat Intelligence

BEIJING, Nov. 10, 2025 /PRNewswire/ -- As a professional media outlet focused on innovative services within the data intelligence industry, DataYuan consistently tracks the deep integration of new technologies like AI and cloud computing with data applications. With the widespread application of AI Agentic technology in attack and defense, the Asia-Pacific cybersecurity market has presented some new features and trends. Based on continuous observation of the Asia-Pacific cybersecurity market, DataYuan has released this in-depth report, aiming to analyze the development trends, core challenges, and future landscape of the crucial domain of threat intelligence.

The confluence of the digital wave and geopolitical complexities is creating an unprecedentedly complex cybersecurity landscape in the Asia-Pacific (APAC) region, prompting enterprises to significantly boost their investment in threat intelligence (TI).

According to the latest APAC Threat Intelligence Trends Report from consulting firm Forrester, a striking 79% of senior security decision-makers in the region indicate they will increase their TI budget in 2026, a proportion that surpasses both Europe and North America.

Drivers and Challenges: The Dual Engines of APAC Threat Intelligence Development

As the cornerstone of security operations, threat intelligence is driving organizations to shift from reactive incident response towards proactive threat hunting and in-depth analysis of adversary tactics, techniques, and procedures (TTPs). The increased investment by APAC enterprises in TI capabilities is primarily fueled by the following core drivers:

Addressing the Complex and Escalating Threat Landscape: Faced with AI-generated deepfakes, evasive malware, and precise attacks launched by Advanced Persistent Threat (APT) groups targeting specific industries and regions, enterprises require TI to gain insights into emerging attack vectors, understand attacker tactics, and enable proactive threat defense.

Accessing Industry- and Language-Specific Intelligence: The APAC region is characterized by linguistic diversity and unique industry-specific threats. Government sectors confront APTs, financial institutions must focus on combating fraud and phishing, and the retail industry needs to guard against account takeover and brand impersonation. This dynamic makes vendors who can offer localized intelligence, possess deep industry knowledge, and provide contextualized, actionable insights highly sought after.

Enhancing Security Operations Efficiency through Automation: Against the backdrop of a cybersecurity talent shortage, integrating threat intelligence with SOAR (Security Orchestration, Automation, and Response) platforms helps accelerate alert analysis, reduce false positives, and allow security teams to focus on higher-priority threats.

Meeting Compliance and Risk Management Requirements: Facing varied and increasingly stringent regulations such as Singapore's Cybersecurity Act and Australia's Notifiable Data Breaches Scheme, threat intelligence has become a critical capability for highly regulated industries like finance, energy, and telecom by assisting with threat monitoring, incident reporting, and compliance alignment.

However, APAC's embrace of threat intelligence also faces significant challenges. These include a shortage of cybersecurity talent and skills hindering the operationalization of intelligence; cost constraints and an unclear Return on Investment (ROI) influencing investment decisions; and the complexity and integration obstacles of solutions slowing down the adoption rate.

Focus on China: Market Structure Clear, Steady Development Ahead

Within the flourishing APAC threat intelligence landscape, the Chinese market presents a unique development trajectory and immense potential. According to iResearch's 2024 China Threat Intelligence Industry Development Research Report, the market size for threat intelligence in China reached RMB 1.61 billion in 2024, marking a marginal year-on-year decrease of 0.9%, yet future growth momentum is clearly building.

The factors driving the Chinese TI market into a period of steady development are evident at both the macro and micro levels:

Macro-Level: China's proactive macro-control policies and increasing emphasis on cybersecurity encourage enterprises to escalate investment in practical capabilities such as threat intelligence. Geopolitical uncertainties also reinforce this demand.

Micro-Demand Side: The fact that Generative AI is lowering the barrier to entry for attacks, coupled with the rampancy of new attack methods and ransomware, compels enterprises to rely on the latest threat intelligence to bolster their detection and protection capabilities.

Micro-Supply Side: The integration of threat intelligence with various security products continues to deepen, leading to its deployment across network, endpoint, and integrated defense solutions, highlighting its growing importance as an advanced cybersecurity capability.

In terms of market structure, China's threat intelligence industry has evolved into a "low-concentration oligopoly" dominated by leading vendors. According to an iResearch report, in 2024, ThreatBook ranked first in China's threat intelligence market with a 17.4% market share. Tencent Security and QAX ranked second and third, respectively, each trailing ThreatBook by less than 10%. Overall, competition in China's threat intelligence market remains relatively intense.

Currently, Chinese vendors are actively integrating new technologies such as large AI models and big data open-source components into their TI products and exploring the convergence of intelligence capabilities with other security products and business models. Therefore, active competition and innovation will be the dominant themes in the future of China's threat intelligence market.

Future Outlook: Deep Integration of Threat Intelligence and Large Models

The emergence of large models (LMs) has brought a new wave of transformation opportunities to the threat intelligence industry. Their advanced capabilities in Natural Language Processing (NLP) and knowledge synthesis are empowering various stages of TI production and operation. This is expected to significantly boost the productivity of security professionals, lower the application threshold, and enable TI to support more roles across a wider range of scenarios.

While most applications currently remain in the Proof-of-Concept (PoC) phase, future breakthroughs in industry adaptation, deployment efficiency, and performance optimization will further enhance vendor competitiveness. This will ultimately propel the APAC threat intelligence market, driven by both supply and demand, toward a more mature and intelligent new stage of development.

SOURCE DataYuan