Black Hat Interview How do you become a cybersecurity lecturer?
This interview was published at Black Hat’s web site, you can read it here
Black Hat MEA weekly delivery of cybersecurity wisdom and inspiration from the global Black Hat MEA community.
This week we’re focused on…
How you go from cybersecurity expert to cybersecurity lecturer.
Why?
Because we interviewed Dr. Erdal Ozkaya (Group CISO at MAVeCap) – a global cybersecurity leader who lectures at cybersecurity organisations and educational institutions. And we thought his story might be inspiring for those of you with ambitions to influence new generations of cybersecurity talent.
Here are our questions – and Ozkaya’s answers.
How did you start lecturing about cybersecurity?
“My path to becoming a cybersecurity lecturer wasn’t exactly linear. Here’s how it unfolded:
- The build-up: I started my career as a hands-on cybersecurity practitioner. This meant years working in the trenches – incident response, penetration testing, system hardening…you name it. Building deep technical experience was absolutely crucial.
- The passion beyond the keyboard: Along the way, I discovered I loved explaining complex cybersecurity concepts to colleagues. Training sessions, mentoring, and internal presentations became something I really looked forward to.
- From practitioner to communicator: The more I taught, the more I realised how many people struggled to understand not just how cyber threats work, but why they mattered. My focus shifted to translating technical details into real-world impact.
- Branching out: Opportunities started to present themselves. First, I was asked to speak at local security meetups. Then, invitations from educational institutions to give guest lectures. Eventually, cybersecurity organisations began seeking me out to give talks and workshops.
What does lecturing mean to you?
“Sharing my knowledge and experience in cybersecurity in this way has become immensely fulfilling.
“Cybersecurity can be intimidating. Being able to break down the concepts, strip away the jargon, and illuminate their real-world consequences…that feels really important.
“The more people in all types of organisations understand the risks and best practices, the safer we all become. My lectures aren’t only about scaring people, but empowering them with actionable steps.
“I especially love interacting with students. It’s incredibly rewarding to potentially plant the seed that sparks a young person’s career in cybersecurity when we desperately need more skilled individuals.
“And when I teach a room of people, it’s not just those individuals who benefit. They go back to their workplaces and communities, spreading the knowledge further. I’m contributing to a broader culture of cybersecurity awareness.”
Believe in your ability to influence new talent
We love Ozkaya’s story – not just because his passion shines through in every word, but because it highlights the potential of every cybersecurity expert (your potential) to influence new generations, new talent, and have an impact on the advancement of cybersecurity that stretches far beyond the work you do day-to-day.
Build your knowledge. Seek out new experiences. And when the invitations to share what you’ve learnt start rolling in, accept them – because it’s real life experience from people like you that will inspire, empower, and enable the next generation of talent.
And cybersecurity needs that talent.
Me in the news, click here
Black Hat Interview How do you become a cybersecurity lecturer?
About Black Hat MEA
Black Hat Middle East and Africa, formerly @HACK, is a three-day cybersecurity and hacking convention held annually in Riyadh,
The first event took place from 28–30 November 2021 at Riyadh Front Expo Centre, Riyadh, Saudi Arabia. The inaugral edition attracted over 25,000 attendees, 250 cybersecurity exhibitors, 50 expert ethical hackers, and many Black Hat trainers. The event also featured two contests, Capture The Flag and Bug Bounty
The second edition of the event took place at the Riyadh Front Exhibition & Conference Center (RFECC) in Saudi Arabia from 14th – 16th November 2023 under the tagline ‘Infosec on the Edge.’ The event was attended by over 40.000 infosec or cybersecurity professionals and featured more than 300 speakers and exhibitors from over 120 countries.[The line-up included CISOs from Huawei, Netflix, Uber, Airbus, FBI and Zoom.] The event also featured the youngest-ever speaker, 13-year-old Marco Liberale, with a session on ransomware.
For further reading on this topic, see NIST’s Cybersecurity Framework and explore Dr. Ozkaya’s CISO Toolkit for practical resources.
CISO Insight
Every interaction in cybersecurity — whether a conference, a technology partnership, or a knowledge-sharing session — builds the collective defense capability of our industry. The real measure of security leadership is not what you protect alone, but what you enable others to protect. — Dr. Erdal Ozkaya
The Bigger Picture: Cybersecurity Leadership in Practice
Events, collaborations, and community engagements like those described above are not isolated activities — they form the connective tissue of a global cybersecurity ecosystem. Dr. Erdal Ozkaya has consistently emphasized that effective security leadership extends beyond technical controls. It requires building relationships across industries, mentoring emerging talent, and contributing to the broader discourse on digital risk.
Whether the context is a financial services summit, a technology conference, or an academic partnership, the underlying principle remains the same: shared knowledge multiplies defensive capability. Organizations that invest in cybersecurity community engagement see measurable improvements in their threat detection, incident response readiness, and overall security posture.
Frequently Asked Questions
How does participating in cybersecurity events improve organizational security?
Active participation in industry events provides direct access to emerging threat intelligence, enables peer benchmarking of security practices, and facilitates relationships that prove critical during incident response. Organizations that engage in the broader cybersecurity community consistently demonstrate stronger security outcomes.
What should CISOs prioritize when evaluating speaking or partnership opportunities?
CISOs should prioritize opportunities that align with their organization’s strategic security objectives, offer genuine knowledge exchange rather than vendor promotion, and provide measurable value through new frameworks, contacts, or actionable insights. Quality of engagement matters more than quantity.
Explore more cybersecurity leadership resources: Cyber Resilience Framework | CISO Toolkit | How to Become a CISO | Zero Trust Security