Magazine: Tashya Denose

TOP CYBER NEWS
MAGAZINE AUGUST 2023
Meta
TASHYA DENOSE
HOW TASHYA DENOSE, SECURITY PROGRAM MANAGER IN META’S REALITY LABS AND THE LEADER OF EMOTIONAL INTELLIGENCE
IN CYBERSECURITY, IS PIONEERING A PATH TOWARDS GREATER DIVERSITY AND HUMANITY WITHIN THE CYBER WORLD
Top Cyber News MAGAZINE - August 2023 - All Rights Reserved 2
Fore
Word
Integrating Excellence with The Future, Top Cyber News MAGAZINE stands as a
dynamic platform that not only disseminates information but actively amplifies the
profound impact of Human Talent and Human Factors within the realm of
cybersecurity. This platform serves as a nexus that connects a diverse universe of
cybersecurity experts from around the world.
By emphasizing Human Talent, the magazine recognizes and celebrates the

distinctive qualities, skills, and intellectual prowess that individuals bring to the
field. This recognition goes beyond technical proficiency, acknowledging the
multifaceted dimensions that contribute to effective cybersecurity practices,
including communication skills, critical thinking, ethical considerations, and
adaptability.
In uniting diverse universe of cybersecurity experts, Top Cyber News MAGAZINE

not only informs but catalyzes dialogue and collaboration. By showcasing the
experiences and insights of professionals from different sectors, backgrounds,
and perspectives, the magazine fosters a holistic understanding of the challenges
and opportunities within the cybersecurity domain.
Through its dedication to highlighting Human Talent, Human Factors, and the
global community of cybersecurity experts, the magazine contributes to a
comprehensive understanding of the field's complexities and the strategies
needed to safeguard our digital future.
Integrating Excellence With The Future!

Top Cyber News MAGAZINE

RING DIVERSITY A New Era of Inclusion in Cybersecurity
As technology's relentless pace ushers in groundbreaking advancements, an
undeniable necessity arises, fostering an inclusive tech ecosystem. The focus on
diversity and inclusivity within this dynamic environment is more crucial than ever.
Audacious women are crafting a fresh narrative in the spheres of cybersecurity and quantum
technology. These pioneers are actively demonstrating that these sectors, traditionally dominated by
men, greatly benefit from the unique skills and perspectives women bring. In their roles as models
of inspiration, these women are championing change through resilience and expertise.
They are upending long-held stereotypes, illustrating that the tech industry is fertile terrain for
marginalized groups ripe with unexplored opportunities. Their influence goes beyond personal
achievements. They aren't just breaking barriers but actively building bridges,
fostering mentorship, sharing experiences, and creating an environment that
celebrates diversity and integrates inclusivity.
However, more than individual efforts are needed to effect systemic change. We need to nurture a
supportive ecosystem that advocates equal opportunities and aids the growth of diverse talents.
This requires a multifaceted approach, including integrating inclusivity in education,
offering scholarships to underprivileged tech enthusiasts, enabling mentorship
opportunities, and enforcing policies that endorse equal representation.
As we explore the intricacies of cybersecurity and edge towards a quantum revolution, it's crucial to
acknowledge and emulate these trailblazers. The future of technology should echo their
commitment to diversity and inclusivity. We bear this responsibility.
So, join us in molding a tech ecosystem where every voice is amplified, every unique
contribution is celebrated, and everyone is invited to participate in technological innovation!
Malak Trabelsi Loeb is a Dubai-

based visionary entrepreneur and
Editorial by Malak Trabelsi Loeb , Dubai, the UAE
accomplished legal consultant.

With expertise in International
Business, Space, Tech, and
National Security law, she brings
17 years of international business
experience and 12 years of legal
expertise.
Mrs. Loeb is the Founder and
Managing Director of Vernewell
Management, a Space and Deep
Tech- Management and Innovation
Consultancies Firm; the CEO of
Trabelsi Loeb Legal
Consultancies; and the founder of
Vernewell Academy.
She is an international thought
leader and sought-after speaker.
She has delivered workshops and
lectures as a space SME for
prestigious organizations,
including the NATO SD - South
Hub/ NATO Joint Allied
Transformation command, Italy,
and the Royal Aeronautical Society
– UAE Branch.
@ t h e c y b e rs e c u r i t y h u b
The Cyber Security Hub™

@thecybersecurityhub
World's Premier Cyber Security Portal

Tashya Denose is more than a senior cybersecurity professional; she is an enthusiast on a mission to
diversify the field. Her career journey began in the public sector, where she supported DoD networks at
the Pentagon, worked with the Secret Service, and engaged with the Intelligence community.
Transitioning to the private sector, she made significant contributions to renowned organizations like
Capital One, Google, and her current role at Meta.
Furthermore, Tashya hosts the podcast "Do We Belong Here," which illuminates the human side of
cybersecurity. As a board member of Black Girls In Cyber, her goal is to support the mission of providing
essential resources for black women to pivot into cyber and privacy. Through her tireless efforts, Tashya
strives to empower women and foster a sense of community within the industry.

In Search of Excellence - Talent, Made in the USA
Inter view conducted by Dr. Bradford L. Sims, FR AeS
President at Capitol Technology University
Tashya Denose is not just a Harvard trained “The education of the next generation of Cyber
Governance, Risk and Compliance expert; she is a experts must start now’, include all those that
diversity enthusiast dedicated to getting black women have historically been limited to be part of this
particularly into the field. She actively contributes to
defence of our ways of life.”
this mission through her social media presence, ~ Dr. Ian McAndrew, Capitol Technology University
involvement as a board member of Black Girls In
Cyber and as the host of the monthly podcast, "Do
We Belong Here."
Tashya's story began on Davis Monthan Air Force
Base, located near Tucson, Arizona. She was born to
immigrant parents who hailed from the beautiful
island of Jamaica. From Arziona, Tashya moved
twelve more times, residing in various places such as
Florida, England, Germany, Texas, Georgia, and
currently, Maryland, just outside of Washington, DC.
While Tashya initially dreamt of becoming an actress
or making her mark in the fashion industry by
designing windows for Bergdorf Goodman in New
York City, she realized the need to align her
aspirations with more practical considerations.
Realizing that dreams alone do not pay bills, she
decided to take a job as an office administrator
shifting her focus towards a traditional career.
Working professionally as the support for a small
black engineering firm, Tashya took pleasure in
holding a part time position at a retail store trying to
hold on to her dreams. This kept her in touch with
fashion and her love for connecting with people. She
spent her evenings in Nordstrom’s designer shoe
department, while her days were spent learning how
to manage deadlines, prioritize business needs and
allocate resources. Dr. Bradford L. Sims became Capitol
Then, an opportunity presented itself that would Technology University's eighth president on June
ignite a new passion within Tashya. It commenced at 1, 2017. An educator, administrator and
the Pentagon over a decade ago, as an executive construction project manager, Dr. Sims has
assistant to the Director of the Information extensive experience both in academia and
Technology Agency. Though she had limited industry. Dr. Sims earned a Ph.D. in Curriculum
knowledge of what lay ahead, she was in possession and Instruction in 1999 from Purdue University,
of the foundational skills needed to be successful: which is also his undergraduate alma mater; he
great communication and the ability to excel in a fast- received his B.S. in Building Construction
paced environment. Despite the uncertainties, Management there in 1990. He also holds a
Tashya wholeheartedly embraced the uncertainty master's of science degree in Building
and was ready to devote herself to this venture. Construction from the University of Florida.

“Contributing
Creative Thinking
Problem-Solving
& Compassion
To safeguard a
More Secure World”
Interview conducted by Dr. Bradford L. Sims
I was intrigued by the scale of responsibility and

In Search the complexity of the challenges. This initial
interest led me to dig deeper, to really
of Excellence understand what lay behind our organization's
work. As I delved into research, I found myself
growing more and more fascinated with the
Talent realm of information assurance and
Made in the USA cybersecurity.
[Dr. Bradford Sims] In your role at the
Pentagon, you were given a tremendous
opportunity to transition from an administrative
[Dr. Bradford Sims] Tashya, it's fascinating to role to an Information Assurance team
hear that prior to establishing yourself as a member. What were your initial feelings and
figure in the cybersecurity world, your how did you prepare for this enormous
aspirations were in a completely different responsibility?
realm. Could you walk us through your early
[Tashya Denose] When the Director presented
interests and passions, and explain the
me with the opportunity, I was thrilled but also a
transition?
little daunted. I knew it was a huge step, and I
[Tashya Denose] Initially, yes, my dreams were had to equip myself with the necessary
completely different. As a young woman, I was knowledge and skills to succeed. To prepare, I
enamoured with the idea of becoming an attended a CompTia training bootcamp in
actress or making my mark in the fashion Atlanta, where I earned my A+, Security+, and
industry by designing windows for Bergdorf Network+ certifications. This intense training
Goodman in New York City. It was an exciting period was the launching pad for my journey
prospect, filled with creativity and glamor. into the world of cybersecurity, and I returned to
However, life often takes us on unexpected the Pentagon ready and excited to take on my
paths, and mine was no exception. new role.
[Dr. Bradford Sims] Well, let's start from the [Dr. Bradford Sims] You've successfully
beginning. Your journey is a fascinating blend navigated some high-stakes situations and
of adaptability and embracing opportunities. tasks during your career, especially during
Could you share how the twists and turns of your time at the Pentagon. How did these
your early years, especially those spent at the experiences shape you as a professional and
Pentagon, shaped you and ignited your as a leader?
passion for cybersecurity??
[Tashya Denose] Definitely, I was really forced
[Tashya Denose] Absolutely, I'd love to. My to step up and grow, both professionally and
story at the Pentagon began quite unexpectedly. personally. As the Vulnerability Management
I was an executive assistant to the Director of Branch Chief, I was confronted with high-stakes
the Information Technology Agency and my role situations like the Heartbleed bug threat, and it
was mainly about managing deadlines, was my responsibility to guide my team through
prioritizing business needs, and allocating this critical period. The pressure was on. There
resources. I enjoyed it, but what truly sparked were no breaks; it was a continuous process of
my interest was the organization's mission of scanning and securing our over 70,000 assets
providing exceptional IT services to the across Unclassified, Classified, and Top Secret
Pentagon and the National Capital Region of networks, the scale of responsibility was
Washington, D.C. immense.

"I'm not reliant on
external
permissions, but
rather, adept at
dismantling any
obstacles that
stand in my path."
~ Tashya Denose, Cybersecurity Expert

>> Interview conducted by Dr. Bradford L. Sims
We couldn't afford any vulnerability that might cybersecurity. Sarina Gandy, our producer,
compromise the integrity of these critical along with co-host Pam Lindemoen, and
networks. Delivering ongoing updates for the creative director Rex Wilson, we all teamed up
Joint Chiefs of Staff, who are the highest- with the idea of a platform that explored the
ranking uniformed leaders in the Department of human aspect of cybersecurity while stressing
Defense, was both a privilege and a daunting the importance of diversity. Our aim with this
task. podcast is to show the world that there is
[Dr. Bradford Sims] Your mission to increase indeed a place for everyone in cybersecurity.
diversity in the cybersecurity field, especially [Dr. Bradford Sims] In addition to promoting
for black women, is inspiring. Could you tell us diversity, you're also keen on enhancing
about your experiences as often being the only emotional intelligence in the cybersecurity
black woman in the room and how that community. Can you elaborate on why this is
influenced your decision to join Black Girls in important and how you plan to achieve this
Cyber? goal?
[Tashya Denose] As I progressed in my career, [Tashya Denose] Absolutely. Technical skills are,
it became clear that I was often the only of course, crucial in cybersecurity. However, I
woman, let alone the only black woman, in the strongly believe that to truly excel in our field,
room. This pattern was disheartening and at we also need to foster emotional intelligence.
times, led to feelings of impostor syndrome. I This involves understanding our own emotions
felt a deep-seated need to change this narrative, and those of others, and using this
not just for myself but for all the black women understanding to build better relationships,
who would come after me. Joining Black Girls in manage stress, and make more effective
Cyber felt like the perfect opportunity to make a decisions. As a certified emotional intelligence
difference. As the Brand and Marketing Director, coach, I aim to bring this awareness into the
I am able to use my skills and platform to cybersecurity community and inspire a more
cultivate awareness and champion diversity in holistic approach to our work.
the field. [Dr. Bradford Sims] Tashya, your journey has
[Dr. Bradford Sims] Your advocacy does not been incredibly inspiring… Yet, why cyber?
stop with Black Girls in Cyber. Can you Why not dancing, tennis, soccer, or other
elaborate on the launch of your podcast "Do sports? Where does a place in your heart exist
We Belong Here." and how you became for other pursuits? Because from what I know,
involved with Cyber Florida? you give your all – maybe even more than you
[Tashya Denose] Absolutely. My involvement realize.
with Cyber Florida began through my [Tashya Denose] Smiling…Playing sports is not
connections within the cybersecurity nonprofit my forte; my coordination skills are rather
community. The organization's aim really lacking. While I can manage to dance well
resonated with me as it is focused on paving enough to stay on beat, entrusting me with the
pathways into cybersecurity for women, task of throwing a ball would not end well.
minorities, veterans, first-responders, and However, it is within the realm of cybersecurity,
career changers. I saw this as a perfect I have discovered a fulfilling path where I can
opportunity to participate in their mission, contribute my creative thinking, problem-solving
which is so closely aligned with my personal skills, and compassion. It empowers me to
passion for inclusivity in this field. The idea of make a meaningful impact, safeguarding
the podcast, "Do We Belong Here," came from individuals, organizations, and societies from
this shared vision of promoting diversity in digital threats.

[Dr. Bradford Sims] Now imagine a world [Tashya Denose] My family brings me
without digital technology – a world where unparalleled joy. There's no greater pleasure
children are given kites to fly and balls to play than returning home to a haven filled with love.
with. What would your role be in such a world? Often, when I open the door, I'm greeted by the
What activities would you engage in? heartwarming sight of my 10-year-old son and
[Tashya Denose] If I were living in a non-digital husband unwinding on the couch, engrossed in
world, it's likely that I would have pursued a a football (soccer) match. Meanwhile, my 3-
career as a drama teacher. The prospect of year-old daughter eagerly rushes towards me,
being immersed in an environment full of leaping into my arms. The feeling of
creativity is intriguing to me. As a drama unconditional love envelops me, creating an
teacher, I would relish the opportunity to indescribable sense of bliss.
nurture the imaginative spirits of my students, [Dr. Bradford Sims] Back to the cyber realm. Is
guiding them to explore the depths of their it really secure or insecure?
emotions and the boundless possibilities of [Tashya Denose] It's both, the field of
storytelling. Witnessing their growth, would be cybersecurity is dynamic. As new technologies
rewarding. are developed, both adversaries and
[Dr. Bradford Sims] Alright!.. here comes practitioners engage in a constant cat-and-
Netflix. What would they film about you? What mouse game. Adversaries seek to uncover
would the world come to know about Tashya weaknesses for their own gain, while
Denose? practitioners work to identify and address
[Tashya Denose] My film would highlight my vulnerabilities before they can be exploited. This
multidimensionality with a passion for various ongoing cycle underscores the importance of
interests and pursuits. Technology fascinates proactive security measures and staying vigilant
me, as I find joy in exploring its advancements in the face of emerging threats.
and understanding its impact on our lives. [Dr. Bradford Sims] Tashya, your journey has
Fashion is another realm that captivates me, been incredibly inspiring, filled with grit,
allowing me to express my creativity and sense determination, and an unwavering commitment
of style. Beyond these domains, my heart is to promoting diversity and inclusion. As you
deeply rooted in my family, and their happiness continue on your path, what is the one
and well-being are paramount to me. message you would like to leave with aspiring
But there's more to me than just these cybersecurity professionals, especially those
individual facets. It's my mission to create from diverse backgrounds?
meaningful connections with the people I [Tashya Denose] The message I'd like to impart
encounter, to touch their lives with love and is that there's a place for everyone in
empathy. Whether it's through acts of kindness, cybersecurity. Regardless of your background,
lending a listening ear, or simply offering your gender, your race, there's room for you
support, I strive to make a positive impact and here. And not just room, but a need for your
ensure that others feel cared for. This dedication unique perspective and skills. Don't let anything
to spreading love and compassion is an integral hold you back. Pursue your dreams with
part of who I am and how I navigate the world. courage, equip yourself with the necessary
[Dr. Bradford Sims] Who greets you behind skills, and never forget the importance of
your door when you come home? A few words emotional intelligence in making a real impact.
about your family that would inspire the young
women in the cybersecurity domain, please.

[Dr. Bradford Sims] And finally, a few words to those who will be leaders shaping the destiny of
young girls?
[Tashya Denose] Be bold and cultivate self-love. Once you truly comprehend your own identity, you
will acknowledge that you not only belong in cyber but also deserve to be here. It's vital to establish
connections with your allies, sponsors, and mentors, as each of these roles will contribute uniquely to
your success.
Challenges will arise along the way. However, you possess the resilience to overcome them.
Remember that even the most confident individuals on Earth have experienced moments of
uncertainty and had to "fake it" to persevere. By staying true to yourself, acknowledging your worth,
and seeking support from those who can guide and uplift you, you will continue to progress. Embrace
the journey, embrace the growth, and let your authentic self-shine through.
“Be bold and

cultivate self-love.
Once you truly
comprehend your
own identity, you
will acknowledge
that you not only
belong in cyber
but also deserve
to be here.”
~ Tashya Denose

My Cybersecurity Journey
The Pentagon & the National Capital Region
of Washington, D.C.
by Tashya Denose
In my past role, I was assigned to an executive position that held a distinctive blend of strategic
thinking, wit and technical expertise. Inspired by these qualities, I went beyond my regular
duties and delved into thorough research to gain a comprehensive understanding of the
organization's mission; which involved providing exceptional IT services to the Pentagon and
the National Capital Region of Washington, D.C. With a customer base exceeding 55 thousand
and an extensive network of over 70,000 assets spanning Unclassified, Classified, and Top
Secret networks, the scale of responsibility was immense.
My unwavering commitment and resourcefulness did not go unnoticed by the Director.
Recognizing my potential, he presented me with an extraordinary possibility to transition from
my current role to position on the Information Assurance team. This was long before the word
cybersecurity became mainstream. I seized the moment and followed the necessary protocols
to schedule and attend CompTia training for the A+, Security+ and Network n+ certifications in
Atlanta, Georgia. With determination and hard work, I successfully completed the bootcamp and
returned to the Pentagon, certified and prepared to embark on my new journey.

>> by Tashya Denose
My initial assignment was a deep dive into the field – I had to develop the Tenant Security Plan
Program. This was an initiative set to streamline the security assessments of any system that
was connected to the Pentagon networks. This task thrust me into the spotlight, showcasing
my exceptional ability to influence. Interestingly, the system owners weren't under my
leadership's jurisdiction, yet I needed to persuade them to comply with security regulations. I
was required to sway them without any top cover to comply with security regulations.
Nevertheless, I embraced the prospects and was determined to navigate the intricacies of the
situation, manoeuvrings through the complexities.
With notable success, my Director acknowledged my efforts with a promotion, recognizing my
readiness for more intricate tasks. My next assignments were more visible. I became well
versed in cybersecurity regulations and frameworks. My foundation was the National Institute
of Standards and Technology (NIST) 800-53, – the standard offering a catalog of security and
privacy controls to safeguard systems from a diverse array of threats and risks.
After conquering network audits and assessments, I earned a promotion to the role of
Vulnerability Management Branch Chief, where I faced two significant challenges. The first was
tracking the mitigation of a critical vulnerability. The second involved replacing the vulnerability
scanning tool that had been utilized by the Department of Defense (DoD) for over fifteen years.
As I settled into my new role, a major challenge emerged – the Heartbleed bug, a threat to the
entire World Wide Web. Guiding my team through a relentless cycle of scanning, there was no
room for downtime. It was everyone’s priority to ensure that the Pentagon's assets were no
longer vulnerable to this threat. This marked my first time delivering ongoing updates for the
Joint Chiefs of Staff – the highest-ranking uniformed leaders in the DoD, entrusted with
advising the president on military matters.
Up next was the menacing task of a short timeline of migrating to the Assured Compliance
Assessment Solution (ACAS) scanning tool. I led the team through the process of the detailed
removal of the Retina software, from the three major Pentagon networks and connected
systems and then the installation and configuration of ACAS. By then, I was experienced
briefing the Joint Chiefs but delivering this information was an uncomfortable yet conquerable
task. In the end, my team made me proud by completing this extensive enterprise level task on
schedule.
My time at the Pentagon was life changing. I learned, I grew, and I developed a deep passion
for cybersecurity. However, my thirst for knowledge needed to be quenched. In the nick of time
a recruiter from a small contracting firm at the US Secret Service (USSS) reached out,
presenting me with the opportunity to join their team. I packed my desk, sadly said goodbye to
my friends and colleagues and took on a new mission.

>> by Tashya Denose
At the USSS, I had the chance to further expand my passion for cybersecurity awareness and
training. The agency was relying on outdated PowerPoint presentations and spreadsheets to
manage their annual security training. Recognizing my expertise, the leadership approached me
with a unique challenge: to pave a new way forward for the organization.
I was relocated to the official training site of the USSS, and I couldn't help but feel a mix of
excitement and apprehension. This was a significant moment – I was tasked with developing
the first-ever official cybersecurity training program to be integrated into the US Security
Service Learning Management System. The responsibility was immense; I had to craft the
content, write the scripts, and ensure that what I created would be consumed globally. It was a
thrilling challenge, and once I successfully completed this major assignment, it marked another
transition in my journey.
Next up was my journey into the Intel community. I had the privilege of joining a Waived Special
Access Program, an exceptional opportunity to contribute to a critical mission. Despite the
organization's small size, its impact was mighty. By now, I had become a well-informed
generalist, comprehending cybersecurity from various angles, understanding the field from
multiple perspectives. This appointment allowed me to showcase my diverse skill set. Serving
on the configuration control board, I offered valuable security insights regarding proposed
network changes. I honed my expertise in reviewing audit logs for signs of suspicious activity.
Not only did I effectively prepare the team for cybersecurity audits, but I also embarked on
cross-country trips to conduct audits myself. Little did I know then, this experience would mark
my final role in the government sector, as new challenges awaited me in the private sector.
During that period, I had achieved the highest level of clearance and successfully passed
polygraph examinations. I genuinely believed that my career path in the public sector was the
most promising route to success. However, destiny had other plans. An unexpected opportunity
knocked on my door when an old friend approached me with an irresistible offer from Capital
One. Unbeknownst to many, including myself, the bank was a hidden tech titan, a concealed
tech powerhouse, renowned for its rapid cloud migration.
In my new role, I employed the NIST Cybersecurity Framework to evaluate the company’s
cybersecurity capabilities and maturity. I provided comprehensive reports to the company's
board and Chief Information Security Officer, offering insights into our cybersecurity landscape.
I took the lead in conducting enterprise-level Cyber Liability Assessments. These assessments
were crucial in determining the right amount of cybersecurity insurance coverage for the
company, ensuring we were adequately protected.
These experiences laid the foundation for my entry into the highly coveted position at Google.
As a member of the security team, I provided invaluable guidance to YouTube and
other product areas.

>> by Tashya Denose
Currently, I hold the role of a security advisor at Meta's Reality Labs. Here, I work alongside
innovative teams that are pushing the limits of technology. They delve into artificial intelligence,
machine learning, neural control interfaces, immersive haptic interactions, audio enhancements,
and full-body tracking. Our aim is to drive forward groundbreaking technological advancements
that redefine the possibilities of the digital world. In my role, I contribute to ensuring the
security and privacy aspects of these innovative technologies.
As I progressed from one team to another, a disheartening pattern persisted: I frequently found
myself as the sole black woman in the room, and at times, I was even the only woman there.
This unfortunate reality triggered episodes of impostor syndrome and moments of deep-seated
anger within me. I was determined to find solutions to address this demoralizing issue.
My heart guided me to Talya Parker, the visionary behind Black Girls in Cyber, a fledgling
nonprofit on the hunt for board members. Fueled by my own passion for social media and
crafting impactful presentations, I decided to step into the position of Brand and Marketing
Director. With a resolute goal to raise awareness in the industry and advocate for diversity in
cybersecurity, privacy, and STEM disciplines, especially for black women, I discovered a true
sense of belonging. Engaging in purposeful work aimed at catalyzing positive transformations, I
felt genuinely connected to the mission.
My adventure continued, one door opened after another, each step unveiling new opportunities.
Thanks to my network within the cybersecurity nonprofit community, I encountered Cyber
Florida. This state-funded organization aimed to establish pathways for women, minorities,
veterans, first-responders, and those shifting careers, enabling them to join the realm of
cybersecurity. In doing so, the organization tackled the pressing issue of our nation's shortage
of cyber professionals.
This collaboration transformed into an incredible chance for me. I had the honor of hosting a
monthly podcast named "Do We Belong Here," a show that delves deep into the human side of
cybersecurity while shining a bright spotlight on diversity. The podcast, brought to life by the
creative genius Sarina Gandy, co-hosted by the dynamic force Pam Lindemoen, and under the
skillful creative direction of Rex Wilson, became a public stage for me to proclaim that
cybersecurity is a field for all. Through this platform, I strive to spread the message that
everyone has a place in cybersecurity. As I became more technically advanced, I also came to
recognize the significance of my roles as a mother and wife in shaping my perspectives.
Balancing these responsibilities propelled my personal development and imbued me with a
distinct perspective—one that radiates hope, love, and unwavering optimism. My ultimate
aspiration is to embody these qualities and share them with everyone I encounters, fostering
connections and sowing the seeds of positivity.

Encouraging the Next Generation
of Female Cyber Warriors
by Amy De Salvatore, the USA
Cyberattacks continue to grow more devastating by Diversity is crucial because it brings different
the day, with ransomware, supply chain attacks, perspectives, experiences, and backgrounds –
phishing, and other incidents costing businesses an essential characteristics in the fight against ever-
average $9.44 million per attack. This is a devastating changing cyberthreats. What’s more, according to
amount and highlights how serious this challenge is studies by McKinsey and Gartner, more diverse
and the importance of solving it. companies outperform less diverse peers in
We cannot rely on technology alone to solve this profitability and performance by 36% and 30%,
massive threat. The warriors on the digital front lines respectively.
– the people defending our individuals, organizations, There are several things that we can do to close this
and governments – with their skills, talents, and time gap. First, educate early and often about
- will be the key to implementing defenses and cybersecurity. We must also expand traditional hiring
advancing innovation capabilities over time. pools to alternate education paths, including boot
Unfortunately, the cybersecurity industry faces a camps. We should also look to other tactics, such as
massive talent gap, with 714,000+ unfilled positions using blind hiring, reconsidering job requirements,
in the U.S. alone. This gap is particularly dire around and creating mentoring programs. By creating a more
diversity, with only 25% of cybersecurity jobs globally inclusive environment where all employees feel
in 2022 being held by women and only 26% welcomed, we can make a difference.
representing minorities overall, with further As a female leader and someone who cares
discrepancies around pay and managerial positions. passionately about this industry, I know this gap must
be closed, not only for our digital defenses but also to
open the door of opportunity to all interested in
joining the fight. I welcome each of you willing to
share in our mission and call on you to join us!
Amy De Salvatore is Partner, Business Development

and Platform at NightDragon. She brings more than
twenty-five years of business development and strategic
alliance experience to the role, spanning across leading
global IT and cybersecurity companies including
Documentum, EMC, McAfee, Intel Security and
Forescout Technologies where she built and managed
alliances with a diverse set of IT and OT partner portfolios,
including industry leading technology partners, system
integrators, service providers, resellers and OEMs.
Recognized in the industry for architecting and monetizing
profitable partner ecosystems, Amy specializes in the
design and execution of go-to-market strategies that lead
to material impact. Amy graduated from University of
San Diego summa cum laude, with a degree in Media
Communications and a Business Minor. She was a former
ambassador of the Forescout Women’s Network and is
still passionately involved in workplace diversity programs.

Humanizing Cyber
Amplifying Security Impact with Soft Skills, Emotional
Intelligence, Diversity,
and Establishing a Program Management
by Tashya Denose, United States

Our current digital landscape has completely
evolved from its humble beginnings of local
connections to a globally integrated system.
While we have discovered ways to simplify our
lives with Artificial Intelligence (AI) assistants on
smartphones, it introduced new challenges with
protecting our data, leading us into an
unprecedented increase in the complexity of
cybersecurity. As our attack vectors grow, cyber
threats have become more sophisticated and
frequent. This is an issue that must be resolved
in our personal lives and even more so for
businesses, corporations and governmental
agencies entrusted with safeguarding the assets
that store our sensitive information.
In order to be successful today, organizations
must equip themselves with more than just
technical expertise to protect their valuable
assets. This is where a combination of soft
skills, emotional intelligence, and diversity
comes to the forefront in conjunction with
cyber governance. With a combination of
technical acumen, emotional stability, and an all-
encompassing program management approach
for cybersecurity, security teams become
fortified, commencing their journey of enabling
the business. Cybersecurity maturity will then
become intertwined with their culture and all
levels of the company, or agency will be
working together to mitigate risk.

>> by Tashya Denose
Recognizing “Foundational” Skills They must embrace feedback as a catalyst for

continuous improvement. Cybersecurity is a
The first step that organizations must take collective endeavor that transcends the
towards advancing is understanding the boundaries of standards and locks everything
importance of foundational skills in the realm of down. By forging strong alliances with teams
cybersecurity. In lieu of the term "soft," I across diverse departments and disciplines,
propose "foundational," as it conveys the they will foster a shared responsibility and
fundamental nature of those skills that are collective ownership for safeguarding assets.
groundwork needed by security professionals to This approach ensures the organization’s
enhance their technical intellect. cybersecurity strategy effectively addresses the
threats and empowers the business.
Oxford dictionary defines soft skills as the
personal attributes that enable someone to Communication within cybersecurity is not
interact effectively and harmoniously with other limited interactions across teams; it is a crucial
people. Communication, teamwork, and skill that must also extend its influence both up
problem-solving are all skills of utmost and down the chain of command. To master the
importance for a cyber professional. Yet, the art of tailored communications for each
field of cybersecurity has frequently been stakeholder. The need to report and convey
mischaracterized as a domain solely responsible pertinent information is one of the few things
for managing code, hardware and data traverse; that remain a constant in security. Hence, a
thus overlooking a paramount element: human seasoned professional comprehends how to
beings. extract essential data from diverse stakeholders
to craft comprehensive metrics and
Effective communication plays a pivotal role in
visualizations that effectively communicate the
navigating the intricate landscape of
organization's security posture to leadership.
cybersecurity. Within this multifaceted domain,
Transforming the way teams communicate
security analysts must engage with a vast range
technical intricacies at the stakeholder level to
of stakeholders across their organization and
risk based priorities at the decision-making
intersecting organizations.
executive-level, enables an organization to
Regrettably, there is an underlying perception adapt, prioritize, and invest in areas crucial for
that persists among engineers and operations maintaining a robust security posture.
teams, that portrays security as the gatekeepers
The transformative shift is important not solely
and embodiment of the resounding word "NO."
for establishing connections with leadership and
However, this is precisely when the foundational
external teams but also for fostering a healthy
skill of communication takes center stage. When
internal team. Being a team player while
a cybersecurity expert is able to adeptly
managing the normally overwhelming
communicate the significance of integrating
cybersecurity initiatives is a must. This role
security measures from the very inception of a
demands vigilance, a thirst for knowledge and
project rather than relegating them as an
the ability to harness the strengths of one's
afterthought, barriers are broken and new levels
teammates to compensate for individual
of understanding are achieved. The teams then
weaknesses. As cybersecurity problems grow
become more collaborative, and the "No’s"
increasingly complex, cultivating exceptional
become, "Here’s a better way ahead!".
team skills emerge as a pivotal advantage
It is fundamental for cybersecurity teams to when tackling these challenges.
create an environment of collaboration; By embracing the spirit of collaboration, teams
recognizing the inherent value of building can unlock their collective potential to effectively
relationships with cross-functional stakeholders. navigate unique threat landscapes.

>> by Tashya Denose
In this context, being a proficient team player By embracing emotional intelligence,

translates into a competitive edge that enables cybersecurity professionals become not only
organizations to tackle cybersecurity problems technical experts but also adept at
with increased efficacy and resilience. comprehending and responding to the
The art of problem-solving skills assumes a multifaceted human element that permeates the
central role within all security domains. For field.
example, an effective incident response This approach enhances an organization's ability
analyst’s craft transcends the realm of technical to not only protect systems, but to build trust,
knowledge alone—it encompasses the fusion of collaborate seamlessly and adapt swiftly to
creative thinking and technical ability. emerging threats.
Understanding the mind of an adversary There are five core components of emotional
demands a profound comprehension that intelligence that emerge as indispensable
extends far beyond the confines of networking competencies: self-awareness, empathy, social
knowledge. A truly successful analyst delves skills, self-regulation, and motivation. These
deeper; embarking on a quest to unravel the elements are not mere add-ons but intrinsic to
"why's" that drive assailants, and seeking the the very fabric of cybersecurity, and intertwined
reason behind their malicious attacks. By with its rigorous nature. The ability to
harnessing this holistic perspective, these comprehend both ourselves and others, to
skilled professionals are poised to navigate the adeptly manage our emotions and to navigate
labyrinth of cybersecurity threats with social interactions with finesse are essential
unparalleled insight and effectiveness. facets that contribute to the success of
Overall, organizations must aim to strategically cybersecurity endeavors.
recruit talent that is endowed with a balance of Cultivating self-awareness enables professionals
technical expertise and foundational skills in to navigate this complex landscape with clarity
order to unlock the potential for a resilient and and insight by recognizing their personal
agile cybersecurity workforce. This strengths, limitations and emotional triggers.
amalgamation enables teams to address This field moves at the pace of human
vulnerabilities while considering the synergy innovation, requiring professionals to stay up to
between technology, human behavior, and date with the latest trends, technologies and
psychology as a pathway for robust threats. Self-awareness allows analysts to
cybersecurity defenses that resonate recognize gaps in their knowledge and embrace
throughout the entire organizational ecosystem. a mindset of continuous learning and
Developing Emotional Intelligence adaptation.
The Once the “foundational” skills have been Also, being aware of one’s own learning
established within your organization, the next preferences and limitations enables them to
stride towards elevating your workforce lies in seek out relevant training, resources and
cultivating their emotional intelligence. mentorship opportunities to enhance their
Cybersecurity, the art of safeguarding critical expertise. In addition, cybersecurity
systems and sensitive information from digital professionals are exposed to sensitive and
attacks, extends beyond the mere training of confidential data. Being self-aware make
users and the implementation of firewall analysts understand their own ethical
rulesets. Within this profession there are a boundaries, the respect for privacy and
myriad roles that require a human connection, maintaining confidentiality. A self-aware
thereby infusing an unmistakable emotional professional appreciates the significance of
element. maintaining strict confidentiality.

>> by Tashya Denose
They understand the potential consequences of The very qualities that facilitate positive team
unauthorized disclosure or breach of interactions become instrumental in advancing
confidential information such as reputational threat analysis. This dynamic industry also
damage, financial losses or legal liabilities. requires the ability to adapt, handle stress and
Empathy and social skills serve as catalysts for the unwavering ability to maintain composure in
forging meaningful connections and challenging situations is vital. In the face of
understanding of the diverse perspectives held such demanding circumstances, the ability to
by colleagues and stakeholders alike. It is rooted self-regulate emotions emerges as a powerful
in the capacity to comprehend and share the tool.
feelings of others. Cybersecurity professionals It enables professionals to maintain composure
play a vital role in educating and raising and make sound decisions even amidst chaos.
awareness among users about safe online Professionals equipped with strong self-
practices and potential threats. These skills are regulation skills rise to the occasion, effectively
essential when delivering training sessions or manage conflicts, display the capacity to
creating awareness campaigns. By delayed gratification and make thoughtful
understanding the perspectives, needs and decisions grounded in reason rather than
challenges of non-technical users, professionals impulsivity.
can tailor their approach to how they Failures, setbacks and heartbreaks are an
communicate complex concepts effectively and inevitable part of cybersecurity. Professionals
how to address any concerns or encounter breaches, vulnerabilities and
misconceptions with empathy and patience. unsuccessful attempts to mitigate risks. In such
Also, honing empathy and social competences situations they must maintain resilience.
can unlock a multitude of benefits. Not only Motivation is the internal drive that directs and
does it propagate harmonious interoffice energizes a person to push through. It is that
relationships, but they also gain a unique and little voice inside that tells you that you can do
invaluable perspective when analyzing cyber it, forcing you to persevere. Cybersecurity
threats. Hackers, with their multifaceted analysts can learn from failures, adapt their
backgrounds and motivations, require a strategies and remain motivated to persist in
nuanced understanding that transcends mere their efforts to strengthen security measures
technical proficiency. and prevent future incidents.

>> by Tashya Denose
By recognizing the significance of these core Operating from a limited vantage point hampers
components, organizations should provide the overall objective of effectively mitigating
cybersecurity professionals with invaluable cyber risks
tools for success. Cyber leaders must Diverse perspectives are critical for eliminating
assume a pivotal role in cultivating an the biases that are prevalent in AI algorithms or
environment that nurtures employee other technological systems. Addressing these
development. This entails providing biases requires a multifaceted approach. It
comprehensive training programs, offering involves diverse representation throughout the
mentorship opportunities, and allocating entire technology development lifecycle, from
resources that facilitate the enhancement of designing algorithms to training data sets,
testing and deployment. This includes ensuring
emotional intelligence skills.
that diverse voices are heard in decision-making
By investing in the growth of their processes and that biases are actively identified
cybersecurity workforce, organizations can and mitigated during the development and
harness the full potential of these implementation stages.
professionals to ensure they are equipped to To bridge this gap, organizations must execute
navigate the intricate and ever-evolving strategies that are aimed at attracting, retaining,
cybersecurity landscape with confidence and and advancing diverse talent in the
efficacy. cybersecurity field. This includes partnering with
nonprofits aimed at resolving these issues,
Diversifying Thought promoting inclusive hiring practices,
Elevating the mental aptitude of the workforce establishing mentorship programs, providing
on an individual level is undeniably crucial in targeted support and resources and promoting
strengthening a cybersecurity organization. a culture that values and celebrates diversity.
However, it is equally imperative to emphasize This leads to enhanced innovation, stronger
the significance of establishing a workforce that defenses, and a positive and inclusive work
mirrors the diversity of the population it seeks environment. By championing these values,
to safeguard. Numerous studies have organizations not only contribute to a more
highlighted the underrepresentation of ethnic equitable society but also establish themselves
and gender groups within the field. A study as leaders in the realm of cybersecurity.
conducted by Gitnux.com reveals that women
comprise only a small fraction of the Prioritizing the Business
cybersecurity workforce, accounting for 24 Cyber leadership has the responsibility of
percent. Sadly, the breakdown by ethnicity is mobilizing and fully equipping their workforce
equally disheartening: Blacks only represent 9 with a comprehensive strategy. They must
percent, Asians 8 percent and Hispanics 4 always keep in mind that a cybersecurity
percent. These statistics are the glaring strategy is ineffective unless it incorporates the
representation of the pressing need for a more priorities of the business. Unfortunately, many
diverse and inclusive cybersecurity workforce. security professionals become so laser-focused
Each person has a unique life path, with on implementing technical protections that they
experiences that shape their perspectives and neglect to consider the needs of the business,
insights. By harnessing a multitude of thereby hindering productivity. The most
perspectives, organizations can expand the effective cyber strategist understands the
collective intellectual capital within the importance of striking a balance between
cybersecurity community. security and operability.

>> by Tashya Denose
This approach ensures that security measures For success, two crucial actions must be taken;
do not impede the organization's ability to fulfil leadership must establish the foundation for a
its mission. security mindset within the organization, and
To begin, it is crucial to identify the the cybersecurity team must promptly follow
organization's "Crown Jewels" which are the with the promotion of awareness and training.
most valuable assets from a cybersecurity By helping employees understand various types
perspective. Depending on the organization, of cyber threats like phishing, social
these could include intellectual property, engineering, malware and data breaches, they
customer data, financial data, business become more aware of the risks involved and
strategies and the organization's infrastructure are better equipped to avoid potential security
and systems. These assets are often the incidents.
primary targets of cyberattacks and hold Furthermore, encouraging employee
significant importance for the organization's engagement and accountability in cybersecurity
operations, reputation and competitive practices strengthens the organization's
advantage. defense. When individuals feel empowered and
Once the "Crown Jewels" are identified, it responsible for their role in security, they
becomes the goal of the security team, along become active contributors to the overall
with their business partners, to allocate the security posture. By fostering a sense of
necessary resources to protect them. ownership, organizations enhance their
resiliency against potential breaches.
This approach involves aligning cybersecurity
goals with organizational objectives, conducting A mature cyber organization not only protects
risk assessments based on the impact on the and engages with the business but also
business and incorporating regulatory and understands the value of adopting a structured
compliance requirements. By embracing this approach to cybersecurity.
approach, security teams can establish a They provide clear guidance on risk
resilient defense that effectively safeguards the management, compliance with regulations,
organization's interests while supporting its consistency in security practices, continuous
overall mission. This not only increases the improvement and building increased stakeholder
likelihood of successful implementation but also confidence. This is accomplished by utilizing a
promotes user adoption and fosters a culture of tailored approach to cyber governance. The
security awareness, responsibility and team selects a framework based on their
prosperity throughout the organization. business type and serves as the vehicle for
communicating, thus normalizing the security
Creating a Culture of Cybersecurity Maturity culture throughout the organization.
Implementing security across an organization Each organization has its own unique needs,
requires a cultural shift. The objective is to risk profile, industry-specific regulatory
educate both technical and non-technical users requirements, and resource availability. These
so that prioritizing security becomes ingrained factors play a significant role when selecting a
and second nature. It is pivotal for cybersecurity cybersecurity framework. Leadership relies on
teams to obtain leadership’s buy-in to establish the cybersecurity team to effectively measure
a top-down approach that sets the tone for the and assess the organization's security posture
rest of the organization and emphasizes the based on the chosen framework, thereby
importance of safeguarding digital assets. enabling informed decision-making.

>> by Tashya Denose
Similarly, just as different layers of skills exist • ISO 27001: This international standard
within the cyber workforce, effective teams may provides a comprehensive framework for
layer multiple frameworks to comprehensively establishing, implementing, maintaining,
assess the security posture and address diverse and continually improving an Information
security challenges. Security Management System (ISMS). It
Listed below are a few examples of frameworks provides a systematic approach to
available to businesses. managing security risks and ensuring the
confidentiality, integrity, and availability of
• NIST Cybersecurity Framework (CSF): information assets.
Developed by the National Institute of https://www.iso.org/isoiec-27001-
Standards and Technology (NIST), this information-security.html
framework provides a risk-based approach
to managing cybersecurity risks. It consists • PCI DSS (Payment Card Industry Data
of five core functions: Identify, Protect, Security Standard): This framework is
Detect, Respond, and Recover. The NIST specifically designed for organizations that
CSF is widely adopted across industries and handle credit card transactions. It outlines a
is suitable for organizations of all sizes. set of requirements to ensure the secure
https://www.nist.gov/cyberframework handling, processing, and storage of
cardholder data.
• NIST 800-53, Security and Privacy Controls https://www.pcisecuritystandards.org/
for Federal Information Systems and
Organizations provides a comprehensive set • HIPAA (Health Insurance Portability and
of security controls and guidelines for Accountability Act): HIPAA is a regulatory
federal information systems and framework that sets standards for
organizations to protect their sensitive protecting sensitive health information in
information and ensure the confidentiality, the healthcare industry. It includes
integrity, and availability of their systems requirements related to data privacy,
and data. security safeguards, and breach
notification.
https://www.hhs.gov/hipaa/index.html
In conclusion, this article emphasizes the

interdependence of soft skills, emotional
intelligence, diversity, and the cybersecurity
journey. By recognizing the significance of these
elements and prioritizing their integration into
cybersecurity strategies, organizations can
strengthen their defenses, adapt to emerging
threats, and foster a culture of resilience. In this
holistic approach, technical expertise is
harmoniously balanced with interpersonal skills,
emotional awareness and inclusive practices,
creating a robust cybersecurity ecosystem
capable of safeguarding valuable assets in the
face of ever-evolving cyber threats.

Monte Carlo, Monaco
Meet us at…
Les Assises de la Cybersécurité 2023!

Straightforward Strategies to Elevate
the Ratio of Women in Cybersecurity
by Heide Young, the UAE
Women make up roughly 50% of the global population, Creating a supportive and inclusive environment is
40% of the global workforce, and 25% of the global crucial for attracting and retaining women in
cybersecurity workforce. cybersecurity. Provide equal opportunities for career
Cyber threats come in various forms, so getting our advancement, mentorship programs, and networking
workforce dynamics right is crucial to ensuring we opportunities tailored for women. In meetings, women can
are prepared for the evolving cyber threat be less likely to speak up. Support, encourage, and
landscape. There are various attraction and retention empower the women in your teams to speak up, ensure
they know they are valued.
strategies, each with its purpose and fit for different global
regions. Without overcomplicating it, here are just a few Fostering diversity and empowering women in
straightforward strategies easily applied globally. cybersecurity not only ensures a more equitable
society but is crucial for enhancing our
When writing job advertisements, emphasize your cybersecurity defences and resilience.
company’s culture and how you support your
employees. Refrain from long shopping lists with
unrealistic boxes for candidates to tick. Women can be
more hesitant to apply for a job with long lists of
requirements, especially if their experience doesn’t match
100% for each requirement to deliver on.
Recognize transferable and soft skills, they are
critical. Research shows that technical skills take less
effort to teach and learn than soft skills. Hiring a candidate
with strong communication, collaboration, curiosity,
adaptability, passion, and critical thinking skills, can be
invaluable to your team’s success. When hiring, look at the
bigger picture, break down the criteria of what makes a
candidate successful in that position, and what can be
learned.
Heide Young - Manager, Cyber Strategy & Engagement,

TONOMUS, NEOM; Founding Partner, Women in Cyber
Security Middle East (WiCSME), ranked in the Top 10
Technology Leaders across the Middle East 2022.
Formerly part of the leadership team for Australian
Women in Security Network, and Females in IT&Telecom
mentor, Heide Young is Founding Partner and Board
Member of Women in Cyber Security Middle East.
Serving on the Advisory Board for the Arab International
Cybersecurity Summit, Mentoring at / for CyberSafe
Foundation CyberGirls Fellowship, Liaisoning for women
at Women in Security & Resilience Alliance, Heide Young
is creating significant contributions for improving the
representation of women in cybersecurity, while being
instrumental in creating opportunities for women to
network, learn and grow within the industry.

Cyber Alchemists
Transforming Threats into Opportunities
by Dr.K.V.N.Rajesh, India
In the vast digital landscape, threats lurk around They analyze data from various sources,
every corner. Cybersecurity professionals are including security forums, underground
the modern-day alchemists, employing their markets, and hacker communities. Armed with
knowledge and expertise to transform these this knowledge, they can anticipate threats,
threats into opportunities for growth and develop proactive defense strategies, and even
innovation. In this article, we delve into the disrupt malicious activities.
realm of cyber alchemy, exploring how these Adaptive Security Measures: Cyber alchemists
skilled individuals navigate the intricate world recognize that static security measures are no
of cybersecurity, adapt to ever-evolving longer sufficient. They embrace adaptive
threats, and leverage their expertise to turn security approaches that constantly evolve and
adversity into advantage. respond to emerging threats. This includes
The Evolving Cyber Threat Landscape implementing artificial intelligence (AI) and
The digital age has brought immense machine learning (ML) algorithms that can
advancements and opportunities, but it has also analyze vast amounts of data in real-time,
opened doors to a myriad of cyber threats. identify patterns, and detect anomalies. By
Cybercriminals employ sophisticated techniques leveraging these advanced technologies, cyber
to breach defenses, infiltrate networks, and alchemists can enhance threat detection and
compromise sensitive data. From ransomware response capabilities.
attacks and data breaches to social engineering Ethical Hacking and Penetration Testing: To
and phishing schemes, the arsenal of cyber truly understand and counteract threats, cyber
threats is vast and ever-expanding. alchemists adopt the mindset of hackers.
However, cyber alchemists understand that Through ethical hacking and penetration testing,
every threat represents an opportunity. By they identify vulnerabilities within systems and
studying these threats, they gain valuable networks before malicious actors can exploit
insights into the vulnerabilities that need to be them. By adopting the perspective of an
addressed. They constantly adapt their adversary, cyber alchemists can strengthen
strategies and techniques to keep pace with defenses by patching weaknesses and
the evolving threat landscape. bolstering security measures.
Alchemy of Defense: Tools and Techniques Collaboration and Information Sharing: Cyber
alchemists recognize that the battle against
Just as alchemists once sought to transmute
cyber threats cannot be fought alone. They
base metals into gold, cyber alchemists strive to
actively engage in collaborations with industry
transmute threats into fortified defenses. They
peers, security researchers, and law
employ a range of tools and techniques to
enforcement agencies. By sharing information
achieve this transformation.
and insights, they build a collective defense
Threat Intelligence: Cyber alchemists delve against common threats, fostering a culture of
deep into the dark corners of the internet, collaboration that benefits the entire
gathering intelligence on emerging threats, cybersecurity community.
malicious actors, and new attack vectors.

>> by Dr.K.V.N.Rajesh
Transforming Threats into Opportunities Educating and Empowering: Cyber alchemists

While the primary objective of cyber alchemists recognize that knowledge is power in the battle
is to protect against threats, they also seize the against cyber threats. They actively engage in
opportunity to learn and grow from each educating users and organizations about best
encounter. By studying the tactics, techniques, practices, security awareness, and the latest
and procedures employed by cybercriminals, threats. By empowering individuals with the
they gain valuable knowledge that can be used knowledge to identify and mitigate risks, cyber
to strengthen defenses and develop innovative alchemists help create a more secure digital
solutions. ecosystem.
Developing Resilience: Each encounter with a Driving Business Growth: Cyber alchemists
cyber threat presents an opportunity to fortify have the unique ability to turn threats into
defenses and build resilience. Cyber alchemists opportunities for business growth. By
analyze the attack vectors, identify weaknesses, understanding the potential impact of cyber
and implement robust countermeasures. They threats, they can advise organizations on risk
leverage the knowledge gained from each management strategies and help identify new
incident to develop proactive strategies that can market opportunities. They assist in building
thwart future attacks. trust with customers by demonstrating a
commitment to cybersecurity, which can
Innovating Security Solutions: Cyber ultimately lead to increased customer loyalty
alchemists are at the forefront of innovation in and competitive advantage.
the cybersecurity industry. By transforming
threats into opportunities, they drive the Ethical Responsibilities: As cyber alchemists
development of cutting-edge security solutions. navigate the complex world of cybersecurity;
They explore emerging technologies, such as they also bear ethical responsibilities. They
blockchain, zero-trust architectures, and secure uphold principles of privacy, confidentiality, and
coding practices, to create more robust and data protection, ensuring that their actions align
resilient systems. with legal and ethical frameworks.

>> by Dr.K.V.N.Rajesh
They advocate for responsible use of

technology and work towards fostering a safer
digital environment for all.
In the ever-evolving landscape of cyber
threats, cyber alchemists emerge as the
vanguards of innovation and resilience.
They possess the knowledge, skills, and
determination to transform threats into
opportunities for growth and advancement.
By leveraging their expertise, adapting to
emerging threats, and collaborating with
others, cyber alchemists play a pivotal role
in securing the digital realm.
As technology continues to advance and
threats become more sophisticated, the role
of cyber alchemists becomes increasingly
critical. By embracing the challenges posed
by cyber threats and transforming them into
opportunities, they shape the future of
cybersecurity. With their unwavering
dedication and visionary mindset, these
modern-day alchemists protect, empower,
and drive positive change in the digital world
we inhabit.
Dr.K.V.N.Rajesh, India
Dr.K.V.N.Rajesh is a highly qualified and certified Microsoft Trainer who currently serves as a Subject
Matter Expert at CloudThat. His expertise is centered around various aspects of Azure Security,
including Identity & Access Management, Information Protection, Microsoft 365 admin center,
Defender Suite, Microsoft Cloud App Security, and other security operations.
With his extensive hands-on experience in these areas, he specializes in providing tailored training to
meet the unique needs of clients and organizations in technical training settings such as Corporate,
Online, and Classroom environments. He is truly passionate about technology and continuously keeps
up with the latest trends in the industry, as evidenced by his demonstrated skill set in Microsoft 365
Security, Azure AI, and Deep Learning.
With over 18 years of experience in training, he has imparted his knowledge and skills to over 10,000
participants in his career. He holds both a B.Tech and M.Tech in Computer Science and has completed
his Ph.D in the area of Deep Learning, highlighting his advanced expertise in the field of technology.
His passion for technology and training is evident in his impressive track record and dedication to
providing top-quality education to his clients and students. He has been recognized with numerous
awards, one of which includes winning the Microsoft Blogathon in 2022.

Why We Need More
Mindfulness in Cyber
by Anna Collard, South Africa
Most companies wouldn’t associate security as a The goal is to keep the mind active when it comes to
direct benefit of employee wellness. Usually that’s the very specific decision-making such as when
remit of HR, productivity, or improved employee confronted by potential phishing emails or cyber
engagement. However, by considering how easily threats.
people make mistakes when they are tired, burned Cybercriminals as well as fake news use emotional
out or disengaged, a mindfulness approach is a triggering content such as fear, greed, or curiosity to
good investment into long-term cyber security. trick us out of critical thinking.
Here is why: Our modern lives with mobile devices, If we learn to use our heightened emotions as early
apps, email, and social media constantly fighting for warning signs and apply mindfulness techniques to
our attention, result in cognitive overload and multi- quiet down, focus and pay attention before we
tasking. This in turn makes us more error prone, react, we can remain in control, focus better and in
stressed and more susceptible to social engineering turn prevent cyber-attacks.
attacks.
When we are stressed, the part of our brain that deals
with decision making is taken over by our fear centre,
decreasing our ability to think critically and focus.
Unfortunately, this is exactly where social engineering
hooks us. On the flipside, when we are calm, we are
more able to focus, think clearly and make better
choices.
This is one of the reasons why I believe security
training should be linked to being present and mindful
and to prioritise taking time to process information in
critical situations more deeply and slowly. People’s
personal wellbeing is directly connected to
maintaining their online security.
A member of the World Economic Forum’s Global Future

Council on the Future of Metaverse for the 2023-2024
term, Anna Collard is the SVP of Content Strategy &
Evangelist for KnowBe4 Africa where she drives security
awareness across the African continent.
Collard founded Popcorn Training, which was acquired by
KnowBe4 in 2018. Anna won the Women in Tech
Innovations Throughout Africa 2020 Award for Southern
and Central Africa and featured in the Top 50 Women in
Cybersecurity – Africa 2020.
Collard also sits on the board of the MiDO Cyber Academy
Programme, aimed at underserved communities in South
Africa to bridge the cyber skills divide.

Save the date! August 31st, 2023
@ Ardoe Castle in Aberdeen, Scotland!
This is a historic event,
a ground-breaking moment in beautiful Scotland!
Join the OSP Cyber Academy, British Royal Marines
and United Cybersecurity Alliance
at the inaugural Cybersecurity Woman of the World Edition GALA
Cyber Security Is A National Priority
by Dr. Igli Tafa
Director General, National Authority on Electronic Certification and Cybersecurity, Albania
The government of Albania recognizes the Both the FBI and Microsoft's DART teams
potential cyber threats faced by its citizens, concluded that Iranian intelligence was
businesses, and organizations and is taking responsible for this attack. This is an attack we
the appropriate actions to protect against attributed to Iran based on facts. We can all
them. Cyber security has become a top learn something from this.
priority for the government, as evidenced We acknowledge the role that our international
by the recent introduction of a cyber partners played by providing technical
security strategy designed to bolster the resources, expertise and training afterwards.
country's defences. Through collaboration, we were able to respond
This strategy calls for the implementation of quickly to cyber threats and to coordinate our
advanced technologies to enhance detection strategies in order to minimize the damage as
and prevention capabilities, as well as increased much as possible. This was done through the
empowerment of citizens, businesses, and establishment of effective communication
organizations in order to build cyber resilience. networks and continues coordination.
The government is also engaging with To date, we are closely cooperating with the US
international partners to foster more secure State Department, the EU Delegation in Albania,
communications and to better share intelligence the State of Israel, NATO, OSCE, United Arab
on threats. Emirates, as well as other National Authorities
Making Albania the safest place to live and do for Cyber Security around Europe, through a
online business is more important than ever at Memorandum of Understanding to exchange
a time when there are severe threats to global best practices, share resources and increase
economic stability and security. The networks cyber capacities in Albania.
that bind us together and improve our lives on Along with more conventional means of
an economic and social level must be diplomacy and statecraft, Albania’s cyber
trustworthy. Thus, everyone should care about capacities will be crucial in safeguarding
cyber security. national security and prosperity in these
When considering the big picture, it is evident challenging times. We must step up our
that dangers from cyber threats are diversifying efforts to ensure that Albanian organizations and
and changing. More countries are developing the government increase their levels of cyber
their cyber capabilities, and more non-state resilience in order to strengthen present
entities are joining the struggle. The cyber defences. To stay ahead, we must continually
threats we all face are affected by these re-examine and rethink cyber security.
elements and more. And AKCESK is doing precisely that. The goal is
In July 2022 we had a large-scale sophisticated to reach a better understanding of cyber
cyber-attack. It was very disturbing because for security at the national level. For instance,
weeks it was an incredible war going on online, AKCESK is empowering people and
24/7, many people were dedicated to fighting organizations with the knowledge they need to
them back. We managed to survive this attack stay safe online, especially against ransomware
without letting them do what they wanted to do. attacks, through the National Cyber Awareness
We conducted an extremely thorough analysis. programs.

.
>> by Dr. Igli Tafa
As one of the key entities in the responsible

development and management of Albanian
cyber security systems, AKCESK is responsible
for setting and enforcing the cyber security
strategies, policies and regulations that ensure
the safety and security of the country’s
information technology (IT) infrastructure and
the protection of its citizens’ sensitive
confidential data. Based on these regulations,
AKCESK periodically organizes control of the
implementation of minimum-security measures
for cyber security in the Critical and Important
Information Infrastructures in Albania.
This enables a quicker response to cyber-
AKCESK undertakes a number of activities to
ensure effective cyber security in the country. attacks and more effective protection for the
The Authority works closely with various CII’s resources and customers.
organizations to disseminate information on NCSIRT helps CIIs to establish better cyber
avoiding online security threats and to educate security practices and procedures in order to
citizens on the issue. In summary, AKCESK increase the resilience of their systems. NCSIRT
contributes to the development of a secure and also helps CIIs to identify weaknesses in their
safe digital environment in the country. security posture and works with them to patch
Critical Information Infrastructure Cooperation these gaps in a timely manner. CIIs can use the
NCSIRT as a resource to access the latest
In today’s digital era, securing the cyber security security updates, identify the best security
of organizations has become a top priority. One practices, and connect with other CII operators
key area of investment in such efforts includes who may be facing similar cyber threats.
cooperation between AKCESK, which acts also
as the National Computer Security Incident We are confident that CII operators that form
Response Teams (NCSIRTs) and Critical strong partnerships with the NCSIRT to protect
Information Infrastructure (CII) operators. Such their assets, customers and resources will be
cooperation is important to combat the ever- more protected and can better protect their
evolving cyber threats and protect customers’ customers in the long run.
and CII’s assets and resources. National Security Operations Centre (SOC)
CIIs in Albania are identified based on the NIS The new strategic plan for Albania foreseen also
Directive of the EU and consist of approximately building a National Security Operations Centre
160 operators from the banking sector, health, (SOC) in Albania, which is an important plan for
transport, energy, government and digital a number of reasons.
infrastructure. First of all, a national SOC would allow Albania
Cooperation with each of the sectors is to develop the capacity to detect, analyse, and
increasing, at the level that now we consider respond to cyber threats swiftly, efficiently, and
cooperation with the banking sector a green accurately. By having a SOC in place, cyber
area. The other sectors are improved security experts could monitor, investigate, and
essentially. Closed cooperation with each of the coordinate responses to any suspicious cyber
sectors, enables more coordinated efforts and activities in Albania. This would give the country
increases information sharing about cyber better control over its cyber security and enable
security threats. it to respond quickly to any malicious activity.

>> by Dr. Igli Tafa
A National SOC would also enable Albania to tap Albania’s resilience, stopping hundreds of
into the technical expertise available within the thousands of attacks upstream while
region and make use of the collective bolstering preparedness and helping
intelligence to detect, contain, and respond to Albanian institutions and organisations better
any potential threats. Having a well-developed understand the nature of cyber threats, risks
National SOC will also allow the Albanian
and vulnerabilities downstream.
government to gain more visibility into cyber-
related activities and detect threats before they
Capacity building and International
have time to cause real damage. It would also
help build trust with foreign partners and serve
Cooperation
as a reliable source of cyber security Cyber security is an increasingly important
information and expertise. issue in Albania, as the country is becoming
increasingly connected to the internet. The
Last but not least, having a well-developed government is well aware of the need to
National SOC in place would be essential for the enhance cyber security capacity in the country,
development of a strong international security and there are several initiatives underway to
strategy in Albania. address the issue.
Establishing MISP, Arctic, Shadow Server Overall, the Government is taking a multifaceted
AKCESK is recently working on the approach to cyber security capacity building in
implementation of MISP, Arctic, and Shadow Albania and is investing in various cybersecurity
Server to respond to cyber security incidents. initiatives, including improved legislation, and
These are newly established systems that resources.
provide tracking, analysis, and automation There is also in place a five-year cyber security
capabilities to allow us to quickly and efficiently strategy, which has the goal of creating a safer
assess incidents, identify threat actors and cyber ecosystem in Albania. The strategy
develop countermeasures. includes cyber security initiatives such as
Through these systems, we are able to collect, training, education, and awareness campaigns,
analyse, and share data across our global as well as encouraging digital literacy among
network. This helps us ensure that any incident citizens. On the other side, we know well that
is addressed quickly and thoroughly and that international cooperation in cyber security is key
the risk of future similar incidents is minimized. to protecting individuals, businesses and
governments, and is essential to ensuring a safe
In a long term, the monitoring systems will enable
and secure digital world. To ensure the highest
significant progress in bolstering
levels of security, governments need to work
closely together and share best practices.
Finally, it will take decades for the current global
changes to stabilize. Although I cannot foresee
the future, I can state with certainty that cyber
and cyber security will remain essential to the
success of our country.
The Albanian government and we at AKCESK are
committed to working tirelessly to make sure
that the nation's cyber security is up to the
challenges of the future.

Dr. Igli Tafa, Albania
Dr. Igli Tafa is the General Director of the National Authority for Electronic Certification and Cyber
Security of Albania (AKCESK) and National Coordinator for Cyber Security. He is a cybersecurity
professional with a breadth of expertise developed through a diverse career supporting
organizations in the private and public sectors. Dr. Igli Tafa received a PhD in Virtualization Systems
in Computer Science from Polytechnic University of Tirana, as well as several industry credentials.
Prior to joining AKCESK, Dr. Igli Tafa held various related roles in risk assessment, security systems
engineering, application layer security, and incident response. Igli’s passion for fostering
cybersecurity education has led to his continued success. His mission is to use his knowledge and
experience to empower individuals, organizations, and governments to adopt secure practices as
foundational building blocks for maintaining the digital economy. Dr. Tafa advocates for a persistent
and sustained approach to cybersecurity and has been involved in numerous large-scale projects
both domestically and internationally.
A N AWA R D - W I N N I N G D I G I TA L M AG A Z I N E
A B O U T P EO P L E, BY P EO P L E, FO R P EO P L E

Magazine: Tashya Denose

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Magazine: Tashya Denose

Uploaded by

Copyright:

Available Formats

TOP CYBER NEWS

MAGAZINE AUGUST 2023

By emphasizing Human Talent, the magazine recognizes and celebrates the

In uniting diverse universe of cybersecurity experts, Top Cyber News MAGAZINE

Integrating Excellence With The Future!

Top Cyber News MAGAZINE - August 2023 - All Rights Reserved 3

Malak Trabelsi Loeb is a Dubai-

accomplished legal consultant.

The Cyber Security Hub™

Top Cyber News MAGAZINE - August 2023 - All Rights Reserved 5

Top Cyber News MAGAZINE - August 2023 - All Rights Reserved 6

Top Cyber News MAGAZINE - August 2023 - All Rights Reserved 7

I was intrigued by the scale of responsibility and

Top Cyber News MAGAZINE - August 2023 - All Rights Reserved 9

Top Cyber News MAGAZINE - August 2023 - All Rights Reserved 10

Top Cyber News MAGAZINE - August 2023 - All Rights Reserved 11

Top Cyber News MAGAZINE - August 2023 - All Rights Reserved 12

“Be bold and

Top Cyber News MAGAZINE - August 2023 - All Rights Reserved 13

Top Cyber News MAGAZINE - August 2023 - All Rights Reserved 14

Top Cyber News MAGAZINE - August 2023 - All Rights Reserved 15

Top Cyber News MAGAZINE - August 2023 - All Rights Reserved 16

Top Cyber News MAGAZINE - August 2023 - All Rights Reserved 17

Amy De Salvatore is Partner, Business Development

Top Cyber News MAGAZINE - August 2023 - All Rights Reserved 19

by Tashya Denose, United States

Top Cyber News MAGAZINE - August 2023 - All Rights Reserved 21

Recognizing “Foundational” Skills They must embrace feedback as a catalyst for

Top Cyber News MAGAZINE - August 2023 - All Rights Reserved 22

In this context, being a proficient team player By embracing emotional intelligence,

Top Cyber News MAGAZINE - August 2023 - All Rights Reserved 23

Top Cyber News MAGAZINE - August 2023 - All Rights Reserved 24

Top Cyber News MAGAZINE - August 2023 - All Rights Reserved 25

Top Cyber News MAGAZINE - August 2023 - All Rights Reserved 26

In conclusion, this article emphasizes the

Top Cyber News MAGAZINE - August 2023 - All Rights Reserved 27

Top Cyber News MAGAZINE - August 2023 - All Rights Reserved 28

Heide Young - Manager, Cyber Strategy & Engagement,

Top Cyber News MAGAZINE - August 2023 - All Rights Reserved 29

Top Cyber News MAGAZINE - August 2023 - All Rights Reserved 30

Transforming Threats into Opportunities Educating and Empowering: Cyber alchemists

Top Cyber News MAGAZINE - August 2023 - All Rights Reserved 31

They advocate for responsible use of

Top Cyber News MAGAZINE - August 2023 - All Rights Reserved 32

A member of the World Economic Forum’s Global Future

Top Cyber News MAGAZINE - August 2023 - All Rights Reserved 33

Top Cyber News MAGAZINE - August 2023 - All Rights Reserved 35

As one of the key entities in the responsible

Top Cyber News MAGAZINE - August 2023 - All Rights Reserved 36

Top Cyber News MAGAZINE - August 2023 - All Rights Reserved 37

Top Cyber News MAGAZINE - August 2023 - All Rights Reserved 40

You might also like