Lumina Cyber · Kuala Lumpur
Careful Work at the Intersection
of AI and Cybersecurity Operations
We are an advisory practice, not a software vendor. Our work is reading, writing, advising — and helping SOC teams stay in charge of every decision.
Back to HomeOur Story
Where Lumina Cyber Began
Lumina Cyber was established in Kuala Lumpur by a small group of security operations practitioners who had spent years inside SOC environments — reading alert queues, writing incident memos, and briefing CISOs. The founding question was a practical one: where, precisely, could an AI reading assist reduce cognitive load without touching any part of the containment and response chain?
The answer, worked out carefully across a number of pilot conversations with SOC managers in Malaysia's financial and infrastructure sectors, was a narrower space than most AI vendors suggested. Reading ticket histories, drafting first-pass summaries, surfacing possible cross-references — these tasks could be assisted. Deciding what constitutes a confirmed incident, choosing a containment action, or communicating with an affected system — those remain with analysts, always.
That boundary is not a limitation we apologise for. It is the core of what we offer. Malaysia's regulatory environment — BNM-RMiT, NACSA advisories, PDPA — is explicit that human oversight of technology risk controls must be real, documented, and auditable. Our engagements are designed to satisfy that requirement, not to work around it.
Since our founding, we have worked with SOC teams across financial services, telecommunications, and critical infrastructure in the Klang Valley and beyond. Each engagement has produced a written brief that the client can use in their own compliance conversations — with their DPO, their CISO, or their board risk committee.
2021
Founded in Kuala Lumpur by former SOC practitioners
40+
SOC workflow engagements completed across Malaysia
3
Core service tiers, each scoped to a clear advisory boundary
100%
Analyst sign-off required before any AI draft reaches a stakeholder
Our Mission
"To help Security Operations teams in Malaysia use AI as a careful reading and drafting companion — never as a substitute for the analyst's judgment."
Every engagement we design begins from this position. We are not in the business of replacing SOC analysts, reducing headcount, or automating incident response. We are in the business of reducing the reading burden on analysts so their attention is available for the decisions that genuinely require it.
The Team
People Who Know the Reading Desk
Zulaikha Amin
Principal Advisor
Twelve years in SOC operations across Malaysian financial institutions. Led BNM-RMiT compliance reviews for two Tier-1 banks before founding Lumina Cyber.
Ravindran Nair
Senior SOC Advisor
Former senior analyst at a telecommunications SOC with experience in SIEM tuning and incident memo standards. Leads analyst training in our Drafting Pilot engagements.
Lim Wei Shan
Regulatory Alignment Lead
Specialist in PDPA documentation and BNM-RMiT technology risk frameworks. Prepares the written compliance briefs and board-level summaries for each engagement.
Our Standards
How We Maintain the Boundary
BNM-RMiT Alignment
All engagements are scoped to satisfy BNM's Risk Management in Technology requirements. We provide documentation of scope and controls for your compliance review.
Read-Only Access Policy
AI integrations we recommend operate with read-only permissions to SIEM and ticketing systems. This is a written requirement in every usage policy we produce.
PDPA Data Minimisation
We advise on data minimisation within AI inputs at every stage. AI prompts are reviewed to ensure only operationally necessary data is included.
Structured Analyst Training
Each pilot includes structured training sessions so analysts understand what the AI assist can and cannot do — and feel confident challenging its outputs.
Written Engagement Briefs
Every engagement concludes with a written brief that is usable in audit conversations. We write for the DPO, the CISO, and where needed, the board risk committee.
Quarterly Output Auditing
In our Stewardship tier, we sample and audit AI outputs each quarter to confirm the assist is operating within the agreed boundaries and has not drifted.
Our Position
Advisory Work in a Regulated Context
Security Operations Centres in Malaysia operate within one of the more demanding regulatory contexts in Southeast Asia. BNM-RMiT sets out specific expectations for technology risk management in financial institutions. NACSA advisories shape practice in critical infrastructure. PDPA governs the handling of personal data that frequently appears in incident tickets and stakeholder communications. Lumina Cyber's advisory work is designed with all three in mind.
Where we find value in AI reading assists, it is in the reduction of time spent assembling ticket histories and composing first-draft stakeholder updates — work that is time-consuming during incident periods but does not require the judgment and contextual authority that analysts bring to containment decisions. An AI assist that reads a twelve-ticket incident thread and produces a structured draft for the analyst to review and adjust is a different kind of tool from an AI system that recommends isolation actions.
Our approach to SIEM and ticketing integration is deliberately conservative. Read-only access, written usage policies, clear documentation of what the AI is and is not permitted to surface — these are the foundations of an AI integration that holds up in an audit conversation. We work from that foundation, not toward it.
SOC teams considering this kind of integration for the first time will find our SOC Workflow Reading Review a useful starting point. It is a short engagement that produces a written opinion on where AI summarisation is likely to help — and, as importantly, where it is not yet the right tool for your particular context. That opinion is worth having before committing to a pilot.
Work with Us
Speak with Our Advisory Team
Whether you're at the early thinking stage or ready to scope a pilot, a conversation costs nothing. We'd be glad to hear about your SOC environment first.
Get in Touch