.png)
"More security tools don’t always mean more security. The key is making existing defences more effective." – Emanuel Salmona
In this CPD episode of RiskMasters, host Julien Haye welcomes Emanuel Salmona, cybersecurity expert and co-founder of Nagomi Security. Emanuel shares his journey from military cybersecurity to founding a company that helps organisations optimise their defences against evolving threats.
With a rapidly changing landscape—AI-driven threats, nation-state cyberattacks, and the growing complexity of security tools—organisations must rethink their approach. This episode explores how cybersecurity leaders can shift from reactive defence to proactive resilience and why effective cybersecurity isn’t just about having more tools, but about maximising the impact of existing defences.
If you enjoyed this episode, don’t forget to like, follow, and leave a review! Your feedback helps us bring more thought-provoking content and insights from industry leaders.
In this edition of RiskMasters, you will learn:
Emanuel’s Cybersecurity Journey: From military service to digital transformation and leading Nagomi Security, Emanuel shares how his career path shaped his approach to risk.
Why More Security Tools ≠ More Security: Emanuel challenges a common misconception—adding more security tools can reduce effectiveness due to complexity and misconfigurations.
The Shift from Reactive to Proactive Resilience: Organisations must move beyond simply detecting attacks; they need to build resilient cybersecurity frameworks that anticipate and mitigate risks before they materialise.
The Role of AI in Cybersecurity – Threats & Opportunities: Attackers are leveraging AI to automate cyber threats—so how can defenders use AI for faster, smarter responses?
The Biggest Emerging Threats in Cybersecurity: From nation-state cyberattacks to AI-powered vulnerabilities, Emanuel outlines the risks that organisations need to prepare for today.
The Importance of Cybersecurity Storytelling: How CISOs and risk leaders can communicate cybersecurity risks in a way that engages boards and non-technical stakeholders to drive action.
How Organisations Should Prioritise Cybersecurity Investments: With limited budgets, leaders must focus on cyber hygiene, automation, and operational efficiency before chasing the latest security trends.
More about Emanuel Salmona:
Emanuel Salmona is the co-founder and CEO of Nagomi Security, a company focused on helping organisations maximise the effectiveness of their existing cybersecurity tools. With a background spanning military cyber defence, digital transformation, and enterprise security, Emanuel is an expert in strategic cybersecurity risk management.
📌 Connect with Emanuel Salmona on LinkedIn for insights into cybersecurity strategy, AI-driven risk, and the future of cyber resilience.
🎙 Tune in now to gain critical insights on how businesses can future-proof their cybersecurity approach and build resilience in an ever-evolving threat landscape.
Listen to the full episode on your player of choice:
Discover related risk management topics:
Download your CPD Certificate:
Accreditation number: #xxx
Recap Blog
"Cyber resilience isn’t just about reacting to attacks—it’s about preparing before they happen." – Emanuel Salmona
In this episode of the RiskMasters podcast, host Julien Haye speaks with Emanuel Salmona, co-founder and CEO of Nagomi Security, about the evolving cybersecurity landscape. From AI-driven threats to the increasing complexity of security tools, Emanuel shares his expertise on building resilience, shifting from reactive defences to proactive security, and ensuring cybersecurity investments deliver real value.
Beyond More Tools – Rethinking Cybersecurity Strategies
Emanuel challenges the common belief that more security tools lead to better security. Many organisations struggle with misconfigurations, inefficiencies, and overlapping technologies that weaken their overall security posture. Instead of constantly adding new tools, businesses should focus on optimising what they already must improve cybersecurity effectiveness.
The Shift from Reactive Defence to Proactive Resilience
Traditional cybersecurity approaches often focus on detecting and responding to threats after they occur. Emanuel highlights the need for a proactive mindset—one that anticipates risks, strengthens security postures before an attack happens, and integrates strategic threat intelligence into decision-making.
AI as Both a Threat and a Solution
Artificial intelligence is transforming cybersecurity, but not just for defenders. Attackers are increasingly using AI to automate threats, exploit vulnerabilities faster, and launch more sophisticated attacks. Emanuel discusses how organisations need to leverage AI for defence, incorporating automation to improve detection, response, and risk mitigation strategies.
The Biggest Emerging Threats in Cybersecurity
Emanuel outlines some of the most pressing cybersecurity risks organisations need to prepare for today:
Nation-State Cyberattacks – Governments and state-backed actors are becoming more aggressive in cyber warfare, increasing the stakes for businesses worldwide.
AI-Powered Attacks – The same AI models that enable automation and efficiency can be used by cybercriminals to bypass traditional security measures.
Cloud Misconfigurations – As companies move more infrastructure to the cloud, the risks of poorly configured security settings are increasing.
Quantum Computing Risks – While still emerging, quantum computing poses a potential long-term risk to encryption standards, requiring forward-thinking security strategies.
Cybersecurity Communication: Engaging Boards and Non-Technical Leaders
One of the biggest challenges for cybersecurity leaders is communicating risks to non-technical stakeholders. Emanuel emphasises the power of storytelling—instead of drowning executives in technical jargon, cybersecurity teams should:
✅ Frame risks in terms of business impact
✅ Use real-world case studies to highlight vulnerabilities
✅ Shift discussions from technical details to strategic risk management
Actionable Takeaways from the Episode:
✔ Optimise Your Existing Security Tools – Before adding new cybersecurity technologies, ensure your current defences are configured and used effectively.
✔ Adopt a Proactive Security Mindset – Move beyond reactive security strategies and invest in prevention, resilience, and continuous improvement.
✔ Leverage AI for Defence – Just as attackers use AI, defenders must embrace automation to enhance cybersecurity operations.
✔ Simplify Cybersecurity Communication – Make cyber risk understandable and actionable for executive teams and boards.
✔ Prioritise Investments Wisely – Focus on cyber hygiene, automation, and resilience-building before chasing new security trends.
Conclusion: The Future of Cybersecurity
Emanuel Salmona’s insights offer a fresh perspective on how cybersecurity leaders can strengthen defences, engage stakeholders, and prepare for the threats of tomorrow. With AI-driven attacks, rising nation-state threats, and evolving regulatory expectations, organisations must embrace a proactive and strategic approach to cybersecurity.
FAQs: Cybersecurity Resilience and Emerging Threats
Why is adding more security tools not always the best approach?
More security tools can lead to complexity, misconfigurations, and inefficiencies, making organisations less secure. Instead of continuously adding tools, businesses should focus on optimising and integrating their existing cybersecurity solutions to ensure they are functioning effectively.
How can organisations transition from reactive defence to proactive resilience?
Reactive cybersecurity focuses on detecting and responding to threats after they occur, whereas proactive resilience anticipates risks before they materialise. Organisations can achieve this by continuously assessing their security posture, leveraging threat intelligence, and implementing measures that strengthen defences in advance.
What role does AI play in cybersecurity?
AI is both a threat and an opportunity in cybersecurity. Attackers use AI to automate threats, exploit vulnerabilities, and launch sophisticated attacks. On the defence side, AI enhances threat detection, automates risk analysis, and improves response times. Organisations must integrate AI into their security strategies to keep pace with evolving cyber risks.
What are the biggest cybersecurity threats organisations should prepare for today?
Emerging threats include nation-state cyberattacks, AI-powered cybercrime, cloud misconfigurations, and quantum computing risks. As cyber threats become more advanced, organisations must take a forward-looking approach to security by continuously evolving their defences.
How can cybersecurity leaders communicate risk effectively to executives and boards?
Cybersecurity professionals must move beyond technical jargon and focus on business impact. Using real-world case studies, explaining risks in financial terms, and framing security as a business enabler rather than a cost centre can improve engagement and decision-making at the executive level.
What should organisations prioritise with limited cybersecurity budgets?
Businesses with constrained resources should focus on cyber hygiene, automation, employee awareness, and resilience planning. Strong password policies, endpoint security, continuous monitoring, and incident response plans are essential foundations that help prevent major disruptions.
What are the first steps to building a cyber resilience framework?
Building cyber resilience starts with identifying critical assets and vulnerabilities, developing a cybersecurity strategy aligned with business goals, strengthening detection and response capabilities, regularly testing resilience through simulations, and adopting proactive threat intelligence.
What is the key takeaway from this episode?
Cybersecurity is no longer just a technical issue but a critical business risk. Organisations need to shift from reactive security models to proactive resilience, optimise their security investments, and ensure leadership engagement in cyber risk management.
Comments