‘Cybersecurity concerns the entire value of a company. Customers must have confidence in your organisation. Digital functioning is a prerequisite for that,’ says Martijn Dekker, Global Chief Information Security Officer at ABN Amro Bank. He has been working in various leadership roles at the bank for over 25 years. Additionally, he has been affiliated with the University of Amsterdam since 2020. Since 2025, he has been Professor of Business & Cybersecurity there and Programme Director of the Cybersecurity Leadership Academy at Amsterdam Business School (ABS).

New challenges for cybersecurity professionals

'Twenty years ago, cybersecurity was primarily a technical issue, and rarely a topic on a Board of Directors' agenda. But now a ransomware attack or data breach is an existential risk. For every organisation,' Dekker explains. ‘Cybersecurity plays a role in virtually all executive decisions. Think of a company acquisition, or the selection of a new supplier.’

Changes in the field present cybersecurity professionals with new challenges. ‘How do you make an impact on a colleague, manager, or director who has no specialist knowledge of cybersecurity but needs to deal with it? You must know exactly what you're talking about and communicate persuasively whilst thinking strategically. How do you clarify what is permitted in daily work, such as when exchanging files? Which cybersecurity aspects need to be arranged in a contract with a supplier?’

The Cybersecurity Leadership Academy was founded to give professionals the tools to successfully tackle these challenges. ‘If you're not the boss, you need to know how to influence your stakeholders. Whether they're colleagues, clients, or regulators. This requires a combination of specialist knowledge and strategic insights and skills.’

The 3 current trends in cybersecurity

Dekker sees the shift from cybersecurity to cyber resilience as one of the most important developments in recent years. ‘Previously, many organisations focused on securing data and systems. Meanwhile, there is a growing awareness that not all risks can be fully covered. Current threats, such as ransomware and digital espionage, are extremely sophisticated. This calls for a cybersecurity approach that naturally prevents things from going wrong as much as possible. But equally important is that you detect quickly when something suspicious happens, that you recover rapidly after an incident, and that you learn from it. Your stakeholders must understand this too.’

Technological innovation is another trend that cybersecurity professionals face. ‘Particularly the rise of Artificial Intelligence (AI) stands out. New possibilities for digital security are emerging. Customers also expect you to have everything properly in order. At the same time, hackers are already making full use of AI for new attack techniques.’

Dekker also mentions changing legislation and regulation as a recent development that deserves attention. For instance, the new European directive for Network Information Security (NIS2), which is being translated in the Netherlands into the Cybersecurity Act, introduces personal liability for directors for the cybersecurity of the organisation. ‘The directive enforces that cybersecurity is an important topic for the boardroom. This creates complex issues for the cybersecurity department. What management information is needed? What are the implications for your budget? What responsibility do you take?’

3 success factors for cybersecurity professionals

The 1-year programme at the Cybersecurity Leadership Academy has been specially developed for ambitious professionals involved in cybersecurity. Additionally, the programme adds value for experts in risk management, data management, and/or AI who want to deepen their knowledge of cybersecurity.

According to Dekker, the Cybersecurity Leadership Academy programme is unique in the Netherlands for three reasons. ‘Besides the essential methods and theories about cybersecurity, you also learn about business strategy and personal leadership. International research shows that a CISO averages less than 2.5 years in a position. That's very short, and it's because many CISOs experience burnout or feel they're not contributing effectively to the organisation. We have a great sense of responsibility. How do you remain resilient as a professional in an ever-changing world? How well do you know yourself, and what do you need to grow?’

The mix of theory and practice is a second focus of the Cybersecurity Leadership Academy. ‘The lecturers are experts from professional practice and academia. Additionally, there are regular guest lectures addressing concrete cases. There is also plenty of room for interaction and dialogue in the lectures. There is so much to learn from each other's experiences and questions.’

Furthermore, the Cybersecurity Leadership Academy puts the spotlight on new trends and technologies. ‘AI is a topic of conversation in every module. Subjects such as Emerging Technologies are entirely dedicated to the latest developments you want to know about. Cybercriminals are usually the first to use new techniques. It's essential that you understand such risks, and keep your eyes open for opportunities to apply innovations to your organisation's cyber resilience.’

Ready for the opportunities and risks of the future

The field of cybersecurity is constantly evolving. What do cybersecurity professionals need to be ready for today's and tomorrow's possibilities and challenges? Dekker: ‘Keep asking yourself: what can be learnt from new developments and technologies? Tomorrow, you might be doing things you knew nothing about today. With a growth mindset and the right dose of curiosity, you'll truly make a difference.’