You can plant flowers and build cyber resilience

Abeer Khedr (CISO at National Bank of Egypt) has over two decades of experience in information security and IT consulting. She has led projects in a range of industries, from banking to telecoms – with a track record in systems implementation, information security strategy design, policy design and implementation, and more. 

With a keen understanding of the value of continuous learning, Khedr has also been involved in the design and delivery of security awareness programmes – and in her own professional journey, she’s constantly adding new skills, certifications, and experiences to her tool kit. 

In 2019 Khedr was recognised among the top cybersecurity government leaders in the Middle East, and in 2020 she was named as one of Egypt’s top 30 inspirational women. 

We asked her how she manages the pressure of her work, and what key threats she’s concerned about in 2024. Here’s what she told us.

First up, a personal question: how do you handle the pressure of being a CISO of a large bank, and what advice would you give to new cybersecurity professionals about how to protect their well-being while carrying significant responsibility? 

“By focusing on the purpose driving me to assume and continue in this role. Focusing on the purpose of ‘why’ you are doing a certain job or pursuing a certain career will automatically drive you to do what is needed to achieve this purpose. 

“This includes taking care of your physical and mental well being. You will eat right and stay physically active because you want to stay sharp and healthy as much as you can to perform your work. You will nurture your mental health because you need the clarity of thought to strategise and find solutions to problems. In my experience, faith and prayer are key for my mental and emotional well being and family is next; they are my greatest support and I am theirs too. 

“Speaking of mental well-being, I also find that  connecting with nature and dedicating some time to enjoy the beauty around us is very calming. For example I plant flowers: I enjoy their smell, their beautiful colours, and learn patience waiting for them to blossom. I also enjoy community work whenever time permits it because I believe one of the key stressors in today’s world is when we are too focused on ourselves forgetting others around us. 

“My advice to new cybersecurity professionals is to look for the fulfilment of continuous learning and achievement in their work and don’t stress over strictly separating their work and personal lives. 

“Look to integrate them instead of separate them; it’s one life, and work and personal are just different aspects of it. Enjoy what you do and be grateful for opportunities that come your way.”

What are the key threats that concern you in 2024? 

“According to the World Economic Forum outlook report, inequity between cyber resilient organisations and smaller less resilient ones will continue to increase. This is a cause of concern because the less resilient companies could be our suppliers, our customers; it’s one ecosystem. 

“This should drive our efforts in 2024 to increase awareness and support these companies on how to apply security measures and develop incident response capabilities to increase their cyber resilience.

“Additionally, threats from malware: ransomware continue into the new year, as well as deepfakes and – interestingly enough – all types of misinformation/disinformation. This has an impact on an expected rise in fraud targeting our customers; again, to which we need to direct and intensify awareness efforts.”

Have you seen any changes recently in terms of gender diversity in the cybersecurity industry?

“Yes – and definitely for the better! Several mentorship programs and scholarships have been offered to support inclusion of more women in cyber. In the Middle East region, several women empowerment initiatives are sponsored by country leadership as well. Awareness initiatives on the value of diversity in cyber security have increased. 

“This has not only reflected in a noticeable increase in the number of girls interested in the cyber career, but in some countries like Egypt, where I come from, you now see an organically achieved 50/50 ratio in the number of graduates from cybersecurity tracks. This is an amazing outcome!”

What's the best thing about your job? 

“The best thing is the satisfaction you feel when your work is causing tangible improvements in the security posture of your organisation – resulting in enhanced resilience and increased customer trust. This means your efforts are on the right track and you’re fulfilling your mission and your passion.  

“The second best thing is that it’s never boring; from new threats to daily challenges and problems that you are always expected to solve , there is hardly a dull moment.” 

Finally, why are events like Black Hat MEA valuable to you? 

“Cyber security conferences, especially flagship ones like Blackhat MEA, are amazing opportunities for networking and collaboration – which is essential in the field of cybersecurity. 

“You have the opportunity to meet with cybersecurity experts from around the globe in one place, with ample opportunity to have discussions, share experiences and learn from one another. It’s also important to learn about different perspectives and different sets of challenges cybersecurity professionals face in different parts of the world. 

“All this has the impact of providing you with a very enriching learning experience with so many useful takeaways.”

Thanks to Abeer Khedr. Want to learn more about working in cybersecurity, directly from industry leaders? Register now for Black Hat MEA 2024.