Cybersecurity Lesson

6 min read

Cybersecurity Panel Reflections: Key Learnings, Takeaways, and Summary

Panelists

David Tomaz – Intelligence Analyst, FBI (San Diego Office)
Tricia Mercer – Chief People Officer at INDUS, Board of Directors in San Diego
Victor Nzata – Founder and CEO of Cyber Brain Academy

This panel featured three professionals from distinctly different sectors—law enforcement, private enterprise, and education—offering a well-rounded look into the current and future state of cybersecurity. Each speaker brought real-world stories, actionable insights, and advice for aspiring professionals and organizations alike.

Key Learnings

Ransomware and Hacker Hunting (David Tomaz)

David Tomaz emphasized the growing threat of ransomware. He described how companies—especially large corporations and government institutions—are terrified of the potential destruction ransomware can cause. Foreign actors, such as China, are believed to be responsible for the theft of hundreds of billions of dollars’ worth of intellectual property and sensitive data annually.

As an intelligence analyst at the FBI, David explained how tracking down hackers is both challenging and fulfilling. He stated that finding and exposing malicious actors is “the best feeling in the world.” However, he also highlighted how every cyber investigation must be handled with care due to legal boundaries and protocols—especially in federal law enforcement.

Insider Threats and Workplace Vulnerabilities (Tricia Mercer)

Tricia Mercer shared a striking story from her corporate experience: an employee took a leave of absence due to personal financial hardship. This employee later became disgruntled and began misusing internal access. Eventually, they were found stealing proprietary business information and sending it to competitors. This example shows how insider threats can be just as dangerous as external attacks.

She also discussed the prevalence of phishing attacks and how most of the workforce remains uneducated or careless about them. Many employees don’t recognize the signs of phishing emails or understand the importance of verifying suspicious messages. Tricia stressed the need to teach foundational IT and cybersecurity knowledge to everyone, not just IT staff.

Tricia also mentioned that one of the biggest obstacles in cybersecurity is communicating technical concepts to senior leaders who are not well-versed in tech. She emphasized the importance of “dumbing it down”—not in a condescending way, but in a way that helps others understand the significance of cybersecurity without overwhelming them with jargon.

AI, Ethical Hacking, and Soft Skills (Victor Nzata)

Victor Nzata explored how artificial intelligence is changing the threat landscape. He warned that AI is already being used as a weapon in cyber attacks—especially in crafting sophisticated zero-day exploits that are hard to detect. This is part of the reason his organization advocates for training and hiring ethical hackers. These are professionals who think like malicious hackers but work to expose vulnerabilities and strengthen defenses before bad actors can exploit them.

Victor also addressed the importance of soft skills in the cybersecurity world. He noted that being nice, reliable, and organized makes a major difference in workplace success. As he put it, “If you’re a jerk, you’re not going to get promoted.” Cybersecurity isn’t just about technical skill—it’s about teamwork and trust.

He even used a PowerShell script to clean out old data at one point in his career, showing how even basic scripting knowledge can have a major impact when managing security.

Sector-Specific Obstacles

Business Sector

  • One of the biggest challenges in the business world is bridging the gap between technical experts and decision-makers. Many executives lack the background to understand cybersecurity threats, and it’s up to IT professionals to communicate effectively and advocate for strong practices.

Law Enforcement Sector

  • In law enforcement, people are often thrown into cybersecurity roles without much prior training. This lack of preparation can lead to mistakes or inefficiencies. Additionally, sharing sensitive data across agencies and organizations is often slow and difficult due to regulations and trust issues.

Education Sector

  • Victor highlighted the challenge of selecting and building the right cybersecurity team in educational institutions. He emphasized the importance of balancing mission success with staff well-being. It’s not just about hiring talent—it’s about leading with integrity and purpose.

Future of Cybersecurity

The panelists agreed that cybersecurity will become an essential, normalized part of every industry in the next 5 to 10 years. Here are some of the predictions and insights they shared:

  • Increased Specialization: Fields like healthcare IT will require dedicated cybersecurity professionals to protect equipment like MRI machines, pacemakers, and other smart medical devices. Victor gave a chilling example of a VP’s pacemaker being potentially hacked via Bluetooth.

  • The Rise of AI: Artificial intelligence will continue to be a double-edged sword. While it can help automate defenses, it will also be used to create more intelligent and evasive malware.

  • Coding Insecurity: Many people in tech do not know how to secure their own code. As AI improves and threat actors evolve, sloppy coding will become a major liability.

  • Nation-State Threats: Countries like China and Russia are not only highly capable in cyber warfare but are improving at a rapid rate. These threats are likely to increase, requiring both government and private sector defenses to step up significantly.

Career Inspiration

Each panelist shared what inspired them to enter the world of cybersecurity:

  • Tricia Mercer: Her mother told her to study computers because they were “the future.” She later read a book on computer espionage and became inspired by the idea of catching cybercriminals.

  • David Tomaz: Interestingly, David actually doesn’t like computers. He got into cybersecurity because the FBI required it—and he ended up loving it.

  • Victor Nzata: A former army officer, Victor fell in love with the strategic challenge of cybersecurity. He described it as a “cat-and-mouse” game where each side tries to outwit the other.

Key Takeaways

  • Ethical Hackers Are Critical: They play an essential role in helping organizations identify weaknesses and defend against real-world attacks.

  • Foundations Matter: Everyone—regardless of position—needs basic cybersecurity awareness. Phishing, social engineering, and poor password habits are still the weakest links.

  • Communication is a Core Skill: Cyber professionals must be able to translate complex ideas into clear language for non-technical audiences.

  • Soft Skills Can’t Be Overlooked: Reliability, professionalism, and the ability to work in teams are as important as technical certifications.

  • The Threat is Constant and Growing: From AI-powered malware to insider threats and nation-state hackers, the cyber battlefield is always evolving.

  • Open-Source Tools Are Powerful: Victor emphasized how vital open-source platforms are for learning, experimentation, and defense strategies.

Summary

This cybersecurity panel revealed the depth and diversity of challenges facing the industry today. From ransomware and insider threats to AI-driven attacks and insecure code, the world of cyber is both rapidly evolving and increasingly essential. The discussion underscored the importance of ethical hackers, clear communication, and strong foundational knowledge. As cyber becomes integrated into every sector—from law enforcement to healthcare—the need for smart, adaptable, and principled professionals has never been higher. Whether you’re just entering the field or already working in it, now is the time to sharpen your skills, stay updated, and prepare for a future where cybersecurity is not just a department—it’s a necessity.