Fuad Kay's Bio
Fuad Kay (SyberSeeker) is a cybersecurity consultant, researcher, and Open-Source Intelligence (OSINT) enthusiast with over 14 years of experience in the cybersecurity industry. He combines technical expertise with investigative curiosity, focusing on how intelligence, analytics, automation, and risk quantification can strengthen cyber resilience.
Through SyberSeeker, Fuad actively shares practical insights on OSINT, threat intelligence, digital risk, privacy, and cybersecurity research. His writing aims to make complex security topics accessible to both professionals and curious learners.
Fuad is the researcher behind VoronRAV, a cyber risk quantification model inspired by OSSTMM and attack surface analysis principles, designed to translate technical findings into measurable business impact. He is also developing the Cyber Trust Degradation Model (CTDM), a trust-centric approach for evaluating how cyber events influence confidence in third-party relationships.
His current research interests include AI security, synthetic media verification, deepfake detection, adversarial AI, and the growing relationship between artificial intelligence and open-source intelligence.
Beyond research, Fuad regularly contributes to the cybersecurity community through conference talks, workshops, panel discussions, and technical writing. His work focuses on bridging the gap between technical evidence and executive decision-making, helping organizations understand cybersecurity as a measurable business risk rather than simply an IT problem.
By combining analytical thinking with practical storytelling, Fuad aims to help people see the unseen and transform information into meaningful insight.
Talks & Workshops
- Guest Speaker at Axiata Cybersecurity External Insights Workshop, Axiata (2026) - The Next Wave: Evolving Cyber Threats and Strategic Risk for 2027–2029
- Distinguished Speaker at PhD Colloquium Q3, Center of Postgraduate Studies, Malaysia University of Science and Technology (2025) - The Art and Math of Cyber Risk: From OSSTMM to VoronRAV
- Panelist at ISC2 Malaysia Chapter (2025) - Your Cyber Certification Journey
- Panelist at Datumstruct (2025) - Fireside Chat: The Future of Smart, Secure & Human-Centric Control Rooms
- Guest Speaker at International College of Yayasan Melaka (2025) - The Cyber Frontier: Security Challenges and Career Opportunities
- Keynote Speaker at Trainocate Malaysia (2025) - Unmasking the Truth: How OSINT Detects and Defends Against Deepfakes
- Keynote Speaker at ISC2 Malaysia Chapter (2025) - Cyber Risk as a Business Risk: Moving Beyond IT Silos
- Keynote Speaker at GMi CYSEC, German Malaysian Institute (2025) - Cybersecurity: Remote Exploitation
- Keynote Speaker at Faculty of Computer Science and Technology, First City University College (2025) - Cybersecurity as the Catalyst for Innovation: Building Trust in a Digital Future
- Guest Speaker at Faculty of Computer Science and Information Technology, Universiti Putra Malaysia (2025) - Strengthening DevSecOps with OSINT: Real World Insights and Strategies
- Guest Speaker at German Malaysian Institute (2024) - Career in Cybersecurity Engineering: Exploring the Pathways, Skills, and Opportunities
- Speaker at Trainocate Malaysia (2023) - Human Psyche in Penetration Testing
- Speaker at Johor Plantation (2023) - Security Awareness Training
- Speaker at Asia Pacific University (2023) - Employment Trend Career Talk
- Speaker at ALCOM (2023) - Security Awareness Training
- Speaker at Crealogy Webinar (2020) - From Legacy to Next-Gen: Protect Your Organization Against Latest Cyber Threats
- Speaker at Crealogy Webinar (2019) - How Ransomware Attacks SME in Malaysia
Certifications
- PTE)
- Certified Cybersecurity Systems Manager (C
- EC-Council Associate C|CISO
- CertNexus Cyber Secure Software Developer (CSSD)
- CertNexus CyberSec First Responder - Advanced (CFR-A)
- CertNexus Incident Response in Business (IRBIZ)
- Certificate of Cloud Security Knowledge v5 (CCSKv5)
- Certificate of Competence in Zero Trust (CCZT)
- ISC2 Systems Security Certified Practitioner (SSCP)
- ISC2 Certified in Cybersecurity (CC)
- OPSWAT Comprehensive OSINT Expert (OCOE)
- OPSWAT OT Security Expert (OOSE)
- IMI Identity Ninja
- IMI Certified in Data Protection (CDP)
- IMI Certified Access Management Specialist (CAMS)
- IMI Certified Identity Governance Expert (CIGE)
- IMI Certified Identity and Security technologist (CIST)
- IMI Certified Metaverse Security Consultant (CMSC)
This is a hobby project to experiment the CVSS 4.0 scoring and OSSTMM scoring using nmap module. This simple tool will perform the vulnerability scan by entering the target single IP or IP range and the result can be export in the CSV format. Refer to this CVSScope Tool Link for more details.
The SpyCer DASD is a web-based tool developed using the Flask framework to assess and visualize the attack surface of domains or IP addresses with basic attack surface classification. It enables users to gather intelligence such as subdomains, WHOIS data, Shodan insights, and reputation checks. Refer to this SpyCer Tool Link for more details.
KestrelEye is an OSINT hobby project which combines the selective tools for OSINT investigation. This project still under development with expected Alpha release on November 2026.
Own Researches
- Cyber Trust Degradation Model (2026)
The Cyber Trust Degradation Model (CTDM) is an ongoing research initiative developed to examine cybersecurity from a trust perspective rather than solely from a technical or compliance standpoint. While traditional Third-Party Risk Management (TPRM) approaches focus on vulnerabilities, controls, and regulatory requirements, CTDM explores how cyber incidents and security weaknesses may gradually erode trust between organizations and their vendors.
The model introduces several dimensions, including Trust Exposure, Trust Exploitability, Trust Dependency, Impact Amplifiers, and Trust Recovery Capability, to help organizations understand how cyber events influence business confidence and third-party relationships. CTDM is designed as a complementary framework rather than a replacement for existing risk models. Its goal is to provide additional visibility into the human and business aspects of cyber risk, particularly in vendor ecosystems where trust plays a critical role.
Current research focuses on applying CTDM to Third-Party Risk Management (TPRM), continuous monitoring, and cyber resilience programs.
VoronRAV is a research-driven cyber risk quantification model that fuses OSSTMM-inspired evaluation metrics and NIST 800-30 blended with financial risk modeling to measure and visualize technical exposure more precisely. This research explores how quantifiable approaches can strengthen cyber defense decision-making and make risk data more actionable for organizations of all sizes.