Your board approves the cyber budget.
Cybercare is Malaysia’s only end-to-end cyber resilience programme — built to close the governance gap
between boardroom accountability and operational readiness, when it matters most.
The cyber risk sits on your balance sheet.
The question is whether your board knows it.
Very few have ensured that their board can govern, decide, and communicate with
authority when an incident occurs. Cybercare addresses that gap.
For the CEO & Board Chair
Regulatory exposure
is now personal.
Most organisations invest in cybersecurity tools and technical teams. Very few have ensured that their board can govern, decide, and communicate with authority when an incident occurs. Cybercare addresses that gap.
For the CFO & Audit Committee
Cyber investment without
governance oversight
is sunk cost.
Organisations that cannot translate cyber incidents into financial, operational, and reputational impact — in the boardroom — cannot demonstrate readiness to auditors, insurers, or regulators. Every ringgit spent on technology carries unquantified residual risk until the board can read the dashboard that governs it.
For the CIO, CTO & CISO
Your SOC team can
only defend what
leadership authorises.
When the board lacks the vocabulary to challenge management’s cyber assumptions, critical decisions are delayed during incidents. Threat windows widen. SOC capability becomes strategically handicapped. Without board-level governance literacy, your technical investment operates at a fraction of its potential.
For the full board
Reputational capital
erodes in hours,
not weeks.
A breach that reaches the press before your board has a coordinated incident response protocol will define your organisation for years — in the eyes of regulators, shareholders, and the public. The question is not whether a cyber incident will occur. It is whether your leadership is prepared to lead through it.
Two distinct pathways.
One unified governance outcome.
board and C-Suite leadership, and an operational track for the technical teams they oversee. Both tracks are
designed so that when a crisis occurs, every tier of your organisation speaks the same language and acts as one.
Operational Track
15 Days (3 progressive weeks) · SOC Analysts · Security Teams · Delivered at Axiata Cyber Fusion Centre
SOC End-to-End
Operational Masterclass
A comprehensive, practitioner-led programme that takes participants from foundational SOC concepts to leadership-grade operational capability — across every tier from L1 analyst to SOC Manager. The programme is structured in three progressive parts, each building on the last, and culminates in a full end-to-end incident simulation.
Designed for organisations building or maturing internal SOC capability. The outcome is not a team that monitors threats — it is a team that detects, contains, escalates, and communicates at board speed.
Day 1
SOC Overview &
Operating Model
- What a SOC does: monitoring, detection, response, reporting
- In-house, MSSP, and hybrid SOC models
- Roles: L1 triage → L2 investigation → L3 threat hunting → SOC Manager
- End-to-end incident lifecycle
- SOC maturity models: basic to optimised
Day 2
SOC Technology
Stack
- SIEM: log collection, correlation, alerting
- EDR/NDR: endpoint vs network visibility
- SOAR: automation and orchestration basics
- Ticketing systems: incident tracking workflow
- Threat intelligence sources and data integration flow
Day 3
Alert Handling &
Triage
- Alert lifecycle and prioritisation
- Identifying false positives vs real threats
- Severity classification: low / medium / high / critical
- Escalation criteria to L2
- Writing effective incident notes
Day 4
Practical: Alert
Simulation
- End-to-end alert handling simulation
- End-to-end alert handling simulation
- Writing structured incident reports
- Group discussion: common SOC mistakes
Day 5
Assessment &
Review
- Scenario-based knowledge quiz
- Assessment & Review
- Instructor feedback session
- Instructor feedback session
Day 1
Investigation Methodology (L2 Mindset)
- Investigation frameworks and analytical mindset
- Log correlation techniques
- Host investigation: processes, files, registry
- Network investigation: traffic patterns, connections
- Timeline reconstruction and case management
Day 2
Threat Hunting Fundamentals
- Threat hunting vs reactive detection
- Hypothesis-based hunting methodology
- IOC vs behavioural analysis
- MITRE ATT&CK framework mapping
- Common attacker techniques and patterns
Day 3
Detection
Engineering
- Why detections fail — and how to fix them
- Detection rule creation fundamentals
- Alert tuning and optimisation
- Reducing alert fatigue
- Detection lifecycle managemen
Day 4
Practical: Investigation & Hunting
- Guided investigation scenario: identify attack sequence from logs
- Threat hunting exercise
- Detection improvement discussion
- Group debrief: common mistakes in threat hunting
Day 5
Assessment: Investigative Capability
- Scenario-based investigation test
- Group review and peer feedback
- Key learning recap
- Case discussion: real-world investigation failures
Day 1
SOC Architecture & Engineering
- Log ingestion strategies
- Identifying visibility gaps in your environment
- Tool integration and data flow design
- SOAR automation use cases
- Designing scalable SOC architecture
Day 2
SOC Metrics & Performance
- Key metrics: MTTD, MTTR, and beyond
- KPI dashboards and analyst performance tracking
- Reporting to executive management
- Interpreting and improving SOC dashboards
Day 3
Incident Leadership & Crisis Handling
- Managing high-severity incidents at pace
- Crisis communication protocols
- Stakeholder management during live incidents
- Regulatory and compliance considerations
- Executive-level reporting under pressure
Day 4
SOC Governance & Strategy
- SOC governance frameworks
- Playbook development and management
- Resource, staffing, and vendor evaluation
- Aligning SOC strategy with board-level business objectives
Day 5
Final Simulation: End-to-End Incident
- Full end-to-end incident simulation inside live environment
- Group decision-making under crisis conditions
- Career pathway guidance and professional development
- Final feedback and programme closure
Executive Track
3 Days · Board Members · CEOs · Audit & Risk Committees · Kuala Lumpur
Board Cyber
Resilience Masterclass
This is not a technical course. It is a structured governance engagement that places board members and senior leaders in the exact conditions they will face during a cyber incident — and equips them with the language, judgement, and decision protocols to lead with confidence.
Delivered across three progressive days, each building on the last. Participants complete a formal assessment. Successful completion constitutes documented evidence of board-level cyber governance competence.
Module 1
Cyber Risk Context &
Shared Language
- Current cyber threat landscape — regional context, beyond IT
- Why cyber risk is a board-level governance issue
- Common board-level misconceptions about cyber risk
- Cyber risk vs operational risk — key distinction
Module 2
Understanding Cyber Risk
& Business Impact
- Understanding Cyber Risk & Business Impact
- Reading and interpreting board cyber dashboards
- Understanding risk registers — what to look for
- Guided scenario analysis: real incident, real consequences
Assessment
Knowledge Check &
Scenario Discussion
- Facilitated discussion: "What does cyber risk mean for business continuity?"
- Short scenario-based knowledge check
- Review of sample board cyber dashboard
Module 3
Board Role During
Cyber Incidents
- Board vs management responsibilities — who decides what, and when
- Legal & regulatory implications of board decisions during a breach
- HR and reputational risk considerations
- Decision-making under uncertainty — the hardest skill in crisis
Module 2
Cyber Resilience &
Oversight Responsibilities
- What cyber resilience means — beyond compliance, beyond technology
- Overseeing controls, investments, and organisational cyber culture
- Board-level question framework for challenging management
- Board-level question framework for challenging management
Assessment
Facilitator-Scored Simulation
& Written Reflection
- Facilitator-scored simulation: "What decisions must the board make during a breach?"
- Scenario-based written reflection
- Board-level Q&A framework discussion
Module 5
Integrated Cyber Risk
Scenario — End-to-End
- Full end-to-end cyber crisis scenario — from detection to board response
- Financial, legal, operational & reputational impact under simultaneous pressure
- Individual written response to live scenario
- Group-level decision discussion — consensus under uncertainty
Final Assessmen
Board Cyber
Competency Certification
- End-to-end cyber risk scenario assessment (pass/fail)
- Evaluation: Risk prioritisation, Governance judgement, Leadership decision-making, Stakeholder consideration
- Individual written response + group discussion format
Deliverable
What Your Organisation
Receives
- Individual competency certificates for each participant
- Board Cyber Governance Assessment Report
- Documented evidence of governance due diligence
- Recommended organisational governance roadmap
From governance gap
to boardroom confidence.
Cybercare does not teach cybersecurity to your technical team. We build the governance intelligence, decision-making capability, and operational readiness that enables your entire leadership — from board to SOC — to act as one when a crisis occurs.
diagnostics & readiness evaluation
NIST and ISO-aligned assessments of your board’s cyber governance maturity, SOC capability gaps, and organisational risk posture. Board maturity diagnostics and strategic roadmap.
governance and operational education
Bespoke Board Cyber Resilience Masterclass for leadership. SOC End-to-End Masterclass for operational teams. Both delivered by practitioners, not academics.
internal capability architecture
Structured development of your board-level incident response protocol, internal SOC playbooks, and governance documentation aligned to regulatory requirements.
live incident simulation
Real-world crisis exercises that test your board’s governance decision-making and your SOC’s operational response simultaneously — inside Axiata’s live Cyber Fusion Centre.
continuous resilience
Ongoing advisory, quarterly threat intelligence briefings, and governance review cycles aligned to your board’s risk calendar and regulatory reporting obligations.
Built for organizations preparing for.
today’s evolving cyber landscape
Built for the leaders who
carry governance accountability.
Governance Leadership · Board Track
Board Directors &
C-Suite Executives
The individuals who approve cyber risk appetite, face regulatory scrutiny, and must make high-stakes decisions with financial, legal, and reputational consequences — often with incomplete information and no time to consult.
- Chairperson
- CEO
- CFO
- COO
- CMO
- Board Members
- Audit Committee
- Company Secretary
- Nominee Directors
Technology Leadership · Board & SOC Track
CIO, CTO, CISO & Technology Leaders
The technology executives who must translate threat intelligence into board language, secure governance support for cyber investment, and ensure their SOC team operates with clarity of mandate when an incident occurs.
- Government-Linked Companies
- Public Listed Companies
- ACE Market Financial Institutions
Enterprise Organisations · SOC Track
CIO, CTO, CISO & Technology Leaders
Organisations with public accountability, regulatory obligations, and reputational exposure. Those building internal SOC capability and cyber leadership pipelines that align operational defence with board-level governance.
- VP Technology
- CIO
- CTO
- CISO
- CMO
- CDPO
- Group IT Director
- Head of Information Security
What your organisation gains
A board that speaks the language of cyber risk with authority. A SOC that operates with executive clarity and escalates at board speed. An organisation that regulatory bodies, insurers, and shareholders can trust — with documentation to prove it.
Documented board-level cyber governance competence — certificated and auditable
Regulatory alignment: Bursa Malaysia CG Code 2021, BNM Risk Governance, NACSA NCSP
A single governance language shared between the board and the technical team
SOC operational capability benchmarked to NIST and ISO/IEC 27001
Why Malaysia's leading
organisations choose Cybercare.
Regulatory & Governance alignment
Programme participation constitutes documentable evidence of board-level cyber governance due diligence — recognised by auditors, corporate insurers, and regulatory bodies in Malaysia.