Cyber Talks: The Cyber Lobbyist

Cyber Talks: The Cyber Lobbyist

Bridging the Gap between Governance and Business Value. Cybersecurity has long been treated as a technical discipline and a cost center. But in today’s digital economy, security increasingly determines whether innovation can happen, whether trust can be established, and whether businesses can operate at scale. In this episode of Cyber Talks by Devoteam, Rui Shantilal is joined by Josip Matošin, Account Manager at Devoteam Cyber Trust Germany, to explore a provocative idea: what if cybersecurity leaders should act as “Cyber Lobbyists” inside their organisations? Together, they unpack why many companies are compliant on paper but vulnerable in reality, how governance frameworks such as NIS2 can sometimes create a false sense of security, and why cybersecurity must evolve from a cost center to a business enabler and ultimately, a profit center. The conversation also dives into organisational strategy, the paradox of AI-driven defense, and why culture and human behaviour remain the weakest and most important, layer of cybersecurity. You’ll learn about: * Why cybersecurity leaders need to act as Cyber Lobbyists * The gap between compliance and real security * Why governance, structure and culture shape cyber resilience * The AI & Human Paradox in modern defense * How cybersecurity can become a business enabler * What drives real impact in cybersecurity careers

The Evolving Threat Landscape – Offensive Security in Action

Defences are only as strong as what you test. Are you ready? Join Rui Shantilal, Group VP Cyber Trust, and guest Bruno Morisson, Global Head of Offensive Security at Devoteam Cyber Trust, as they explore why offensive security has become essential for modern cyber resilience. In this episode, discover how ethical hacking, penetration testing, and red teaming help organisations understand what would really happen in an attack, not just what should happen on paper. Bruno also shares how AI is changing security testing, and what frameworks such as DORA, TIBER EU, and CBEST are pushing organisations to consider when it comes to proving resilience. He finishes with practical advice for anyone looking to build a career in offensive security. You’ll learn about: 1. What offensive security is, and how it supports defensive teams 2. The difference between a penetration test and a red team engagement 3. Why red teaming matters for detection and response, not just prevention 4. How AI is influencing modern testing and attacker behaviour 5. What DORA, TIBER EU and CBEST mean for security testing expectations 6. The skills and mindset that help you grow in offensive security

The Identity Crisis – IAM in the Age of Zero Trust

Identity is the new perimeter, are you prepared? Join Rui Shantilal, Group VP Cyber Trust and guest Aiert Azueta, Head of IAM Devoteam Cyber Trust as they uncover how Identity & Access Management (IAM) has become the front line of modern cybersecurity. In this episode, discover how Zero Trust, passwordless authentication, and AI are reshaping digital identity and why managing privileged access and insider threats has never been more critical. Aiert also shares what it takes to build a successful career in IAM. You’ll learn about: * The shift to identity-centric security * The move beyond passwords * The power of Zero Trust & least privilege * AI-driven identity verification * Privileged access risks & insider threats * The regulatory forces redefining IAM

AI & Cybersecurity – A Double-Edged Sword

AI doesn’t sleep, doesn’t forget, and doesn’t forgive. Are you prepared? Join Hugo Mestre, Executive Director & Head of Cyber Trust Portugal and co-host Rui Shantilal as we explore how AI is revolutionising cybersecurity, but also supercharging cybercrime. Listen to this episode to learn about: * How AI is transforming threat detection & response. * The rise of AI-driven cyberattacks—from deepfakes to automated phishing. * The risks of AI bias, privacy, and security blind spots. * What governments are doing to regulate AI-driven threats. * How to build expertise in AI security before it’s too late.

Cyber Talks: DORA & NIS2 Explained – A Practical Guide to EU Cyber Resilience & Compliance

Are you prepared for DORA and NIS2, the EU regulations fundamentally reshaping the cybersecurity landscape? For many organisations in the financial and critical infrastructure sectors, navigating these new frameworks presents a significant challenge, moving beyond a simple checklist to demand true operational resilience. In this episode of Cyber Talks by Devoteam, host Rui Shantilal is joined by Ine Segers, Global Head of GRC Practice at Devoteam. Drawing on deep expertise in cybersecurity and regulation, Ine decodes the complexities of DORA and NIS2, offering a clear roadmap for turning regulatory obligations into a strategic advantage. Listen to this episode to learn about: * The Core Purpose: Understand what DORA and the NIS2 Directive are, the sectors they target, and their ultimate goal of enhancing Europe's digital operational resilience. * Key Compliance Pillars: A breakdown of the essential requirements, including ICT risk management, operational resilience testing, and the critical importance of third-party risk management. * The Cost of Non-Compliance: A clear overview of the severe financial penalties—potentially reaching up to 2% of annual turnover or €10 million—and the personal liability board members now face. * Implementation Challenges: Practical insights into the biggest hurdles, from interpreting the regulations and securing budgets to overcoming the cybersecurity talent shortage. * Strategic Solutions: Discover how modern GRC (Governance, Risk, and Compliance) platforms can streamline audit processes, centralise controls, and help your organisation manage regulatory complexity effectively. * Actionable Next Steps: Concrete advice on building a cross-functional change management program and creating a strategic roadmap to ensure your organisation is prepared, compliant, and genuinely resilient.