How it started
My passion for electronics and communication started at a very young age. It was a hobby that took most of my time throughout school and until I graduated university in 1996. At the time, information technology and information security were not even closely as widespread as now, with the exception of very limited business sectors.
After graduating from university, I immediately signed up for a post-graduate diploma at the American University in Cairo, where I received a professional certificate in computer systems and applications. At the same time, I was completing my MCSE certification and was one of the first few people in Egypt to get certified by Microsoft as a systems engineer. I also was one of the first ten Egyptians to become a Microsoft-certified trainer in 1998.
I had finalized my MCSE and MCT before receiving my diploma at AUC. This encouraged me to take more advanced courses in network administration.
This led to an amusing incident: I was studying at the AUC in the morning and teaching as an instructor in the afternoon, so for a while, I was both a student and a teacher.
My interest in internetworking led me to study CISCO technologies. I was one of the first Egyptians to become a CISCO certified instructor in 2004. In 2005, information security became my main focus. I received my first certification in ethical hacking in 2004 and started teaching it in 2005 as one of the very few certified individuals in Egypt at the time.
Since then, I worked solely in information security and its related domains, both as a trainer and consultant. The practical experience gained from work allowed me to provide students with personal hands-on practical information in addition to the textbook theory.
I am currently an APMG Accredited Trainer, Certified Trainer for PECB, CertNexus, and (ISC)2, and EC-Council. I worked hard to obtain many prestigious certifications from industry leaders in different fields of cybersecurity, including but not limited to CISSP, CISM, LPT, NIST-NCSP, COBIT, TOGAF and SABSA.
Also, I am registered cybersecurity expert for ITU – ARCC (International Telecommunication Union – Arab Regional Cybersecurity Center) since 2014.
My journey with PECB
My journey with PECB started in 2014 when I received my first certificate: ISO/IEC 27001. This quickly became a series of certifications in ISO standards, which included ISO/IEC 27001, ISO 22301, ISO/IEC 27005, ISO/IEC 27032 and ISO/IEC 27701. I am proud to say that, to date, I have successfully obtained 25 different certification credentials from PECB, in addition to being a PECB Certified Trainer.
The most beneficial part of my 8 years with PECB is, of course, the experience with the implementation of international standards, frameworks, and best practices in the field of cybersecurity, information governance, cloud security, risk management, and data privacy and protection.
Hard work paying off
Since my early years right after graduation and as a result of hard work and dedication, I have received recognition and awards from all the companies I have worked with, as well as from various local, regional, and international organizations. I have been awarded instructor of the year/ circle of excellence awards for the Middle East and North Africa from EC-Council for 8 years in a row, from 2008 to 2016. I also received recognition from global organizations such as IFSEC Global, who awarded me top influencer in the field of thought leadership and cybersecurity, named number 2 cybersecurity influencer of 2021.
Although awards and recognition are not my objectives, they are, without a doubt, a major catalyst that encourages me to put in even more effort, hard work, and dedication. They are both a reward and a return on all the effort and time invested in my professional career and fuel that make me push harder at what I do. This is especially important in a field like mine, where you face new things every day. It is one of the most dynamic fields that require a lot of effort to keep up to date with the changes and improvements around.
As precious as the awards may be, to me, the biggest reward is seeing the success of any person I taught across the years. Words cannot explain the feeling of seeing a former student of mine accomplish their dreams, strive towards success, and reach high positions in the field. This is a true legacy, to teach and to be blessed enough to see successful results.
When I first started working, fresh out of college, I worked as an employee in a company. For the following seventeen years, I worked in several corporations, became General Manager, and acquired my MBA from Maastricht School of Management in the Netherlands in 2009.
In 2013, I started working freelance as a trainer and consultant. Working freelance has advantages and disadvantages. In my opinion, a freelancer is like a standalone company. Your time, your connections, and your experience are your capital. You have to choose wisely which areas you want to dedicate your time, effort, and money on; which are worthy of your investment and which are not.
Just like any company that can face financial challenges, being a freelancer is also financially challenging to acquire technical competencies.
Some of the difficulties of freelancing are keeping up to date with the constant changes, updates, and developments in the field. In order to do so, one has to maintain and update all relevant international industry certifications. One has to be aware of the changes in demand of the services offered and work accordingly to provide what is needed. Flexibility is key; one needs to be able to adjust to the ever-changing market needs, as well as the constant development of the services offered.
Freelancers need to be able to have both a deep understanding of technical aspects and the business knowledge needed to succeed. For example, minimal knowledge of legalities is necessary to avoid contractual problems.
On the other hand, there are many positive aspects to working freelance. Unlike working in a company, working on my own gives me the flexibility to choose the specializations I want to work in. Going back to my previous point about the necessary investment needed to keep up to date in the field, this reflects directly on the success of a freelancer. The more you invest in your career and certifications, the more qualified you are to work as a consultant. This, in return, reflects directly on the success rate and overall income.
All the hard work, effort, and success will be reflected upon the person directly. This can also be a double-sided sword, another reason why being a freelancer is a lot of hard work.Finally, I want to point out that a freelancer’s main investment is his reputation, be it personal or professional. This is what makes or breaks a freelancer.
In December of 2010, I was elected as the Head of Information Security workgroup under the umbrella of the Egyptian Chamber for Information Technology – CIT, a position that I hold dear for the past eleven years. Our objective is to aid local companies to develop their business in the local/ regional market and raise awareness about the importance of cybersecurity to support digital transformation. Since 2015, I have been responsible for preparing and executing an annual cybersecurity conference under the same umbrella.
In 2015, I was honored to be nominated for the membership of the Industry Representative Committee of the NTRA, a prestigious group of industry experts who act as the prime consultants for national-level projects being reviewed or implemented by NTRA/MCIT. I joined this committee as a cybersecurity advisor.
In 2018, I participated as an official member of the Executive Regulation Development Committee (a committee of the Ministry of Communications and Information Technology), responsible for the development of various clauses of the Egyptian Cybercrime Law.
Over the course of five years, starting in 2013, I was honored to participate as a member of the Child Online protection Committee. It addresses children, parents, and educators in forms of workshops to raise awareness of the dangers that our children face on the internet.
Striving to support the community, I am happy to serve as a Chapter board member for the Cairo Chapter of the OWASP Foundation, a worldwide nonprofit organization focused on improving the security of software. I have done this since 2014.
A significant moment in my technical career was my recent participation in the Arab Cybersecurity Forum that took place in Tunisia in October 2021. I was selected to be part of the committee responsible for preparing a strategic vision for Arab Cybersecurity strategy under the umbrella of the League of Arab States. Moreover, I participated in developing and reviewing many courses for international exam questions from a quality assurance perspective, as a part of my efforts to share my knowledge with cybersecurity professionals everywhere in the world.
I find pride in this voluntary work because I feel it is our responsibility as experts to increase awareness and aid in the development of the industry. I have done so very early in my career by giving awareness sessions, holding introductory workshops, participating in forums, radio, and television programs. I find it is our duty to spread awareness, protect our children, and develop laws that are fair and implemented to protect the industry and its future.
Striving to stand out
Throughout my professional career, I always looked for unique opportunities, being one of the first in a certain certification, learning something new, and being distinguished in my areas of expertise. I am a pioneer of ethical hacking and penetration testing in Egypt. I have also explored the fields of digital forensics, mobile forensics, international standards and best practices, security enterprise architectures, and finally, governance, risk, and compliance (GRC).
GRC and security framework is my current forte. I spend most of my working hours either as a certified trainer for major certification bodies or as a consultant both nationally and internationally. In other words, my career has always been a source of inspiration to look for what’s different, unique, or a niche, be it as a trainer or as an advisor.