Strengthening Cybersecurity Collaboration: Key Insights from APNIC 60

Cybersecurity experts, researchers, and network operators from across the Asia-Pacific region recently convened at the highly anticipated APNIC 60 conference. Hosted in collaboration with FIRST and APNIC, the two dedicated sessions focused on fostering regional cooperation and addressing critical threats. The event, held on 10 September 2025, featured renowned speakers and highlighted actionable strategies for tackling emerging vulnerabilities, lateral movement risks, and capacity building in the cybersecurity domain.

Collaborative Responses to Emerging Threats

One of the standout presentations was delivered by Piotr Kijewski of The Shadowserver Foundation. With over 25 years of experience in operational security, Piotr provided vital insights into Shadowserver’s collaborative approach to combating global cyber threats. A key focus was the organization’s sinkholing initiatives, which have successfully redirected malicious traffic and contributed to the shutdown of more than 400 malware families. During the talk, Piotr emphasized the importance of “responsible data sharing,” tailoring data feeds specifically for network operators, law enforcement agencies, and security researchers.

Shadowserver’s proactive detection capabilities were also showcased through examples of high-profile vulnerabilities, such as the Cisco IOS XE ‘BadCandy’ infection and the Palo Alto PAN-OS attacks, which significantly affected networks worldwide. Their rapid response, including adaptive scans and malware detection, has proven instrumental in reducing infection rates. Piotr’s “leave nothing but footprints” philosophy ensures their scans are unobtrusive while still identifying critical vulnerabilities, offering invaluable support to over 9,000 organizations globally.

Addressing Lateral Movement and Internal Network Security

Another crucial session was conducted by A.S.M. Shamim Reza, a South Asian Community Trainer, who explored the significant risks posed by lateral movement within internal networks. Shamim highlighted the vulnerabilities introduced by weak segmentation in network architectures, such as over-reliance on VLANs and inadequate internal security measures. According to Shamim, critical network hygiene practices like Resource Public Key Infrastructure (RPKI) and the MANRS program are often overlooked within internal networks, leaving systems vulnerable.

Real-world case studies demonstrated the dangers of flat network structures, where attackers exploited vulnerabilities to move freely between office and production environments. Shamim reinforced the importance of intrusion detection systems, robust password hygiene, and proactive risk mapping. His thought-provoking statement, “If your network is flat, your security is fantasy,” encapsulated the vital need for actionable and layered cybersecurity measures to safeguard infrastructure against modern threat actors.

Building Resilience Through the Train-the-Trainer Model

Keisuke Kamata from Armoris Inc. brought valuable expertise to the session by sharing details about the Japan International Cooperation Agency’s (JICA) innovative train-the-trainer model. This initiative aims to empower South East Asian cybersecurity professionals through hands-on exercises and virtual labs. The program emphasizes local capacity building by equipping participants with the skills needed to design and execute their own cybersecurity defense scenarios.

Participants undergo rigorous pre-training on Linux and networking concepts before engaging in intensive eight-day sessions that simulate real-world attack and defense scenarios. The hybrid approach not only hones technical skills but also prepares engineers to address the business and regulatory implications of cyber incidents. Kamata’s examples of SQL injection risks and resulting business impacts underscored the interconnected nature of technical and organizational cybersecurity challenges, with the program enabling greater self-sufficiency in threat detection and response.

The APNIC 60 conference served as a vital platform for sharing knowledge, advancing threat detection techniques, and promoting collaborative strategies across the Asia-Pacific cybersecurity community. For those seeking more information, the full presentations and resources can be accessed on the official APNIC 60 conference website.