#WorkinginCSA: Building Cyber Resilience Through Cyber Exercises

Outside of work, he is an enthusiastic casual runner.

1. Tell us more about your team’s work and your role as a Senior Manager in CSA’s Joint Operations Readiness Division (JORD).

At CSA, my role revolves around improving (cyber) crisis response capabilities and readiness as we strive to enhance Singapore’s cyber resilience. A key aspect of this involves planning, designing, and conducting both technical and operational cyber exercises that simulate realistic incident scenarios. These cyber exercises extend beyond CSA; we work closely with the Critical Information Infrastructure (CII) sectors to validate their response capabilities.

The goal is simple yet essential: to ensure Singapore is as ready as possible to handle cyber incidents. Through these cyber exercises, organisations can validate their internal processes, build stronger coordination with partners, and identify areas for improvement to prevent potential crises.

It’s also about building trust across agencies, between sectors, and within the broader ecosystem with industry partners. Every exercise is an opportunity to learn and grow – we want to respond not with panic, but with cohesiveness and assurance to the public.

2. What inspired you to become interested in Critical Information Infrastructure and pursue a career in this field?

What started as an intuitive choice to pursue Computer Science turned out to be transformative. The field's endless possibilities fascinated me more than any other discipline. I began my career as a consultant, which gave me early exposure to the diverse ways cybersecurity plays a role across different industries. That experience opened my eyes: cybersecurity isn’t just a backend function or technical checkbox; it’s a strategic enabler.

What stood out most was how cyber has evolved from being siloed in IT to becoming a key pillar across every layer of operations. From finance to transport and healthcare, cybersecurity cuts across all sectors, shaping how systems are designed, used, and protected. It’s no longer just about defence, it’s about resilience, adaptability, and keeping pace with an ever-changing threat landscape.

That perspective continues to guide how I approach the work we do today.

3. What are some projects you’ve worked on in CSA that you found particularly interesting and/or challenging? What made them interesting, and how did you navigate the challenges?  

Planning and executing Exercise Cyber Star 2025 (XCS25) has proven to be a trilling yet complex undertaking. As a national-level cyber crisis management exercise, XCS25 demands more than just routine planning. One of the key challenges lies in crafting scenarios that are not only realistic but also unconventional – the kind of incidents that could truly disrupt systems in ways we haven’t yet seen.

To build realistic scenarios, we actively engage with industry partners to stay up to date with emerging cyber trends and adversary tactics, techniques, and procedures (TTPs). These collaborations help ensure that every scenario is grounded in reality and relevant to the CII sectors.

XCS25 ultimately isn’t just about testing systems or plans. It’s about strengthening relationships across sectors, refining coordination, and ensuring Singapore stays ready to respond swiftly and effectively in an increasingly complex cyber threat landscape.

4. Have you had a mentor whose guidance helped shape your professional journey in CSA? Tell us more about it.

I’ve had the privilege of working with leaders and peers who have generously dedicated their time, insights, and experiences in helping me navigate challenges, develop confidence, and grow professionally.

From learning how to frame operational problems clearly to understanding the broader national impact of our work, the guidance I received went far beyond technical skills. What stood out most was the culture of support, where questions were welcomed, feedback was constructive, and growth was a shared goal.

"Mentorship here isn't just about giving answers — it's about asking the right questions and encouraging ownership."

5. Tell us something about your job that not many people know about.

One of the biggest misconceptions people have when I say I work in cybersecurity is that I spend my days hacking into systems or chasing cybercriminals in hoodies behind glowing screens. While that may be the Hollywood version, the reality is far more complex and exciting.

Cybersecurity isn’t just about flashy tools, malware analysis, or high-tech firewalls. It’s an ecosystem that covers everything from network architecture and cloud security to Internet of Things (IoT), Governance-Risk-Compliance (GRC), incident response, threat intelligence, and even cyber crisis management. In fact, some of the most impactful work happens quietly in building resilient systems, strengthening partnerships across sectors, and shaping policies that protect our critical information infrastructure.

What I love most is how dynamic the field is. One day you’re studying emerging TTPs; the next, you’re helping to coordinate a national-level exercise. There’s always something new to learn.

Cybersecurity is no longer a backroom function, it’s front and centre in national defence, business resilience, and even public trust.

6. Outside of work, do you have any hobbies and interests? How do you unwind from work?

Running has always been more than just a hobby for me – it’s a lifestyle now, and a way to reset. I’ve even challenged myself by taking on an overseas marathon. The training and preparation demanded consistency, resilience, and focus – qualities that translate directly into my work in cybersecurity.

Running sharpens my mental strength. On tough days, it helps clear my mind and gives me the space to reflect. Often, the best ideas or solutions to complex problems come not while I’m at my desk, but halfway through a long jog.

In our line of work at CSA, we’re often navigating high-pressure situations, tight timelines, and evolving threats. Having a mental outlet like running helps me stay grounded and recharge. It builds patience, clarity, and the endurance to keep going even when the path gets tough.