Privacy Ninja



        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Compliance in the ASEAN context: the cost, challenges, and solutions

As a united front, ASEAN member countries must discuss cross-border compliance issues

Compliance in the ASEAN context: the cost, challenges, and solutions

Every organisation found in ASEAN member countries existing today needs compliance with the data protection policies laid out to protect the personal data of everyone. With the fast-paced digitalisation move covering enterprises and consumers, such compliance could be a challenge since not all companies, big or small, have an equal footing in terms of finances and other factors to provide solutions to every identifiable challenge.

With the looming threat to cybersecurity and the increasing number of incidents involving organisations being prey, is your organisation ready to face the challenges of compliance? This was tackled by Privacy Ninja’s very own Master DPO, Sanjeev Gathani, when he spoke at the Risk Beyond 2022 conference in Bali, Indonesia.

Compliance in the ASEAN context
Compliance in the ASEAN context was discussed in the recent Risk Beyond 2022 conference held in Bali, Indonesia

5 Challenges of today towards compliance

Sanveej shared that organisations today face 5 challenges that hinder them towards compliance in the ASEAN context:

1. Uncertainty in the marketplace

The market is volatile, and with the pandemic hurting the operations of every organisation, the stability of the market is far more shaky than stable. With this, compliance requires funds. It is an extra burden for organisations that some opt not to do anymore. 

2. Talent crunch for cybersecurity professionals

For better cybersecurity, hiring cybersecurity professionals as part of your team is good practice. This is because, in case of a breach, your organisation and employees will be able to respond to mitigate the damage quickly. 

However, there are few cybersecurity professionals in the market upon demand. You need to nurture one which drives up the cost of its training and monthly wage. (To this end, outsourcing the requirements to a trusted partner is a plus!) Aside from this, there’s also the risk of the employee leaving the company to find a much more competitive salary. 

3. Technological advancement (use of Artificial Intelligence)

While it is true that there are tools that organisations can use to strengthen compliance with data protection policies, such as Artificial Intelligence, the fact remains that not all companies have access to it.  

4. Privacy and security in the new world

The pandemic forced every organisation to arrange the employees’ work hours in the comfort of their homes. These employees no longer needed to commute to their workplaces and sit at their work desks, but they could continue working remotely. 

However, this move brought problems to the organisation’s privacy and security, either through human-related errors or a lack of safeguards to provide safe access to the company’s cloud, servers, and system. With this, compliance in the ASEAN context became challenging as the new world is still being navigated for the protection of everyone. There are still a lot of uncertainties that need to be acknowledged by the governing body of data protection and the organisation itself. 

5. Significant rising in compliance costs

The rising compliance cost is the biggest roadblock to every organisation, especially for Small to Medium Enterprises. According to Sanjeev, the threat of cyberattacks and the introduction of privacy laws across different jurisdictions alone also adds to the cost of compliance. 

With this, not all organisations can keep up with the demands of compliance and risk their cybersecurity by being vulnerable to bad actors who are lurking and searching for their next victim. Hence, Sanjeev laid down five actions to reduce such compliance costs.

Compliance in the ASEAN context
Privacy Ninja’s Master DPO, Sanjeev Gathani (second from left), spoke about compliance in the ASEAN context during the Risk Beyond 2022 conference in Bali, Indonesia

5 actions to reduce compliance costs

According to Sanjeev, the following are the ways or actions to reduce the compliance costs that organisations are facing right now:

  • Hiring compliance ambassadors
  • Quantifying compliance risks
  • Conducting self-control testing
  • Implementing smart controls and procedures
  • Conducting cost reduction plans as compliance obligations

Organisations must remember the cost of non-compliance versus that of compliance and make a decision. It is about doing the right thing when no one is watching and ensuring that all understand that compliance is everyone’s problem and not just that of the compliance department.

While the cost of compliance is fleeting, every organisation should remember that in case of a breach, it is not just the financial penalty that the organisation must face. It also includes the organisation’s besmirched reputation and the customers’ lost trust in giving their valuable personal data. 


Compliance is needed for every organisation, big or small. Aside from the fact that it is mandatory, it would cost the organisation more if it ops not to comply. This is because when there is a successful breach, the organisation could halt business operations, lose potential clients who only surrender their personal data to trusted ones, and the organisation could pay as much as S$1,000,000 as a financial penalty. 

Hiring a DPO is mandatory and must be complied with by all organisations. In a decided case of the Personal Data Protection Commission of Singapore, it held that failure to appoint one is a breach of Singapore’s Personal Data Protection Act which could lead to a hefty financial penalty. 

While it is true that it is a challenge to hire your own DPO, there are outsourced DPOs in the market, like Privacy Ninja, that you can hire at a reasonable price. With this, you no longer have to worry about the staggering cost of this requirement compliance as outsourcing one is already available for you to have.

Don’t wait any longer to ensure your organisation is PDPA compliant. Take our free 3-minute self-audit checklist now, the same “secret weapon” used by our clients to keep them on track. Upon completion, we will send you the results so you can take the necessary action to protect your customers’ data. Complete the free assessment checklist today and take the first step towards protecting your customers’ personal data.



Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection


We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.


Click one of our contacts below to chat on WhatsApp

× Chat with us