Enhance security awareness with fresh communication

Nisreen Al Khatib (Expert in IS Risk Management, Data Privacy, and Cybersecurity Management) is a cybersecurity expert with a strong track record of helping organisations achieve compliance with regulatory requirements in cybersecurity, manage their risk level, and align security practices with business goals. 

She also has a passion for education in the cybersecurity space, operating as a corporate trainer and a volunteer advocate to drive security awareness and encourage greater diversity in the industry. 

We asked her what the industry could do to improve security education and awareness – and this is what she told us. 

In terms of cybersecurity education and awareness, do you think the industry could/should do more to reach communities/populations outside of tech and drive better awareness in general?

“Cybersecurity awareness and education is one of the most challenging domains in cybersecurity. Cybersecurity is a technical topic, however due to the nature and impact of cyberattacks, awareness and education touches all people who go online – and this covers a huge population with diverse knowledge, educational backgrounds, and security understanding. 

“So the topic has to be portrayed in a nontechnical manner that all these people can understand and relate to. 

“One of the key considerations in communication is to identify the audience we are targeting so we can tailor our message and delivery to that target audience. The same should happen with our efforts in addressing cybersecurity education and awareness. The wide range of our target audience necessitates that we create different messaging for different groups. 

“I believe there’s still much that can and should be done by the industry which requires strong collaboration with other industries, such as education, communication, and media – to benefit from their expertise and insights, and help us develop the right material to deliver the right message through the appropriate channels and means. 

“We also need to keep enhancing and updating our messages and means to cope with the advancing threats – and at the same pace, if not faster. We can’t address cybersecurity education and awareness with the same old methods, or we will get the same disappointing results.”

Have you observed any changes (positive or otherwise) recently in terms of gender diversity in cybersecurity? 

I started my career in Information Technology and then moved gradually to the security domain. Both domains have been generally dominated by men. On many occasions, I used to be the only female or in the best case amongst the minority in the room whether at work, educational events, workshops or conferences. 

“However, in the last couple of years I have seen a spike in the number of women in cybersecurity in general. There have been several initiatives that supported enhancing gender diversity on a local, regional and international level. 

“I believe one of the key initiatives that helped enhance diversity is creating support groups that connect women in the domain – from those just starting their careers, to high-achievers in the space. Such communities help provide the necessary support, mentorship, guidance and role models for the younger generation thus creating the necessary support system for women to grow and glow. 

“I believe when we see people who we can relate with, who could have faced similar challenges and still were able to make it – that gives us inspiration, hope, and motivation to achieve more. 

“As we give more opportunities and more support we will see enhancement in diversity. Challenges are still there; especially as we look at higher level positions. More time, effort, encouragement and customised initiatives are needed to help achieve better diversity at the C-suite level.”

If you could go back to the beginning of your career and tell yourself one thing you wish you'd known then, what would it be? 

“‘Show more confidence in yourself and your capabilities.’ I believe this would have made a huge difference in my life journey.” 

Finally, why are events like Black Hat MEA valuable to you? 

“Events such as Black Hat MEA are invaluable in cybersecurity as they provide concentrated insight into industry trends, emerging threats, and innovative solutions – directly influencing our strategic approach and operational resilience. 

“As a panel moderator at last year's event, I had the unique opportunity to engage with leading experts and thought leaders and brilliant women, facilitating discussions that delve into complex personal and security challenges and the developing landscape of cybersecurity worldwide. 

“The event's emphasis on knowledge-sharing, networking, and the latest technological advancements enriches our capabilities, ensuring we remain at the forefront of cybersecurity defence and strategy. 

“Moreover, having this strong female presence at the conference as attendees, speakers and contributors helped in fostering gender diversity in the region and encouraged more women to speak, contribute and showcase their talent.” 

Thanks to Nisreen Al Khatib. Join us at Black Hat MEA 2024 to immerse yourself in the future of cybersecurity.