As 2025 comes to a close, we see how cybersecurity has now become a boardroom conversation, a regulatory concern, a business differentiator, and increasingly, a shared responsibility across all industries.
At Cisometric, 2025 wasn’t just about responding to cyber incidents or tracking threats. It was about building understanding, strengthening capability, and growing together with the ecosystem, from business leaders and policymakers to the new generation of talents preparing to enter the cyber workforce.
So, in the spirit of a year-end wrap-up, here’s a look back at what 2025 looked like for us, the conversations we sparked, the communities we engaged, and the lessons that stayed with us.
A Year of Conversations Through #CyberTalks
With #CyberTalks, we turned regulation and strategy into in-depth discussions.
Data protection and privacy continued to dominate cybersecurity conversations in Indonesia this year, especially with the increasing enforcement expectations around the Personal Data Protection Law (UU PDP).
In response, Cisometric organizedtwo CyberTalks sessions in 2025 with our partners, designed not just to explain regulations, but to unpack what they actually mean in practice.
#CyberTalks – Managing Data Privacy: Principles and Practice – May 2025
This session brought together legal and cybersecurity perspectives, featuring:
Nicolas Glenn from ALTA Advocates
Ilafi Firsta Putri from Cisometric
The discussion centered on bridging theory and execution of how privacy principles translate into real governance, risk management, and operational controls inside organizations.
Learning Together Through Cybersecurity Webinar Series
Together with Biznet Gio Cloud, we organized a Cybersecurity Webinar Series, running from October through December 2025. Across six webinar sessions, we covered a wide range of foundational and advanced cybersecurity topics, from phishing awareness and ransomware to red teaming, packet capture, and secure code evaluation.
These sessions weren’t designed only for seasoned professionals. They were intentionally inclusive, welcoming:
early-career practitioners
IT and security teams from various industries
individuals looking to build stronger cyber hygiene in their organizations
The consistent turnout reaffirmed something we strongly believe in, that cybersecurity education works best when it’s practical, accessible, and continuous.
Looking Back at How We Shared and Contributed to the Cybersecurity Ecosystem.
IndoSec 2025
In October, Cisometric took part in IndoSec 2025, held on 13–14 October 2025 at The Ritz-Carlton Jakarta.
Beyond being part of the exhibition, our CEO Hana Abriyansyah also joined a panel discussion titled: Cybersecurity 2.0: The Road Ahead in AI, Automation, and Evolving Threat Models.
The panel explored a critical tension that defined much of 2025, discussing how AI is accelerating security capabilities, but it is also expanding the attack surface.
This mirrors broader global discussions, where AI-driven attacks, deepfake social engineering, and automated exploitation are becoming increasingly common (ENISA, 2024; World Economic Forum, 2025).
Later in the same month, Cisometric also participated in National Cybersecurity Connect 2025, held on 29–30 October 2025 at Hotel Bidakara, Jakarta, in collaboration with PTPERKOM.
At this event:
Cisometric joined as part of the exhibition
Our CEO participated in Panel 5: Cybersecurity in the Age of AI and Automation
OurHead of Tech Security also took the Cyber Stage with a session titled: Trust, Truth, Threats: Navigating AI Risks in the Digital Era.
A recurring theme across discussions revolved around how technology alone cannot solve trust problems. Governance, ethics, and human judgment remain essential.
Cisometric Academy in 2025: Shaping the Next Generation of Cyber Experts
One of the most rewarding things we saw in 2025 was how learning at the academy started to come full circle.
Cisometric Academy continued to grow this year, not just in size, but in clarity of purpose.
The academy was designed as a long-term learning pipeline, where students don’t just gain skills, but gradually grow into practitioners, collaborators, and eventually, contributors to the cybersecurity ecosystem itself.
In 2025, that vision started to take form more clearly. Cisometric Academy Batch 2 and Batch 3 ran with a focus on two core tracks:
Offensive Security
Information Systems (IS) Audit
Across both batches:
63 students participated in the program
8 total projects were completed
4 students continued into internship roles at Cisometric
But one of the clearest signs of growth this year was seeing how learning began to come in full circle:
In Batch 1, they were students
In Batch 2, alumni stepped up as assistants
and in Batch 3, assistants returned as instructors
For example, one of our students transitioned directly into a full-time role after graduating. Another joined as an intern, then continued as a full-time team member. This progression matters, as it creates:
Stronger emotional connection between instructors and students
Tangible proof that the academy leads to real opportunities
A learning environment that feels collaborative, not hierarchical
What mattered was continuity. The academy was no longer just a place to enter, but a place to return to, contribute to, and grow within. This dynamic created a learning environment that felt more open and engaging. Students were more willing to ask questions, test ideas, and learn from mistakes, because the people guiding them had once been in the same position.
For us, this became one of the strongest validations of Cisometric Academy’s approach.
Turning Learning into Real-World Capability Through Cisometric Academy
As Cisometric Academy matured, learning became less about memorizing theories and more about preparing students for the kind of security work they would actually face.
1. Offensive Security: Learning Through Structured Practice
In the Offensive Security program, hands-on learning has always been central. But starting from Batch 2 this year, that hands-on approach became more structured with the introduction of CisoLabs.
Through this platform, student work could be tracked consistently over time. Progress was visible, performance could be reviewed, and students gained a clearer sense of how they were developing relative to expectations. This helped them build discipline, manage priorities, and understand that cybersecurity work often requires persistence as much as technical skill.
That structure led naturally into the capstone project. Students were required to conduct penetration testing on a minimum of five IPs provided by instructors. Under guidance, they went through the full assessment flow, from reconnaissance and testing to analysis and reporting. The emphasis was on understanding what real assessments feel like, how findings are documented, and how technical decisions must be explained clearly.
2. IS Audit: Learning to Think Beyond Tools
For the IS Audit program, the learning focus was different, but equally deliberate.
Here, the capstone project emphasized how security is evaluated, justified, and communicated in an audit context. Students were trained to think beyond tools and controls, and instead focus on:
How risks are identified and reasoned
How evidence is gathered and structured
How audit findings are communicated to stakeholders
This helped reinforce an important perspective that cybersecurity is not only about identifying weaknesses, but about translating technical realities into insights that organizations can act on as well.
Across both programs, teaching methods and assessment criteria were continuously refined throughout the year.
These updates were driven by changes in the threat environment, industry expectations, and feedback from previous batches, ensuring the academy remains relevant as cybersecurity itself continues to evolve.
By the end of 2025, four students had continued into internship roles at Cisometric, carrying forward not just technical skills, but an understanding of how cybersecurity work fits into real organizational contexts.
What’s Next for Us
Looking back, 2025 reminded us of a few important truths:
Cybersecurity maturity is built through consistency
Education and exposure matter as much as technology
AI is reshaping security, but governance and human insight remain critical
As we prepare to enter 2026, Cisometric remains committed to:
Strengthening cybersecurity awareness across industries
Supporting the next generation of cyber professionals for Indonesia’s future
Helping organizations navigate security, privacy, and AI risks with clarity and confidence
To everyone who joined our events, webinars, classrooms, panels, and conversations this year, thank you for being part of the journey.
Here’s to another year of learning, resilience, and building a safer digital future together. Through collaboration, education, and real-world impact, we remain committed to securing tomorrow, starting with what we do today.
As we move into 2026, there’s more to explore, discuss, and build together. Follow our social media for updates, insights, and perspectives on how organizations can stay resilient in the year ahead:
DeepSeek AI is a game changer for AI chatbots. Within weeks of launching, it became the most-downloaded free app on Apple’s App Store, dethroning ChatGPT. Tech analysts marveled at its ability to perform at the same level as some of the biggest AI models on the market
How Supply-Chain Cyber Attacks Can Take Down Your Business
Supply-chain attacks come in multiple forms, all designed to exploit trust between businesses and their third-party vendors. Here are some case examples with different approaches:
What Makes a Security Operations Center (SOC) Truly Effective?
he best SOCs detect threats in real-time, not hours later. That’s why Artificial Intelligence (AI) and Machine Learning (ML) are now truly necessary. AI can analyze billions of data points instantly, identify hidden anomalies that manual methods
Cybersecurity incidents often bring to mind images of hackers exploiting complex technical technological vulnerabilities. But in reality, many successful cyber attacks don’t happen because of weak systems, they happen because of human errors.
“Many businesses still think cybersecurity is a ‘later’ problem. But when an attack happens, it’s already too late. Cyber threats don’t just steal data, they burn through money.”
Welcome to cisometric.com! In order to provide a more relevant experience for you, we use cookies to enable some website functionality. Cookies help us see which articles most interest you; allow you to easily share articles on social media; permit us to deliver content, jobs and ads tailored to your interests and locations; and provide many other site benefits. For more information, please review our
Privacy Notice.
