The APAC Cybersecurity Fund is an initiative by The Asia Foundation, supported by Google.org, Google’s philanthropic arm, designed to build inclusive and sustainable cybersecurity ecosystems across the Asia-Pacific. Through cyber hygiene training, policy research, and stakeholder engagement, the program helps micro and small businesses, nonprofits, and social enterprises strengthen their cyber resilience. It also invests in long-term capacity by establishing more than 20 university-based cyber clinics to expand outreach and develop the region’s cybersecurity workforce. The initiative spans across 13 countries including Australia, Bangladesh, India, Indonesia, Japan, Korea, Malaysia, Pakistan, Philippines, Singapore, Sri Lanka, Thailand, and Vietnam.
Asia and the Pacific has become a cyber crime hot spot, with 1 in 3 cyber attacks happening in the region and 7 in 10 small businesses threatened by a cyber incident in the past year. Despite rising concerns, many small businesses remain unprepared and exposed to risks that threaten their operations and access to finance, as financial institutions increasingly favor partners with strong cyber hygiene.
The APAC Cybersecurity Fund (ACF) program tackles this gap by empowering digitally vulnerable communities with the knowledge and skills needed to protect themselves online. By focusing on practical, locally relevant solutions, ACF helps small businesses and individuals build lasting digital resilience.
We equip MSMEs, the backbone of Asia-Pacific economies, with the tools and knowledge they need to protect themselves from cyber threats and build confidence to grow in the digital space.
A scalable, localized training engine delivered by a robust network of country-level partners, from small business associations to national institutions, reaching 300,000 organizations and 600,000 individuals across 13 countries in the region.
The cyber clinics serve as collaborative hubs housed in academic institutions where student trainers gain hands-on experience to bolster the cyber capabilities of MSMEs and communities and localize cybersecurity solutions with government, industry, and civil society.
The Policy & Research component identifies emerging cyber threats and regulatory shifts, translating applied research into policy dialogues that strengthen regional cybersecurity awareness, collaboration, and resilience.
