Security is not a product you buy. It is an outcome you earn.
Your adversaries are not waiting. Neither should you.
TALK TO THEOSThe APAC Cybersecurity Firm Built for This Region.
ABOUT US
Who we are
Theos Cyber was built specifically for the APAC security landscape. Our practitioners work inside the regulatory frameworks governing financial institutions, critical infrastructure operators, and large enterprise groups across the region. Our service lines cover the full security lifecycle: detection and response, offensive security, and incident response.
We operate three integrated practices: Cyber Defence, Cyber Offense, and Cyber Response. Specialists in each practice, doing the work that practice demands. Each feeds intelligence into the others. The result is a security programme that improves with every engagement.
OUR APPROACH
How we operate.
Intelligence-led
Findings from each engagement feed into the next. Every cycle builds on what came before.
Practitioner-led
Defence practitioners do defence. Offense specialists do offense. Response practitioners do response. Clients work with experts in their domain.
Outcome- accountable
Every engagement is built around a specific security outcome. We measure whether we achieved it. Commitments are tracked from onboarding through the life of the engagement.
APAC-native
Built here. Operating here. Our practitioners understand the regulatory frameworks, the threat actors, and the breach patterns specific to this region. That knowledge shapes every engagement.
OUR MARKETS
Regulatory environments
Regulatory environments
we operate in.
Singapore
MAS TRM compliance, CSRO certification. Working with financial institutions, technology operators, and regulated enterprises where security governance is tied to board-level accountability.
Hong Kong
HKMA iCAST, HKMA C-RAF, and GL20 alignment. Working with authorised institutions and regulated enterprises where security decisions extend beyond compliance into cross-border data sensitivity.
Malaysia
BNM RMiT and Cyber Security Act 2024 alignment. NACSA certification. Working with financial institutions and regulated enterprises across a rapidly maturing regulatory environment.
Philippines
DICT certification. Working with BSP-regulated financial institutions, digital banks, and enterprise operators. Security programmes built for the compliance obligations and threat environment of one of APAC’s most active digital economies.
CERTIFICATIONS AND ACCREDITATIONS
Our certifications.
CREST
CREST-certified cybersecurity firm. The globally
recognised standard for technical security services.
CSRO — Singapore
Cyber Security Agency of Singapore registered organisation credential.
NACSA — Malaysia
National Cyber Security Agency of Malaysia
certification for cybersecurity service providers.
DICT — Philippines
Department of Information and Communications Technology certification for cybersecurity service providers in the Philippines.
AWARDS AND RECOGNITION
Awards
CrowdStrike Growth MSSP of the Year 2025, APJ
Frost and Sullivan Entrepreneurial Company of the Year 2023
Independent recognition from two of the industry’s most respected authorities. These awards reflect THEOS’s operational standard and commercial trajectory across the APAC region.
5,000+
Incidents Managed
200+
Penetration Tests Delivered Per Year
8.9
Client Satisfaction Score
15 Minutes
Critical Alert Acknowledgement
THE TEAM
How we operate.
Paul has spent his career investigating and responding to complex cyber incidents across APAC, working at the intersection of financial services, corporate intelligence, and law enforcement. That experience shapes how Theos is built and how it operates.
Alex Hudelot
Founder, Chief Operating Officer, Head of Client Solutions
Alex has worked as a CISO and strategic security architect across financial services and government, building security
programmes from the inside. He brings that perspective to every client engagement.
Bill Anderson
Director, Business Development
Bill has spent his career building security partnerships across APAC’s financial services and enterprise markets, working with institutions that treat security as a board-level obligation.
Sreeman Shanker
Director, Cyber DefenceDirector, Cyber Defence
Sreeman has built and led detection and response operations across financial services, with direct experience in threat response, security assurance, and investigations. His team runs 24/7.
Jayson Vallente
Director, Cyber Offense
Jayson has led offensive security programmes at scale and helped build the Philippine security community through RootCon. His team finds what adversaries would find, before they do.
Nathan Reid
Director, Cyber Response
Nathan has spent his career in digital forensics and incident response, working across defence, law enforcement, and enterprise environments. When something goes wrong, his team responds.
ABOUT SUB-PAGES
More about THEOS Cyber.
Accreditation
The certifications that confirm THEOS operates to the standard regulated enterprises require. CREST, CSRO, NACSA, DICT.
Careers
We are always looking for practitioners who operate at the level THEOS requires. If that is you, we want to hear from you.
Our Story
How Theos was built, why it was built for APAC, and what it believes about security.
GET PROTECTED TODAY
