Case study: International Cyber Capacity Building in the Indo-Pacific

Published
2026-07-08T15:02:24.883+02:00 08 July 2026
Business Digital Intelligence
Location United Kingdom
For three years, we led the UK FCDO-funded Indo-Pacific Cyber Programme consortium to help national cyber agencies and critical infrastructure organisations across the region detect threats, build resilience and forge lasting partnerships. Rather than off-the-shelf solutions, we delivered hands-on training, interactive workshops and tailored strategies.
Colourful abstract image of a person with computer screens and data

Over recent years, the Indo-Pacific region has rapidly emerged as a global digital powerhouse, with the Association of Southeast Asian Nations (ASEAN) – an alliance of 11 nations including Indonesia, the Philippines, Singapore and Thailand – striving to lead on innovation and connectivity. 

But with this growth has come increasing cyber threats as the crosshairs of threat actors have pivoted to target the region. Ransomware attacks have increased significantly, critical infrastructure is more vulnerable than ever, and the fast pace of technological change presents constant security challenges. 

Recognising these risks, we led a consortium of cyber capacity building experts, funded by and working in collaboration with the UK FCDO (Foreign, Commonwealth and Development Office), to help strengthen cyber resilience across the Indo-Pacific. Through the Indo-Pacific Cyber Programme (IPCP), we worked closely with national cyber agencies and critical infrastructure organisations to enhance threat detection, build resilience and forge essential partnerships. 

Our cyber experts played a hands-on role in designing, leading and delivering key projects – ensuring practical, lasting impact where it mattered most.

Building a foundation of trust

When the IPCP launched in 2022, it did so with a commitment to understanding and addressing the unique challenges faced by key stakeholders in the region. As with all FCDO international aid projects, our team was tasked with balancing the objectives of the UK government with the real needs of our beneficiaries – vital cyber defenders and strategic allies in a region grappling with complex, evolving cyber threats.

One of the significant hurdles was building trust among these stakeholders. Many had not previously encountered UK aid in the form of consulting support through hands-on, in-depth assessments, workshops and strategy development. Instead, they were more familiar with off-the-shelf digital solutions or generic PowerPoints. As a result, some stakeholders were initially focused on tactical, short-term outcomes rather than the strategic guidance and capacity building that IPCP sought to provide.

Despite these challenges, we remained committed to the mission. We met stakeholders where they were – spending time face to face delivering the requested tactical solutions while simultaneously uncovering the deeper issues and long-term goals behind those requests. This approach allowed us to establish trust, provide real value, and shift the focus towards a more sustainable and strategic cyber resilience framework – ensuring meaningful and lasting impact for the region.

 

From the tactical to the strategic

When one senior stakeholder expressed interest in a tactical ‘Capture the Flag’ (CTF) event, we recognised an opportunity to go beyond a simple competition. We saw this as a chance to create a deeper, more strategic learning experience so transformed the challenge into a series of week-long training courses, taking participants on a learning journey that explored the evolving cyber threat landscape.

Throughout the training, we introduced activities like threat intelligence report writing, showing how the attacks simulated in CTF challenges might manifest ‘in the wild.’ We also selected key individuals from the beneficiary group to co-deliver alongside our team, giving them the chance to deepen their own knowledge and build teaching skills.

By adapting to the needs of the partner, we not only provided an engaging and fun experience, but also gave them a much deeper understanding of how technical challenges link to real-world cyber-attacks. This approach also helped them look ahead, guiding them on the next steps they should take in strengthening their cyber capabilities.

"We’ve come a long way and delivered some very successful projects that are being recognised at senior levels in the UK Government and our partners."
Client testimonial
International Cyber Capacity Building in the Indo-Pacific impact image

Delivery with impact

Building trust with our partners began with the exceptional delivery of high-quality work that demonstrated our deep expertise in security consulting. We quickly showcased our nuanced understanding of the unique needs and challenges faced by different organisations, tailoring our approach to fit the specific pressures and goals of each stakeholder.

Our delivery went beyond the traditional lecture-style presentations and slide-heavy training courses. Instead, we focused on creating highly interactive and engaging workshops, motivating participants to share their experiences and actively engage in realistic cyber threat scenarios. These sessions encouraged collaboration through team exercises, friendly rivalries in competitive activities, and the use of both fictional and real-world incident simulations.

We frequently facilitated workshops for large and senior audiences, including: 

  • A 'Cyber Advanced Bootcamp' for over 40 managers and regulators
  • A presentation of a new assessment tool to measure the financial impacts of cyber incidents on critical national infrastructure
  • A senior executive workshop on building digital trust
  • Bringing national agencies and critical sectors together to demonstrate the value of collective defence, deepening the UK’s relations in the region and reaffirming the UK’s commitment to acting as a responsible cyber power

Each project included tailored, actionable recommendations and guidance, ensuring that beneficiaries understood what they could realistically do next on their path to enhanced cyber resilience. In many cases, our work paved the way for further IPCP initiatives, opened doors to commercial opportunities, or empowered stakeholders to drive internal changes based on the new knowledge and skills gained.

 

Adding social value

The IPCP team has always been mindful of the broader societal impact of cyber threats, particularly how threat actors victimise individuals to achieve their malicious goals. We recognised that the effects of cyber incidents are often exacerbated by societal factors such as demographics and prejudices. 

So, aligned with the UK government and FCDO's gender equality and social inclusivity priorities, the team developed a training model and working group concept to address the gender equality and social inclusivity (GESI) aspect of cyber security. This module explored how different demographics are targeted and impacted by cyber threats, such as breaches of personal health data or online stalking and harassment.

Delivered seven times across the region, this module was intentionally woven into broader cyber security workshops to reinforce that GESI is not a standalone diversity and inclusion topic, but an essential part of responsible cyber capacity building – protecting the entire population from cyber threats.

The Women in Cyber Fellowship, designed and launched by Digital Intelligence as a core component of IPCP, was also a key initiative with a focus on creating a 'safe space' for female cyber experts. Several female participants, often used to male-dominated environments, shared how the Fellowship network had provided a much-needed support system. One participant light-heartedly remarked that she often felt 'lonely' as a female cyber expert, but through the Fellowship she had found a valuable space for inspiration, encouragement and camaraderie. This network has already benefited delegates in their career paths and will continue to be a resource they can rely on in the years ahead.

"We are really happy with the report, a Green/4 rating is not easy to get, especially in only the first year of full delivery. This is a testament to all the hard work that you and the consortium have put in to the programme."
Client testimonial

Key outcomes

Through the IPCP programme, we managed the delivery of five 'change stories' by the end of 2024, attracting the highest possible score in the FCDO's 2024 annual review. In the words of the FCDO: “It’s a testament to all the hard work that you and the consortium have put into the programme.”

By the end of the programme in March 2026, we had delivered 73 impactful projects across nine countries and a total of 26 change stories, all of which had a direct impact on organisations in the region. These included:

  • Developing security policies and risk management frameworks for national cyber authorities, such as cybersecurity guidance for the Financial Services Authority
  • Helping a national cyber agency gain regional recognition and membership in a globally recognised security forum
  • Delivering immersive Cyber Bootcamp training for critical infrastructure regulators
  • Empowering and raising the profile of female cyber security leaders, such as launching the UK-South East Asia Women in Cyber Fellowship, which built a network of female cyber experts across nine countries
  • Bringing a national cyber agency together with relevant government and critical sector stakeholders to establish a model for a Cyber Crisis Task Force
  • Designing and delivering table top exercises for government authorities and critical infrastructure providers exploring real-world cyber crisis scenarios
  • Designing resources such as fact cards that illustrate key concerns of and solutions for our stakeholders, complete with a scaled scoring system linked back to the IPCP strategy 

The IPCP has proven to be a transformative programme, driving meaningful improvements in cyber resilience across the Indo-Pacific region. Through tailored hands-on training, strategic guidance and a deep understanding of the unique needs of each partner, we have helped strengthen regional capabilities, foster international collaboration and create lasting impacts. 

As the programme continues to evolve, its successes serve as a testament to the power of collaboration, adaptability, and a commitment to building a safer, more secure digital future.

"Huge thank you to you and everyone from across the consortium for all the hard work and excellent results we’ve had from IPCP this year. Looking forward to continuing our success together in the next year." 
Client testimonial

Learn more about cyber capacity building

Subscribe to The Digital Thread to get the latest news and updates straight to your inbox

Contact our experts     Subscribe to The Digital Thread