Grok AI curbs in Southeast Asia expose gaps in AI governance, security executive says

Recent scrutiny and restrictions placed on Grok AI in parts of Southeast Asia point to gaps in governance rather than a rejection of artificial intelligence, a cybersecurity executive said, as regulators in the region assess the social and security risks posed by generative AI tools.

Takanori Nishiyama, senior vice president for Asia-Pacific and Japan at Keeper Security, said actions taken or considered by authorities in countries including Indonesia, Malaysia and the Philippines reflected growing concern over how AI systems are deployed and controlled.

He said AI tools increasingly act autonomously, process sensitive data and interact with critical operational systems, making them comparable to a new class of digital identity that often operates beyond traditional security and oversight frameworks.

Advertisement

‹

EVENT

VeeamON 2026 Tour India - Delhi

A VeeamON 2026 India Leadership Series Delhi for senior public sector and government technology leaders.

📅 Fri, 19 Jun 2026

📍 Shangri-La Eros

Register Now →

EVENT

Infosec Reimagined

Infosec Reimagined 2026 is the premier information security summit where top leaders—CISOs, CROs, CIOs, CTOs and risk executives—converge to redefine cyber resilience.

📅 Fri, 26 Jun 2026

📍 New Delhi

Register Now →

EVENT

Digital Senate

Digital Senate is a premier conference uniting government leaders, technologists and innovators to share ideas, success stories and strategies on digital governance, public sector transformation, cybersecurity and emerging technologies in India.

📅 Thu, 30 Jul 2026

📍 New Delhi

Register Now →

EVENT

CIO Prism

CIO Prism unites forward-thinking technology leaders to exchange transformative insights, shape digital strategies, and foster innovation, empowering enterprises to excel in an era of rapid technological change.

📅 Fri, 18 Sep 2026

📍 Goa

Register Now →

›

The issue is particularly pronounced in Asia-Pacific, where regulatory approaches to AI vary widely across borders, Nishiyama said. Singapore has moved towards structured assessment frameworks such as AI Verify, while Japan has favoured a softer regulatory approach focused on innovation, creating uneven risk exposure for organisations operating across multiple jurisdictions.

From a cybersecurity standpoint, Nishiyama said the core challenge lies not in the AI models themselves but in how access, identity and decision-making are governed once systems are deployed.

He warned that unregulated or informal use of AI tools within organisations can introduce unmanaged credentials, expose sensitive datasets and create gaps in accountability that are difficult to audit, particularly for enterprises and public sector bodies.

The risks also extend to end-users, he said, citing the potential for poorly governed AI systems to leak personal data, generate misleading information or be manipulated to carry out unauthorised actions, all of which could undermine public trust.

As AI adoption accelerates, Nishiyama said the focus should shift from outright bans to enforceable safeguards that balance innovation with accountability.

He said measures such as identity-first security, least-privilege access, full auditability and human oversight for high-risk actions would be essential for organisations seeking to deploy AI responsibly while complying with evolving regulation across the region.