The Cyber Clinics serve as a practical platform to strengthen cybersecurity capacity across the region while creating long-term value for students, academic institutions, and underserved communities.
More Details
The Cyber Hygiene Training component focuses on building foundational cybersecurity awareness among small businesses, nonprofits, and individuals across Asia and the Pacific.
More Details
The Policy and Research component strengthens the evidence base for cybersecurity resilience and promotes collaboration among policymakers, academia, and industry leaders. Through data-driven insights and regional exchanges, the APAC Cybersecurity Fund (ACF) supports informed decision-making and helps shape inclusive, forward-looking cybersecurity ecosystems across Asia and the Pacific.
Luong Hue manages Dato, a social enterprise in Vietnam that works with over 500 ethnic minority households producing herbs and spices. At first, she believed cybersecurity was mainly for larger corporations, while her priority was learning digital tools for marketing. But after nearly losing important customer data, she felt vulnerable and joined the APAC Cybersecurity Fund training. There, she discovered that even small vulnerabilities could endanger her business and her partners. She learned to identify phishing attempts, enable two-factor authentication, and introduce safer file-sharing practices for her staff. With these changes, she not only strengthened her business security but also held internal sessions to share lessons with her team. Today, Hue sees cybersecurity as an essential foundation for growth and sustainability, ensuring that her enterprise and its partner households can thrive safely in the digital economy.
Josna Akter, an e-commerce business owner from Rajshahi, once received a call claiming she had won a large cash prize. The caller, posing as a bank official, demanded her mobile wallet PIN to “process” the reward. Excited but unsure, Josna almost shared her details before realizing it could be a scam. This experience left her shaken and motivated to join the APAC Cybersecurity Fund training. Before the session, Josna believed she had little control over such fraud, but she soon discovered practical ways to protect herself. She learned to identify phishing calls, block suspicious numbers, and strengthen her account security. With new knowledge, she confidently avoided future scams and even started warning her neighbors and fellow business owners about similar tricks. Today, Josna calls the training a turning point—what could have been a costly mistake became an opportunity to build confidence and share protection strategies with her community.
Harindu joined the ACF Cyber Clinic as part of his ISRM module assignment. Coming from a strong technical background, he initially viewed cybersecurity purely through a technical lens. However, working with a real software startup during the training changed his perspective. He learned that risk assessments aren’t just about following frameworks—they require understanding how a business operates and connecting security issues to real impacts such as financial loss or reputational damage. Through the program, Harindu developed the ability to identify risks systematically, analyze them effectively, and translate technical findings into clear business implications. This shift helped him move beyond a “technical-only” mindset to one that considers both business and security priorities. One of the most valuable skills he gained was learning how to communicate complex security issues in simple, practical terms. When working with the startup using the OCTAVE Allegro framework, he realized his technical reports were too complicated for the business owners. He adjusted his approach—keeping his technical analysis in the background but simplifying his explanations so MSME owners could understand and act on them. For example, instead of describing an SQL injection attack in technical detail, he explained it as a risk of customer data being stolen, leading to fines and loss of trust. The Cyber Clinic experience reshaped how Harindu sees his role in the community. He now understands that cybersecurity isn’t just about finding technical flaws—it’s about helping real businesses protect themselves in practical, affordable ways. “Small businesses face the same cyber threats as large companies, but they don’t have the same resources. My job isn’t just to find problems—it’s to help solve them,” he shared.
