GCC interview series

Ahead of the Global Cyber Conference, we have undertaken a series of interviews with some of our speakers featuring on stage in September 2022. 

Harsh reality: Technology cannot protect organizations if incorrectly integrated and used. By contrast, the development of a cybersecurity culture achieves a change in mindset and maintains a close organizational culture.  

Stéphane Duguin, Chief Executive Officer at CyberPeace Institute, was a panelist at the Global Cyber Conference in a session entitled “How to build and sustain a strong cyber security culture and awareness” at the Global Cyber Conference 2022. Prior to this position, Stéphane was a senior manager and innovation coordinator at Europol.  

We asked Stéphane three questions about GCC’s main themes and what motivated him to attend our conference. Join us and hear compelling ideas from Stéphane and gain valuable insights on cybersecurity thought leadership.

Could you please share with us your 3 main reasons for attending the Global Cyber Conference in Zurich?  

  • The Global Cyber Conference attracts experts and audiences that are critical to building greater awareness of the importance of cybersecurity for all organizations.  
  • The CyberPeace Institute strives to support vulnerable communities and organizations with cybersecurity assistance and protection, and it is important to raise awareness in key fora of the cyber threats and harm to them and their specific needs. 
  • To bring an evidence-led and people-centric perspective on cybersecurity from a civil society organization to a forum that can contribute to the work of the Institute. 

What are your initial thoughts on the Global Cyber Conference’s key themes and according to you, how strategically the themes are set?  

I think the key themes address some of today’s critical challenges, including recognizing that digitalization by organizations requires a significant focus on cybersecurity and that it is necessary to develop a strong cybersecurity culture in organizations. I am pleased to see these themes resonate throughout the agenda. 

The human element plays a central part in most cybersecurity incidents. To which extent do you consider that people are most often the problem? 

It is crucial to underscore the importance of the role of people in cybersecurity, however, I would not frame people as the problem as this may focus blame on the people least able to remedy the issues. When the cybersecurity incident is linked to an internal error, it is important to understand why – lack of a strong cybersecurity culture, lack of training, lack of investment by the organization in monitoring and updating systems, etc. 

When the organization is subjected to cyberattacks from external threat actors, it is important not to blame the victims of the attack, to recognize that this is criminal behavior, and ensure accountability that remedial measures are taken.