+ | - | reset

Past Programmes

4 CPD points HRDF Claimable

Cyber Kill Chain and Cybersecurity Capabilities

Ho Siew Kei

Despite heightened attention and unprecedented levels of security investment, the number of cyber incidents and their associated costs continues to rise. The concern typically revolves around the growing sophistication of malicious hackers and other adversaries, and whether being secure is even possible in today’s rapidly evolving landscape of cyberattacks. Cybersecurity is a broad and ever-evolving discipline. As organisations seek to protect their organisations, it is important to understand how attackers typically achieve their objectives and the cybersecurity capabilities that any organisation should consider building in order to respond to these threats. In this session, we will discuss the following:

  • Anatomy of a cyberattack – introducing the cyber kill chain and the steps attackers take to achieve their objectives
  • Responding to cyberattacks – layered defence and cybersecurity capabilities, and the shift from prevention to detection
  • Cybersecurity capabilities – introducing cybersecurity capabilities and the key features of each capability. These capabilities include cybersecurity management, extended enterprise, application security, infrastructure security, identity and access management, data security and data leakage prevention, threat intelligence, security operations, vulnerability management, incident response and business resilience

Learning Outcomes

  • Review the anatomy of a cyberattack – introducing the cyber kill chain, and the steps attackers take to achieve their objectives
  • Respond to cyberattacks – layered defense and cyber security capabilities, and shift from prevention to detection
  • Identify Cybersecurity capabilities and the key features of each capability

Target Audience

  • Aspiring, New and Experienced Directors
Virtual Classroom Format
icon ifl 01 Interactive Facilitated Learning


Ho Siew Kei

Ho Siew Kei
Executive Director, Risk Advisory – Cyber Risk, Deloitte Malaysia

Ho Siew Kei is an Executive Director within Deloitte’s Risk Advisory practice in Malaysia. He has more than 18 years of experience in risk and controls encompassing IT audit and advisory, and cybersecurity assessments services for clients in various industries, focusing on clients in the banking and insurance industries.

Previously, he spent 7 years in the United Kingdom – in an IT Risk & Compliance role for a major financial institution and as a Manager in another big 4 professional services firm based in London.

In his current role, Siew Kei manages vulnerability assessment engagements, and cybersecurity maturity and compliance assessments for Malaysian companies, focusing on financial services.

His qualifications and professional affiliations include Cybersecurity Audit Certificate, ISACA; Certified Information Systems Auditor (CISA), ISACA; Certified Practising Accountant (CPA), CPA Australia and Certified Information Systems Security Professional (CISSP).

Tuesday | 16 June 2020 (Facilitator: Ho Siew Kei)

Course Overview:

Module One Background to cyber-attacks 30 minutes
Module Two Anatomy of a cyber-attack & cyber kill chain 45 minutes
Module Three Case studies: examples of cyber-attacks from the viewpoint of the cyber kill chain 30 minutes
Module Four Introducing cybersecurity capabilities 30 minutes
Module Five Describing the features of core capabilities 45 minutes

*The duration excludes introduction & housekeeping and virtual breaks

Lecture, case-studies, discussion, polling