We create our present in the past and the future in the present. Small, young, or adults, how we cope with challenging situations shapes our course. Yehia Elghaly’s foray into cybersecurity commenced during his high school years. This journey was catalyzed in the late 1990s when his father presented him with his first computer, a machine powered by a Pentium 4 processor. At that time, dial-up connections predominantly facilitated internet access, characterized by their notably slow speeds.
Yehia says that the pivotal moment that truly ignited his interest in cybersecurity occurred when his computer was infected by a virus. “This malicious software targeted and corrupted files with the .exe extension, effectively rendering all my downloaded software unusable. Despite the initial frustration and loss, this experience awakened my deep-seated curiosity. I became fascinated by the power of seemingly insignificant pieces of code to cause such extensive damage,” adds Yehia.
On A Journey to Quench Curiosity
Motivated by this curiosity, he embarked on a journey to understand the intricacies of computer programming and cybersecurity. Yehia reflects, “I began by teaching myself programming languages that served as my entry point into cybersecurity. My quest for knowledge extended beyond traditional education; I delved into the depths of hacking forums and online communities.” These platforms provided practical knowledge that significantly shaped his understanding of cybersecurity.
Recognizing the importance of formal education in this field, Yehia pursued professional certifications in cybersecurity and a master’s degree in information security and digital forensics. These programs helped solidify his foundational knowledge and provided a structured framework for his learning. “However, I firmly believe that much of my expertise has been honed through hands-on experience,” he emphasizes.
By engaging in various projects, developing and publishing open-source offensive security tools, and conducting research in exploitation development, red teaming, and social engineering, Yehia has been able to apply theoretical knowledge in practical scenarios, further enhancing his skills.
The Turning Point
His professional trajectory began as a Senior Security Researcher, where he honed his skills in offensive security on a freelance basis. “This role served as a foundational step in my career, enabling me to delve into the complexities of cyber threats and defense mechanisms,” says Yehia.
The next phase of his career took him to Dubai, a dynamic hub for cybersecurity innovation. Here, he had the privilege of working with some of the region’s top cybersecurity and Corporate firms in both consultant and managerial roles. These experiences broadened Yehia’s technical expertise and provided him with a global perspective on cybersecurity challenges and solutions.
Over the past more than 11 years, Yehia has successfully led and executed over 200 projects across a wide range of sectors, including government, banking, telecommunications, aviation, oil and gas, education, construction, energy, healthcare, marine, ports and terminals, and critical national infrastructure systems. His project portfolio spans diverse geographical regions, including Asia, Europe, Africa, the Gulf, and Latin America, enabling him to develop a comprehensive understanding of global cybersecurity landscapes.
The Learning Constant
Yehia says, “My commitment to continuous learning and research in cybersecurity has also established me as a keynote speaker at numerous international conferences. I have had the honor of presenting at esteemed gatherings such as the Middle East Info Security Summit, QuBit, DefCamp, and Blackhat, sharing my insights and contributing to the global discourse on cybersecurity.”
Furthermore, his journey has been marked by a strong belief in the power of education and knowledge sharing. This conviction led him to author a book on learning penetration testing using Python 3x programming and write many articles for top cybersecurity magazines worldwide.
Currently, as a Senior Consultant of the Red Team, Yehia has a variety of responsibilities that mainly include leading projects for clients that focus on designing and executing realistic cyber-attack simulations that mimic tactics, techniques, and procedures (TTPs) used by actual adversaries. Managing and executing projects by conducting thorough assessments to identify vulnerabilities in an organization’s networks, systems, and applications, as well as keeping up-to-date with the latest cybersecurity trends, threats, and vulnerabilities. “My main responsibility is developing red team tools and methodologies that can enhance our execution level, and finally train and mentor the junior level employees of my team,” shares Yehia.
Leading the Curve
Staying ahead of the threat landscape, as the cybersecurity threat landscape is constantly evolving, with new vulnerabilities, attack vectors, and adversarial tactics emerging regularly, requires continuous learning and adaptation, which can be both time-consuming and challenging. Also, the complexity of modern IT environments is increasingly complex, with a mix of legacy systems, cloud services, mobile devices, and IoT devices. Understanding the intricacies of these diverse environments and finding ways to simulate attacks across them effectively can be difficult. One of the other challenges is keeping the client system safe while executing red team operations, especially when the client system is a critical infrastructure with legacy systems and can be affected easily. Also, sometimes clients must execute red team assessment through many restrictions regarding the scope of work or executing the projects from their environment. “It has many system retractions that make my red team assessment execution a bit difficult,” he says.
Treading Together
Yet, Yehia approaches leading and collaborating with his team to ensure the successful execution of Red Team operations. He says that during his career, when he led projects, he collaborated with his team members by clearly defining the goals and objectives of the red team operations and client security objectives, ensuring every team member understood the purpose and expected outcomes of the operation. “I set the goals for every team member based on their different skills.” During the project execution, regular meetings are set up to discuss progress challenges, brainstorm solutions and encourage an open dialogue where team members can share insights and concerns. He involves the team in planning operations, which can uncover unique insights and innovative attack strategies. Conducts thorough debrief sessions after each operation to review what was learned, including successes, failures, and unexpected outcomes.
Exploring Inspirations
Yehia says leadership plays a crucial role in driving innovation and success within the cybersecurity industry by setting a vision, fostering a culture of continuous learning and improvement, encouraging risk-taking and experimentation, and providing resources and support for innovative initiatives. Effective leaders inspire their teams to explore new ideas, adopt cutting-edge technologies, and develop creative solutions to complex security challenges. They also prioritize collaboration and knowledge sharing within their organizations and with the broader cybersecurity community to stay ahead of evolving threats. By empowering their teams and investing in their development, he adds that leaders in cybersecurity pave the way for advancements that not only enhance their organization’s security posture but also contribute to the industry’s overall resilience and capability to counteract cyber threats.
Fostering a Proactive Threat Response Attitude
Also, maintaining a balance between staying ahead of cyber threats and ensuring effective risk management involves a proactive, layered security approach combined with continuous monitoring and improvement. This includes
- Regularly updating and patching systems,
- Employing advanced threat detection and response technologies and
- Conducting regular security assessments and penetration testing to identify and mitigate vulnerabilities.
Additionally, it’s crucial to tailor security strategies to each client’s unique needs and risk profiles, ensuring that protective measures are robust and cost-effective. Educating clients about potential risks and the importance of cybersecurity hygiene plays a significant role in reinforcing their overall security posture. Finally, staying informed about emerging threats and trends in the cybersecurity landscape allows for the anticipation of new risks and the swift adaptation of defense strategies, says Yehia.
The Learning Curve
Sharing lessons, he’s learned from past experiences or mistakes that have helped him grow as a cybersecurity professional, Yehia says, “In my past experience, I have learned in a hard way that being very talented in technicality does not make you a good leader, or being a leader in cyber security requires a management way of thinking and how to present deep technical threats in a simple way to the top management.”
Also, keep in mind that it’s impossible to secure everything perfectly. Prioritizing risks and focusing resources on the most critical assets is more effective. Cybersecurity challenges are diverse and multifaceted, often requiring creative and unconventional thinking to resolve. A team with diverse backgrounds, experiences, and perspectives can lead to more innovative solutions and a stronger security posture.
Spreading the Cyber Wisdom
In his advice to those aspiring to pursue a career in cybersecurity, Yehia suggests: ‘Build a strong foundation and start with a solid understanding of computer science and information technology fundamentals. Familiarize yourself with operating systems, networks, databases, and programming languages. This foundation is crucial for understanding the complexities of cybersecurity. Keep in mind that automated tools are not a silver bullet; having the technical depth of understanding will keep you ahead and creative in the execution of projects. Always stay informed and curious to learn new threats and technologies; don’t put yourself in one area. Certificates are a really good source to gain information but not enough to get hands-on practical experience. And finally, joining the cyber security community, networking is the key to sharing information and learning from others.’
An Ever-Evolving Cybersecurity Leadership
In his plans to continue advancing his career, Yehia says his long-term goals and aspirations are to teach kids about security and how they can stay safe while being online, which will reduce the number of kids being harassed, bullied, and hacked globally and its output will be next generation of kids are aware of cyber security threats and how they stay safe while online. “I plan to continue advancing my career by learning new technologies and keeping informed about new cyber threats.”
He concludes that students should participate in cutting-edge cybersecurity research, either within an academic setting or through private sector R&D. Finally, they should learn how to develop and implement cybersecurity strategies that align with business goals.
