Mimic: The ransomware exploiting Windows search
Discover an emerging ransomware family that’s using a legitimate Windows search tool to locate victims’ files before encrypting them.
Read MoreIn this week’s newsletter, Dr. Erdal Ozkaya (Group CISO at MAVeCap) tells us how he became a lecturer in cybersecurity. And here on the blog, we wanted to find out more about his perspective on cybersecurity in education – and the wisdom he’s gained over 25 years working in the sector.
Recognised as a global cybersecurity leader, Ozkaya leads security for MAVeCap – a VC firm focused on the incubation of groundbreaking ideas, including novel cybersecurity solutions. With a doctorate degree in information technology and involvement across a range of cybersecurity organisations (from Binalyze and ThreatMon to the Global CISO Forum), Ozkaya has a wealth of knowledge to share.
Here’s what he told us.
“Absolutely! The current landscape looks like this:
“And there are a number of gaps needing urgent attention:
“We can fill in the gaps with:
“If I could give my younger, more anxious cybersecurity-self one piece of advice, it would be this: focus on the human element as much as the technical one.
“Early in my career, I was obsessed with mastering the tools, the vulnerabilities, and the latest attack techniques. And while those are crucial, I hadn't yet grasped how much cybersecurity is dependent on the human factor.
“That includes the psychology of threats: understanding how attackers manipulate people, why employees make risky decisions, and how to change behaviour. That's just as powerful as any firewall.
“And communication is key; the ability to explain complex threats to non-technical stakeholders, get buy-in for security initiatives, and train people effectively would have made my life much easier (and our systems much safer!).
“Cybersecurity isn't about being the smartest person in the room. It's about fostering a collective sense of responsibility – from the mailroom to the CEO's office.
“Don't get me wrong, technical skills are the backbone. But knowing what I know now, I'd have invested time earlier in understanding psychology, communication, and the art of building a security-conscious culture. It might have saved me a few late-night incident response sessions!”
“Events like Black Hat MEA are incredibly valuable to me as a cybersecurity professional for several key reasons.
“All global Black Hat events attract top-tier speakers and researchers who are at the forefront of the cybersecurity field. The presentations and research unveiled at the event provide a glimpse into the latest threats, attack methods, and emerging defensive techniques. This helps me stay ahead of the curve in a constantly evolving landscape.
“The events provide an opportunity to connect with a global community of cybersecurity practitioners, from fellow field experts to CISOs and security leaders. These interactions spark new ideas, enable collaboration, and provide valuable insights into challenges faced by different sectors.
“And attending workshops and briefings allows me to hone existing skills and delve into new areas of interest within cybersecurity. It's a focused time for targeted learning, often in a hands-on environment, that I might not easily access in my day-to-day work.
“Stepping outside of my daily work environment and immersing myself in the broader cybersecurity landscape renews my energy and motivation. Seeing the passion, innovation, and challenges faced by others helps me gain perspective on my own work.
“Black Hat MEA specifically helps me understand the unique cybersecurity threats and considerations in the Middle East and Africa region. This knowledge is invaluable as cyber threats become increasingly borderless. The opportunity to connect with professionals from different backgrounds and cultures broadens my understanding of cybersecurity challenges and approaches on a global scale.
“Ultimately, attending events like Black Hat MEA makes me a more well-rounded and effective cybersecurity professional and allows me to better serve my organisation and the wider community.”
Thanks to Dr. Erdal Ozkaya. Do you want to learn more from the world’s leading cybersecurity experts? Join us in Riyadh for Black Hat MEA 2024.
Join the newsletter to receive the latest updates in your inbox.
Discover an emerging ransomware family that’s using a legitimate Windows search tool to locate victims’ files before encrypting them.
Read MoreWhat are non-human identities (NHIs) and why are they driving a paradigm shift in identity security?
Read MoreNew research shows that a growing number of organisations view cybersecurity as a strategic priority.
Read More