Login to profile

About us

We have been active in Asia since the opening of our Singapore Chapter in 2016. We are committed to the Asian market, working closely with our members here to create a genuinely global cyber security organisation.

We currently have two chapters in the region: one in Singapore and one in Hong Kong which was also launched in in 2016 in collaboration with the Hong Kong Institute of Bankers (HKIB) and the Hong Kong Applied Science and Technology Research Institute (ASTRI).

These chapters are represented and managed by an elected Asia Council. The chair of the Asia Council, Emil Tan, also sits on our International Council.

In common with our other Regional Councils, the Asia Council exists to further our objectives to build capability, capacity, consistency and community in the region and the global cyber security industry.

We work with members, governments, regulators and the buying community in the region to enhance cyber resiliency and open up markets for our member companies and offer opportunities for qualified individuals.

We deliver a full range of disciplines to the Asian market:

• Penetration Testing
• Incident Response
• Threat Intelligence
• Security Operations Centres

Asia Council

Members of the Asia Council were elected in December 2021. They will serve for three years at which point, to ensure continuity, half will retire by rotation by mutual agreement and be eligible for re-election for a further three-year term if they so wish. The other half will retire by rotation the following year. Emil Tan, the Asia Council Chair, is a co-opted and independent member of the council as permitted in the Asia Council Terms of Reference.

The serving Asia Council Members are listed below in alphabetical order. Hold your cursor over each for more information.

Ryan Baxendale

Centurion Information Security

[Co-Optee]

Ryan is based in Singapore and is the Director for Centurion Information Security, a firm with a specialized focus on providing comprehensive cyber security assessment services. Ryan holds individual CREST certifications and since 2016 has consistently maintained the company’s CREST Membership and previously worked with CREST as an Assessor to deliver exams.

Paul Craig

Vantage Point Security Pte Ltd

Paul is the Chief Hacking Officer and co-founder at Vantage Point Security group, where he oversees the penetration testing services delivered by the group across Southeast Asia. Paul has more than two decades of penetration testing experience working in the banking and finance sectors and has been leading cyber security teams for most of his career.

Paul has published books on cyber security, spoken at international security conferences and has appeared on a range of news and current affairs programs regarding cyber security risks including TV and print media.

Jason Ka Lee

PwC

[Portfolio: Threat Intelligence]

Jason has more than eight years’ experience in delivering high-priority global projects (independently and leading teams) across various industries. He enables clients to manoeuvre through complex landscapes smoothly and gain strategic “first-mover” advantages, and has worked with senior executives and stakeholders across all levels and departments to adopt new technologies securely while meeting business needs.

Some of Jason’s projects include leading the uplift of a cybersecurity regulatory framework for the banking sector; planning and leading threat assessments for global companies and large organizations across multiple sectors, including government and financial services; and supporting multiple incident response engagements by providing bespoke cyber threat intelligence to the incident responders.

Vikneswaran Kunasegaran

Firmus

Vikneswaran is a GIAC certified Penetration Tester who obtained his Bachelor’s Degree in Computing specializing in Computer Security from APIIT (now known as APU). He has been in the industry for nearly a decade, possessing expertise in vulnerability assessment, penetration testing, compromise assessment, red teaming, and more. On top of that, he is a cyber security awareness speaker with over a dozen talks held with various groups, including Board Members of certain organizations. He is currently managing a team of 20 security consultants and ethical hackers who provide security testing services for various clients across Malaysia and its neighbouring countries. He is also building a team for Incident Response and Endpoint Recovery Services at FIRMUS by becoming familiar with various EDR technologies and getting certified in them. His main objective from the start has been to provide quality cyber security services to clients without compromising on quality or the client’s experience.

John Lloyd

Casaba Security SE Asia Pte Ltd

[Portfolio: Academia]

John worked for over a decade in roles centred around securing business and business systems. He has years of experience building and managing large scale Security Operations Centres (SOC) in the APAC region. His primary interest is in managing the human aspects of information security; holistically blending technology and best practices to develop systems which are secure yet provide an effortless user experience.

John spends his free time working on security projects in the blockchain domain where he focuses on distributed trust and projects related to risk management.

Louis Luong

VSEC

[Co-Optee. Portfolio: Vietnam]

Louis has nearly 20 years of experience working in the IT and cybersecurity industry in leading Vietnamese organizations such as FPT Software, CMC Telecom (Service provider), SV Technologies (System Integration) before taking on his current role as a leader at VSEC. He was one of the founding members of VSEC back in 2009 when cybersecurity was not a major concern for digital systems in Vietnam. Over time, VSEC has become the first MSSP to monitor information security in Vietnam and provides services to over 60% of banks in the country. They play a crucial role in delivery information security service for various government departments and have strategic partnerships with international security companies such as Black Panda, Rapid7, Core Security, Record Future, and more. Additionally, VSEC was the first organization in Vietnam to receive CREST certification for Pentest and SOC service. He also serves the community as the Chief of the Cyber Security Technology Village in the Techfest program, a largest annual national innovation and creativity event led by the Ministry of Science and Technology. In his role and other co-chief, he successfully built an ecosystem for cybersecurity, connecting more than 40 experts in information security from Vietnam and abroad to support not only startups but also businesses in establishing a secure online environment.

Ramesh Naidu

Vigilant Asia Sdn Bhd

[Portfolio: SOC]

Ramesh has more than 20 years’ experience in IT, managing large technology operations from endpoint management to distributed network. He has designed and built data centres and complex technology environments which include the management of Information Security and Cyber Security. Ramesh played a pivotal role in the setup of Vigilant Asia as an MDR player in Malaysia and was responsible for the end-to-end business and technical setup of the SOC operations.

Britto Sidhan

Schneider Electric SE

[Portfolio: Research]

Britto leads the Global Security Lab at Schneider Electric. He is responsible for Penetration Testing, ICS Security, and red teaming for product and systems offers. For more than a decade, he has worked extensively with telecommunications security, cloud and virtualization security, and vulnerability researcher.

An expert in offensive security techniques, Britto has been involved in developing research skills for professional security teams. He has a team of highly skilled security professionals that focuses on critical infrastructure domain.

bk Soon

Partner, Casaba Security SE Asia. Vice-Chair of Asia Council Pte Ltd

[Co-Optee. Portfolio: Malaysia]

bk’s ambition has driven his work to help others. He has been a computer teacher, course counselor, businessman, and activist promoting technology to combat modern slavery and organized crimes.

bk has over 20 years of experience managing regional information technology and cyber security projects with regulators, defense, government agencies, and private corporations. His understanding of the industry and people-person characteristics, with his solid experience on the ground, have built a trusted network in various private corporations, not-for-profit organizations, government agencies, and people from all walks of life.

His expertise includes project management, building and conducting solutions workshops, reviewing and responding to RFP/RFI, business development, relationship management, and legal and regulatory framework. He is currently working on a research paper on Maritime Cybersecurity: Formulating a Legal and Risk Management Framework in Malaysia with the University of Malaya.

Cecil Su

BDO LLP

[Portfolio: Academia and Research]

As a trusted advisor, Cecil leads and manages wide-ranging initiatives in both the government and commercial sectors in the areas of cybersecurity assessments, secure development lifecycle, technical countermeasures, threat analysis, cyber investigations/forensics, and IoT/OT technology.

He has spent many years performing and overseeing cybersecurity assessments, technology audits, digital forensics including complex enterprise platforms on networks and applications. Aside from that, Cecil has been involved in developing and deploying risk-based management and data governance frameworks, helping clients to manage data protection, risk and meet associated regulatory requirements. He currently volunteers in the Association of Information Security Professionals (AiSP), OWASP SG Chapter and WorldSkills Singapore.

Emil Tan

Chair

Emil Tan currently serves as the Cyber Strategist and Market Lead in Critical Infrastructure at Booz Allen Hamilton. In addition, he is the Chief Community Officer (CCO) at Red Alpha Cybersecurity, a leading cybersecurity talent development company, and the Chair of the CREST Asia Council.

With over 10 years of experience in the cybersecurity industry, Emil has expertise across a broad range of cybersecurity trades, including R&D, cybersecurity operations, governance, policy and regulations, consultancy, and ecosystem development. His extensive background has established him as a key figure in the field.

Emil is a dynamic contributor to the cybersecurity ecosystem in Singapore, actively driving cybersecurity conversations and thought leadership both locally and internationally. He founded Division Zero (Div0), Singapore’s largest techno-centric cybersecurity community group, and Infosec In the City, SINCON, Singapore’s international techno-centric cybersecurity conference.

Henry Tan

CEO softScheck Singapore Pte Ltd

[Portfolio: Marketing & Training]

Henry is an effective leader with a track record of developing, presenting and managing implementation of innovative business solutions.

He accumulated technical background in software development, network design and cyber security with a strong understanding of software architecture which helps him to grasp technical requirements to implement business solution. As a CEO he has established softScheck in the region and driven the company’s fast growth trajectory.

Faisal Yahya

Country Manager, Vantage Point Security Indonesia, PT

[Co-Optee. Portfolio: Indonesia]

Faisal is a Cyber Security Strategist with over 20 years of experience combined as a Country Manager, Chief Information Officer (CIO) executive, and Chief Information Security Officer. He plays an integral role in spearheading the Information Security strategy roadmap, interfacing core business functions and technology teams — establishing and presenting a cybersecurity strategic vision using technical skills to generate confidence with business stakeholders and company leadership.

Faisal has given many public speaking at industry conferences and academic events about various cybersecurity topics. Faisal also serves as an Official Instructor for EC-Council and Cloud Security Alliance. Faisal advocates for better cyber safety practices and defining improved Cybersecurity space in the South East Asian IT communities, actively researching and speaking. Faisal is passionate about upskilling people and organizations about cybersecurity.

Focus Groups

CREST Focus Groups help us to continually monitor best practice in Penetration Testing, Threat Intelligence, Incident Response, Intelligence-Led Testing and SOC. To see the relevant Focus Groups for Asia, please visit our Focus Groups page.

Asia Team

CREST Asia is supported in regional marketing, PR and operations by Faye Percival, CREST Secretariat. Contact: [email protected]

Faye Percival

CREST Secretariat