SINGAPORE, October 22, 2025 – Cybersecurity experts and incident responders from across ASEAN are gathering in Singapore this week for the 20th ASEAN CERT Incident Drill (ACID) — marking the first time the annual exercise is being held in person since its inception.
Organised by the Cyber Security Agency of Singapore (CSA) in conjunction with Singapore International Cyber Week 2025, the two-day event on 21–22 October brings together 36 incident responders from 10 ASEAN Member States, five Dialogue Partners (Australia, China, India, Japan, and South Korea), and Timor Leste.
Themed “Securing Network Devices at the Edge”, this year’s ACID focuses on cyber incidents targeting network edge devices such as VPN appliances and secure remote gateways — the first line of defence for many organisations. As enterprises expand digital infrastructure and remote access systems, these edge points have become critical targets for cyberattacks.
Strengthening Regional Preparedness and Information Sharing
Hosted annually by Singapore, the ASEAN CERT Incident Drill is designed to test incident response procedures and strengthen regional cybersecurity cooperation. This year’s edition is particularly significant as it is held at the ASEAN-Singapore Cybersecurity Centre of Excellence (ASCCE), where the ASEAN Regional CERT is co-located.
Participants will, for the first time, use the ASEAN Regional CERT’s Information Sharing Mechanism (ISM) — a new platform commissioned in May 2025 to facilitate real-time threat intelligence exchange, technical collaboration, and coordination for regional cyber exercises.
“As cyber threats grow increasingly transboundary, no nation can address them alone,” said Ir. Dr. Megat Zuhairy Megat Tajuddin, Chief Executive of Malaysia’s National Cyber Security Agency and Overall Coordinator of the ASEAN Regional CERT Task Force. “The ASEAN CERT Incident Drill represents our collective commitment to strengthen regional cyber resilience through trust, preparedness, and operational cooperation.”
He added that the first physical iteration of ACID and the debut use of the ISM mark “a new phase in safeguarding our shared digital ecosystem.”
Tabletop Exercise and APT Workshop
In addition to the hands-on incident drill, participants will also engage in a Tabletop Exercise (TTX) simulating a cross-border cyber incident affecting multiple countries’ critical systems. The exercise will enhance regional coordination in threat mitigation, recovery, and takedown scenarios.
Given the rise of Advanced Persistent Threat (APT) activity worldwide, ACID 2025 also features a 1.5-hour workshop titled “Upskilling Blue Teams: Defending Against APTs”, conducted by cybersecurity training provider HackTheBox. The session will train participants to detect and respond to APT-style attacks, offering insights into attacker tactics, techniques, and procedures (TTPs) alongside real-world case studies.
A Decade of Regional Cooperation in Cyber Resilience
Since its establishment in 2006, the ASEAN CERT Incident Drill has evolved into a cornerstone of regional cybersecurity collaboration, allowing national CERTs to test readiness, share expertise, and coordinate faster responses to emerging threats.
This year’s 20th edition reflects ASEAN’s collective commitment to enhancing regional resilience, capacity-building, and information-sharing — key pillars of the ASEAN Digital Masterplan 2025.
The Cyber Security Agency of Singapore, which oversees national cybersecurity and regional cooperation initiatives, said the physical edition of ACID reinforces Singapore’s role in building a trusted and secure ASEAN digital community, supporting both national security and digital economic growth.