Cybersecurity advisory ยท Malaysia & ASEAN ยท Boutique

Ace your Security.

True north for your cybersecurity โ€” expert cybersecurity leadership for SMEs across Malaysia and ASEAN that need deep capability without a full-time hire.

Book a 30-min call See our services
Hyperscaler-grade thinking.   SME-fit pricing.
GRC
SOC Operations
Cloud Security
Vendor Risk
Crisis Response
Penetration Testing
IAM / PAM
Regulatory Compliance
The A.C.E. Methodology
Assess. Control. Evolve.
Our Expertise

Expert-grade cybersecurity capability, scaled to SMEs.

We bring decades of enterprise-tier security experience โ€” across hyperscale datacentre, regulated banking, and Fortune 500 manufacturing โ€” and apply it to the realities of SMEs across Malaysia and ASEAN. No vendor agendas. No bait-and-switch. No oversized scopes.

GR
Security Strategy & GRCRoadmaps, policy frameworks, board reporting, risk acceptance governance.
SOC
SOC & Incident ResponseSIEM design, threat monitoring, IR planning, post-incident review.
CL
Cloud & Infrastructure SecurityAWS, Azure, GCP architecture review; Zscaler, identity, network controls.
RC
Regulatory ComplianceBNM RMiT, MAS-TRM, PDPA (MY/SG/TH), PCI-DSS, ISO 27001, NIST CSF.
OT
OT & ICS SecurityIEC 62443-aligned assessment, OT/IT segmentation, ICS architecture.
CR
Crisis & ContinuityTabletop exercises, BCP/DR planning, board-level crisis simulation.
More about us โ†’
25+
years in enterprise cybersecurity leadership
8
industry-recognised cybersecurity certifications
9
service lines across the security lifecycle
100%
independent โ€” no vendor reseller conflicts
Our Services

Nine ways we help SMEs sleep at night.

From fractional security leadership to compliance readiness, offensive testing, and OT advisory โ€” every engagement is fixed-fee, expert-led, and right-sized for your business.

vC

vCISO

Fractional CISO leadership for SMEs that need security oversight without a full-time hire.

From RM5,000 / month
Learn more
RA

Cyber Risk Assessment

Independent point-in-time evaluation against ISO 27001, NIST CSF, or PDPA โ€” with a 12-month remediation roadmap.

From RM12,000 / engagement
Learn more
CC

Compliance & Certification Readiness

Get audit-ready for ISO 27001, SOC 2, or PCI-DSS โ€” gap analysis, remediation, and guidance through the certification audit.

From RM20,000 / engagement
Learn more
VR

Third-Party & Vendor Risk

Assess the security of your suppliers and outsourcing partners โ€” questionnaires, risk scoring, and an ongoing vendor risk register.

From RM10,000 / engagement
Learn more
CMS

Crisis Management Simulation

Board and C-suite tabletop exercises that test executive decision-making, governance, and crisis communications under pressure.

From RM8,000 (half-day)
Learn more
ITT

IT Tabletop Exercises

Multi-team operational tabletops for IT, SOC, and IR teams. Multiple technical scenarios, playbook validation, runbook gap analysis.

From RM6,000 (half-day)
Learn more
PT

Penetration Testing

Targeted offensive testing of applications, networks, and cloud environments by certified engineers.

From RM15,000 / engagement
Learn more
DF

DFIR Retainer

Pre-paid digital forensics & incident response capacity with SLA-backed response times. Use hours proactively or hold them in reserve.

From RM3,000 / month
Learn more
OT

OT Security Advisory

IEC 62443-aligned OT security assessments, IT/OT segmentation reviews, and ICS/SCADA architecture for manufacturing and infrastructure.

From RM18,000 / engagement
Learn more
Explore all services
Built on Recognised Frameworks

Our work aligns to the standards your auditors, insurers, and customers expect.

Click any framework above to see what it is, who it applies to, and how Ace Direction works with it.

Not sure where to start? Most of our clients weren't either.

Book a free 30-minute discovery call. No pitch, no obligation. We'll tell you whether we can help โ€” and if we can't, we'll tell you who can.

Book a discovery call