From Insights to Action: SingAREN–Fortinet Incident Response Workshop on Strengthening Cyber Resilience – 29 Aug 2025
10 Sep 2025 – Cyber threats are evolving faster than ever — and defending against them requires more than just tools. It takes people, preparation, and practice. On 29 August 2025, SingAREN, in collaboration with Fortinet, hosted an in-depth workshop aimed at advancing cyber defense capabilities through proactive threat exposure management and practical incident response exercises. The event brought together network and cybersecurity professionals to exchange knowledge, share insights, and engage in hands-on training.
The session kicked off with a warm welcome from Christopher Lek, SingAREN Executive Committee Member, who highlighted the importance of collaborative efforts in strengthening the research and education community’s cyber resilience.
Figure 1 Opening by Christopher Lek – SingAREN EXCO member
This was followed by a keynote sharing from Andrew Moey, Fortinet’s Security Strategist – SEAHK, who unpacked the “Evolution to Continuous Threat Exposure Management (CTEM)” framework. His session highlighted how CTEM helps organizations shift from a reactive, patch-by-patch mindset to a proactive cycle of identifying, prioritizing, and addressing exposures — before attackers can exploit them.
Figure 2 Introduction to CTEM by Andrew Moey – Fortinet’s Security Strategist
After a short break, the energy in the room shifted gears from listening to doing. David Malcher, Fortinet’s Director of Incident Response (EMEA & APAC), walked participants through the process of building an adaptable incident response plan — a critical tool for reducing stress and chaos during a crisis.
Figure 3 David Malcher – Fortinet’s Director of Incident Response (EMEA & APAC) running through the basics of incident response
With that foundation in place, participants were divided into teams to discuss the elements that strengthen such a plan, before presenting their ideas to the group.
Next, participants were guided through a tabletop exercise scenario. They navigated a simulated incident, responding to ‘injects’ that mirrored the curveballs organizations often face in real time. The activity sparked lively debate: Do you shut systems down immediately or first gather more intelligence? How do you communicate with leadership under pressure?
By the end, each group shared their perspectives with the room — reinforcing that there’s no single ‘right’ answer, only informed decisions shaped by preparation and teamwork.
Figure 4 Participants were then divided into teams for the playbook-driven exercise
The workshop wrapped up with a sense of accomplishment and urgency. Attendees walked away not just with new knowledge, but with practical experience in tackling high-pressure scenarios — the kind that test both technical skills and decision-making.
Figure 5 Participants and organisers of this workshop
For SingAREN and our members, the key takeaway was simple: cybersecurity is a team sport. With frameworks like CTEM and practical playbooks in place, our community is better prepared to face the threats of tomorrow.
This article was co-edited by Andrew Meoy (Fortinet), and Vee Len (SingAREN)