Tech in 2026: Geopolitics, AI Risk, and Infrastructure Constraints Reshape the Sector
WHAT YOU NEED TO KNOW
- Entering the second half of 2026, geopolitical tensions are increasingly crystallizing into structural constraints around semiconductor controls and access to critical minerals, with implications likely to outlast near-term diplomatic momentum.
- Agentic artificial intelligence (AI) is emerging as a cybersecurity threat that can operate faster than existing defense architectures are designed to handle, accelerating vulnerability discovery in legacy critical infrastructure systems and signaling a broader structural shift that critical sectors cannot afford to ignore.
- Governments are transitioning online safety regulation from voluntary principles to durable enforcement infrastructure, with child protection and scams driving an expanding “duty-of-care” framework that platforms must navigate across emerging regulatory camps.
- “Phantom” energy demand for data centers is straining grid planning and financing, prompting governments to tighten approvals and pushing operators to align forecasts with regulators to unlock the region’s AI-driven growth.
ON THE HORIZON
- The Association of Southeast Asian Nations (ASEAN) AI Summit, expected to be held in the Philippines in September, will likely focus on practical AI adoption, responsible AI principles and public-private partnerships for micro, small and medium enterprises. The summit remains unconfirmed amid the Philippines’ national energy emergency declaration.
- The Asia-Pacific Economic Cooperation Digital Week, scheduled for July 16-28 in Chengdu, China, will feature the Digital and AI Ministerial Meeting and other high-level digital workstream sessions. While U.S.-China tensions make significant outcomes unlikely, emerging initiatives on capacity building, the North-South digital divide and high-level principles should be monitored as signals of potential engagement opportunities with governments.
- Indonesia and Malaysia are expected to introduce subsidiary regulations operationalizing their respective online safety frameworks by the third quarter. These will likely inspire a push toward similar measures among other countries in the region.
Sector Overview and Forecast
Macrotrend Monitor
Increased Geopolitical Risk on Technology Supply Chain
The second half of 2026 will likely face a more constrained operating environment for technology supply chains across the Indo-Pacific, with near-term stability giving way to renewed uncertainty as key policy deadlines approach. Bilateral technology-focused agreements concluded in late 2025 and early 2026 have provided some temporary country-level stabilization, but this is increasingly fragile. Section 232 investigations by the United States into semiconductors and critical minerals are expected to reach critical junctures in July 2026, with findings that could trigger new tariffs, import restrictions or domestic content requirements. This could reintroduce significant supply chain disruption risk if U.S.-China tensions intensify through the remainder of the year. Product-level hardware classifications and end-user restrictions remain key risk flashpoints to monitor.
While still early in the U.S. legislative process, the STRIDE Act, which seeks to align semiconductor export controls with allies, and the MATCH Act (Multilateral Alignment of Technology Controls on Hardware), a targeted measure aimed at Chinese chipmakers, reflect bipartisan U.S. intent to widen restrictions on semiconductor equipment and expand extraterritorial reach to allied governments. However, a crowded legislative calendar, competing congressional priorities and the complexity of negotiating allied coordination mechanisms mean that neither bill is expected to advance to a floor vote in the near term. Nevertheless, the bipartisan sponsorship and committee-level advancement indicate a directional consensus in Washington toward tightening controls, even absent immediate legislative outcomes. This signals persistent geopolitical risk for semiconductor manufacturing hubs such as Japan, Korea, Taiwan, Malaysia and Singapore, whose ecosystems remain closely tied to China as a major importer of semiconductor products and equipment from the region. Companies should not wait for legislation to be enacted before adjusting compliance postures because administrative action or executive orders could accelerate restrictions along the same policy lines.
Taken together, the Section 232 outcomes expected in July and the broader trajectory of U.S.-China tensions suggest that the second half of 2026 could carry escalating rather than receding risk for the semiconductor industry, which could have downstream impacts on the broader ecosystem. For firms operating advanced technology supply chains across Northeast Asia and Southeast Asia’s manufacturing hubs, this will likely require the normalization of enhanced screening obligations and customer due diligence, assuming that the scope of regulatory scrutiny will continue to expand.
Agentic AI and Cybersecurity
Reports surrounding the Claude Mythos Preview AI model triggered alarm among regulators in Singapore, Korea, Australia, India and Japan in early 2026 after the model reportedly uncovered major security vulnerabilities across leading operating systems, including flaws that had evaded expert reviewers and automated testing for decades. However, Mythos is better understood as a bellwether of a broader trend: the rise of malicious agentic AI capabilities and the corresponding regulatory response will likely intensify in the second half of 2026. Agentic offensive AI can conduct sustained, adaptive campaigns at speeds that outpace traditional cyber defenses, compressing response timelines from days into hours while rapidly identifying vulnerabilities across legacy infrastructure, unpatched controls and weak supplier security systems prevalent across parts of the region.
This growing offense-defense asymmetry is already driving regulatory shifts across the Indo-Pacific. Financial regulators in Japan, Korea, Singapore, India and Australia are intensifying scrutiny of risks to banking and critical infrastructure systems through closed-door engagements with major institutions. Policymakers across most of these markets are increasingly converging on the view that AI-enabled threats will require AI-enabled defenses, including the deployment of defensive AI agents to accelerate vulnerability management and frontline response capabilities. While implementation capacity will vary across markets, this approach will likely gain traction regionally. Following heightened scrutiny and consultations in the first half of 2026, more concrete countermeasures are expected to emerge in mature markets such as Japan and Singapore in the second half. Japan has already announced a public-private taskforce bringing together technology and financial sector stakeholders, while Singapore’s Cyber Security Agency is reviewing technical standards and obligations for critical information infrastructure owners to account for faster AI-enabled attack timelines. Companies serving critical sectors should continue positioning themselves as technical partners on emerging frameworks and prepare internal positions on issues such as responsible AI, quantum-safe road maps and agile cybersecurity postures ahead of future government consultations.
Subsector Highlight
Online Safety Laws: Operationalizing Platform Accountability
Across the Indo-Pacific, online safety regulation is shifting from aspirational principles to operational enforcement, a trend likely to intensify in the second half of 2026. Governments are moving beyond voluntary codes and reactive takedowns toward durable enforcement mechanisms, including risk-classification systems, dedicated regulators, mandatory reporting portals and formal escalation channels. What began as a response to child protection and online scams is increasingly becoming a permanent regulatory pillar, with online harm treated as systemic risks requiring continuous supervision. Australia’s eSafety Commission is a leading example of this shift.
The region is increasingly diverging into two regulatory approaches. Markets such as Australia, Indonesia and Malaysia are using youth-focused regulation to broaden platform accountability, while Singapore is expanding oversight more incrementally through measures targeting scams, harmful content, recommender systems and emerging AI-related risks. At the same time, regulators are closely observing and selectively adopting approaches from peer markets, with Australia emerging as a key bellwether and ASEAN regulators increasingly exchanging views on online safety frameworks.
For platform companies, the main risk is policy contagion. Although discussions remain centered on scams and age assurance as visible pressure points, the broader debate governments are engaging in is over platform accountability and duty of care. Over the next six months, the focus will likely shift from new headline laws to refining implementation and enforcement, reinforcing a broader concept of digital duty of care.
Data Center Energy Demands: Phantom Demand and Rising Sustainability Requirements
As AI investment accelerates across the Indo-Pacific, data center demand is rising rapidly, creating major opportunities for digital infrastructure companies while placing growing strain on regional power grids. Governments are prioritizing generation and transmission expansion to support digital infrastructure, but grid reliability and financing concerns remain significant, particularly amid energy market volatility linked to the Middle East crisis.
A key emerging challenge is “phantom” energy demand, where speculative or inaccurate load forecasts fail to materialize into actual consumption. This issue will likely intensify across major data center growth markets such as Australia, Indonesia, Malaysia, Thailand and Japan in the second half of 2026 and into 2027, particularly where energy bottlenecks are already constraining sector growth. In response, governments are becoming more selective in approving projects, increasingly linking capacity allocations to stricter power and water efficiency standards amid concerns over resource competition and foreign technology firms consuming finite supplies.
At the same time, unmet demand projections are making utilities more cautious about financing future grid expansion, particularly in markets where state-owned operators rely heavily on debt financing. This creates a “chicken-and-egg” problem for developers, who require firm power commitments before investing capital. The challenge is compounded by gaps between how governments and operators assess demand, including differences in hyperscaler and colocation requirements, future expansion headroom and long-term power consumption patterns. Aligning forecasting methodologies and approval processes will therefore become increasingly important to unlocking the region’s AI-driven infrastructure growth.
We will continue to keep you updated on technology developments as they occur. If you have comments or questions, please contact BGA Technology Senior Director William Heidlage, Director Apoorva Kolluru, Director Heidi Mah or Associate Harris Amjad.
Best regards,
BGA Technology Team
