About the author

Ever since my childhood, my fascination with computers has been unwavering. This passion led me to pursue a career in cybersecurity, where I discovered my true calling. During the final years of my bachelor’s degree, I interned for a cybersecurity company, assisting in ISO 27001 audits. This experience revealed my knack for effective communication and my ability to engage with stakeholders, providing them with training, knowledge, and implementing cybersecurity controls. It was during this time that I earned my certification as a Lead Auditor of ISO 27001, solidifying my interest in cybersecurity and marking the beginning of my professional journey.

My philosophy in cybersecurity is simple: “better be safe than sorry.” This mindset has guided me throughout my career, ensuring that I always prepare for the worst and work diligently to protect organizations against potential threats. I approach every project with the assumption that someone is trying to steal data, and I strive to safeguard against it.

One of the most challenging projects I’ve undertaken was leading the implementation of an ISMS compliant with ISO 27001 for an organization. The scope was vast, requiring alignment with industry standards and the implementation of comprehensive cybersecurity controls. The most difficult challenge was overcoming resistance to change within the organization. Through persistent training sessions, workshops, and one-on-one meetings, I managed to inspire and motivate employees to embrace new security protocols, ensuring a successful implementation.

My most significant achievement has been developing a transformative risk management framework. Initially designed to align third-party cyber risk management, this process has evolved to encompass overall cyber risk management. I take pride in drafting, testing, and communicating this framework to different teams and senior leadership, knowing that I have contributed meaningfully to my organization.

Staying current with the ever-evolving cybersecurity landscape is crucial. I rely on resources such as TLDR newsletters, the “Cybersecurity Today” podcast on Spotify, and websites like Krebs on Security, Schneier on Security, and Dark Reading. Additionally, LinkedIn connections keep me updated with the latest industry news, although I’m not a fan of generic posts.

Outside of work, I indulge in reading, playing football (never “soccer”), and cooking vegetarian food. These interests not only enrich my life but also complement my professional journey, adding layers of creativity and discipline to my work.

In the future, I aim to integrate the mindset and resources of ethical hackers with cyber risk assessment and management. By proactively identifying potential threats and applying cybersecurity controls, I hope to ensure robust protection for organizational data, even before penetration tests are conducted.

As I continue to navigate the intricate labyrinth of cybersecurity, my journey is a testament to dedication, innovation, and an unwavering commitment to protecting the digital world.