Loading...
Loading...
Bespoke cybersecurity training delivered at your offices or virtually. Labs tailored to your sector. HRDC SBL-Khas claim support from day one. Taught by practitioners who work in your industry.
Your team practices on scenarios that reflect your actual environment — Malaysian bank AD topology, AWS VPC with your security group patterns, or OT/IT converged manufacturing floor — not a vendor's generic lab.
Closed cohort means participants can discuss real infrastructure, real incidents, and real weaknesses without concern about who else is in the room. Public intakes cannot offer this.
We fit the curriculum to your release calendar and team bandwidth — not the other way around. We can compress a 5-day course to a 3-day intensive or spread it across two weeks.
At 10+ delegates, in-house per-seat costs fall below equivalent public intake prices — and HRDC SBL-Khas claims apply to the full invoice amount, not just a per-seat rate.
We can run a skills gap assessment before delivery and a competency evaluation after, giving L&D a measurable before/after score for each participant. Useful for BNM or NACSA training records.
For organisations building an internal academy, we can deliver under your brand with your LMS and your documentation templates.
For security teams building an internal red team or penetration testing capability.
For SOC analysts, IR teams, and IT security staff responsible for detection and response.
For compliance officers, internal auditors, and GRC leads at regulated entities.
For cloud architects, DevSecOps engineers, and GRC teams operating in AWS, Azure, or Google Cloud.
RMiT §10.49-aligned labs, BNM incident notification scenarios, AD attacks targeting a fictionalised bank network. ISACA CISA/CISM exam prep for the IS audit team.
NACSA Cyber Security Act 2024 obligations, NCII operator gap workshops, PDPA training for HR and procurement, CompTIA Security+ for IT staff headcount requirements.
PDPA data subject rights in healthcare contexts, medical device security awareness, ransomware response tabletop, ISO 27001 Foundation for clinical IT managers.
OT/IT convergence security awareness, NACSA NCII sectoral controls, Supply chain security workshop, ISO 27001 Lead Implementer for head-office security team.
DevSecOps pipeline integration, cloud security deep-dives (AWS / Azure / GCP), bug bounty methodology for internal security engineers, CCSK for the cloud architecture team.
English and Bahasa Malaysia delivery, compliance mapping to parent-company frameworks (NIST CSF, ISO 27001, SOC 2), co-delivery with regional L&D teams.
30-minute call to understand your team size, current certifications, sector, regulatory obligations, and training timeline.
Within 3 working days we deliver a written curriculum proposal: objectives, modules, labs, duration, price, and HRDC documentation pack outline.
We configure the cyber range (or use your live sandbox) to reflect your sector: financial network topology, cloud environment, OT DMZ, or generic enterprise estate.
On your premises, at a KL city-centre venue we provide, or fully virtual. Standard cohort: 1-3 days. Full tracks: 5-10 days spread over 2 weeks.
Competency assessment results, participant completion certificates, HRDC claim documentation pack, and a gap-analysis summary for each participant.
Five participants. Below that threshold the economics of custom lab configuration and dedicated trainer travel do not pencil out, and we recommend joining a public intake instead. For cohorts of 10 or more we offer a 15% group rate, and for 20+ we structure a two-parallel-cohort delivery to keep lab-to-participant ratios productive.
Yes. Several of our trainers are bilingual (English and Bahasa Malaysia) and we can deliver course content, labs, and assessments in either language or a mixed-language format. For government clients requiring full BM delivery, confirm at scoping and we will assign the appropriate trainer. All official PECB courseware is in English; we provide a BM companion guide for Foundation-level courses.
We maintain scenario packs for the four most common Malaysian sectors: BFSI (Windows AD + core banking DMZ), government (Windows and Linux estate with Malaysian e-government app patterns), manufacturing (IT/OT converged flat network with HMI targets), and cloud-native (AWS or Azure VPC with intentionally misconfigured cloud services). We configure the correct scenario pack before delivery and can incorporate assets from your own sandbox or test environment if you provide access.
nCrypt is a registered HRD Corp training provider. For in-house engagements we issue an HRD Corp-formatted quotation with the correct scheme code (SBL-Khas), course code, and training provider reference. Your HR or L&D admin submits the grant application through the Employer e-TRiS portal at least 5 working days before training. After training, we provide attendance sheets and certificates of completion for the reimbursement claim. We have guided dozens of Malaysian HR teams through this process.
Yes — we have delivered in-house programmes in Penang, Johor Bahru, Kota Kinabalu, Kuching, and across the Klang Valley. Travel and accommodation costs for out-of-KL delivery are invoiced separately at cost. Virtual VILT delivery eliminates logistics entirely and is suitable for distributed teams.
Yes. We offer a white-label programme for organisations running an internal cybersecurity academy. We provide the curriculum, labs, and trainer; your organisation runs it under your brand with your content management system. We can also certify 2-3 of your internal trainers to deliver foundational modules independently after completing our train-the-trainer programme.
Tell us your sector, team size, and training goals. We will respond within one working day with a curriculum proposal and indicative pricing.
We will respond within 1 working day with a curriculum proposal and HRDC-formatted quotation.