Ko Zheng Teng, Assistant Director, Attack Simulation Group, Cyber Security Agency of Singapore

Meet the young public sector officials in the inaugural Young & Official Report 2026.

Ko Zheng Teng, Assistant Director in Cyber Security Agency of Singapore’s Attack Simulation Group. Image: CSA

1) What does public service mean to you? Can you share more about your role in the public sector?


To me, public service means solving problems that make a difference and improve people's lives.


There is something grounding about knowing that the work you do contributes to something larger than yourself.


I am an Assistant Director at the Cyber Security Agency of Singapore (CSA), in a team called the Attack Simulation Group.


In short, we conduct simulated attacks on critical systems, such as power and water systems, to surface and close vulnerabilities, making it considerably more difficult for real threat actors to cause harm.


A typical day involves researching the latest attack techniques used by real-world threat actors, figuring out how a real adversary might think, and then putting that to the test in a controlled way.

2) Tell us about a project you championed. What impact did it have on the community?


One project I am really proud of is championing the concept of “Purple Teaming”. If “Red Teaming” is about attacking and “Blue Teaming” is about defending, “Purple Teaming” is what happens when both sides actually talk to each other and collaborate. It sounds obvious, but it represents a mindset shift.


This was put to the test in Operation CYBER GUARDIAN, Singapore's largest coordinated cyber incident response effort undertaken to date.


When UNC3886, an advanced threat actor, was discovered to have launched a deliberate, targeted campaign against Singapore’s telecommunications sector, I was part of the Purple Team’s effort, simulating the attacker's tactics, validating defences, and helping defenders identify and close gaps in real time.


Beyond operations, my team runs Purple Teaming workshops at the Operational Technology Cybersecurity Expert Panel Forum annually and more recently brought this to Division Zero, Singapore's volunteer-driven cybersecurity community.

3) As a young professional, how has your unique background or perspective allowed you to identify a solution that others in your organisation might have overlooked?


While I am one of the older members of my team, I am still at quite an early stage in my cybersecurity journey.


I came in as a mid-careerist, having spent years as an engineer working on Operational Technology (OT), the systems running our critical physical infrastructure such as power grids and water treatment plants.


My background gave me a deep understanding of how these systems work and the unique threats they face.  It also meant I could speak the same “language” as Critical Information Infrastructure (CII) owners.


I understood their concerns about disruption during security testing and could work with them on the guardrails to mitigate those risks. That gave me the confidence to conduct my security testing work on CII systems safely.

4) What is your personal strategy for maintaining your creative energy when faced with bureaucracy?


In attack simulation, the real work begins with reconnaissance, understanding the environment before you ever make a move.


I take the same approach in my work. For example, when faced with bureaucratic processes, I used to map out what was actually required and consult those with more experience who already knew the terrain.


Now, I lean on artificial intelligence (AI) to help draft the necessary documents and work through requirements. What once took hours now takes minutes.


This frees up energy for work that demands deep thinking.  After all, in both attack simulation and in a bureaucracy, the goal is to understand it well enough to move through it with precision.

5) If you had just one area to invest in to accelerate transformation in the public sector (regulation, technology, talent, etc.), which one would you choose and why?


Talent. Because in the age of AI, it is going to get harder to find and develop good people.


There is a real risk that AI makes it too easy to skip the fundamentals.


In web penetration testing, for instance, AI can already explore a site, run tests, and surface issues, but it also gets things wrong or gets stuck.


That is where the expert comes in, someone who understands what is happening under the hood, can steer AI in the right direction, and knows when to trust the output. We need people who can use, evaluate, and wield these new AI tools effectively. AI can accelerate transformation, but it cannot drive it.

6) What is your greatest ambition as you grow in your public service career?


My greatest ambition is to help build systems and the people behind them that do not just prevent cyber incidents, but also recover more strongly from them.


In cybersecurity, the goal was never to prevent all incidents, as threats evolve too quickly for that to be realistic. It is more important that we have the capacity to absorb an impact, extract lessons from it, and emerge more robust than before.


As I grow in my career, I hope to contribute to a public sector that treats every incident not as a failure, but as intelligence, moving towards continuous learning and genuine resilience.

7) What is a “universal value” that connects everyone in your department – from interns to directors – and how do you use that to drive collaboration?


In my department within the Cybersecurity Engineering Centre (CSEC), we embody Deep Tech as both a mindset and a culture.


We aim to learn technology from first principles, so that we can design solutions that address real problems across all areas of cyber, from authentication to scams.


We dedicate time each week for individuals to research the latest developments, build quick proofs of concept, and share what they have learned. That culture of curiosity is what keeps the team sharp.

8) What is the best piece of advice you’ve got for the next generation of public servants?


Think big, start small, act fast. It has become something of a mantra for public sector innovation. But I would add one more: learn deeply.


We live in an age where AI can build in minutes what would have taken weeks. But the real risk is skipping the hard work of truly understanding a problem at its most fundamental level.


When everything can be generated quickly, it is easy to confuse speed with insight. The most creative solutions do not come from moving fast, but from sitting with a problem long enough to debate it, question it, and push back on it.

9) What is a myth you wish to debunk about young public servants?


Many young people assume public servants are purely motivated by security and stability. In truth, many enter into service to genuinely serve the public good.  


Exercises like CSA’s Exercise Cyber Star (XCS), Singapore's biennial national cybersecurity crisis management exercise involving close to 500 participants, and Critical Infrastructure Defence Exercise (CIDeX), where my team helps develop realistic cyberattack simulations against all 11 CII sectors, are key examples.


I have had the privilege of participating in XCS25 myself, where my background in OT proved instrumental in tackling the challenges.


These are demanding, high-stakes efforts that require deep expertise and collaboration across government, industry and CII owners. The colleagues I admire most are here because they care about protecting the infrastructure that millions of Singaporeans depend on every day.

10) Write a letter to your future self in 2035. Please keep it within 200 words.


Hello, my future self,


I hope you are still learning well, fast and deeply.


In 2026, we are now facing the greatest challenge in the cybersecurity industry. AI models are already finding vulnerabilities in software faster than human experts can, and zero days are becoming negative days, exploited before anyone even knows they exist.


By 2035, I hope that AI has helped us build a world of "secure by default" software where security is built in from the very beginning.


If that has happened, it may well have made my current role as a security tester obsolete. And it means you must have moved on to harder problems with the same curiosity I carry today.  


I hope you are reading this from somewhere far away and beautiful, still plugged in, still curious, and still learning deeply.