Building cyber-smart teams in a rapid evolving threat landscape

On 26 February, CYRUS and MET Technology Gateway welcomed founders, SME leaders and industry professionals to Galway, Ireland for the event “Cybersecurity and AI Fundamentals for MedTech, Life Sciences and Engineering.”

The event brought together experts and practitioners to discuss current cybersecurity challenges, AI-driven threats, regulatory developments and, most importantly, the human factor in building resilient organisations.

Reframing the human factor

One of the panel discussions was about how to build cyber-smart teams, which focused on the need to change one of the most persistent narratives in cybersecurity: Humans are the weakest link.

Instead, the panel brought up a new perspective: Humans are the most adaptable, intuitive and intelligent part of any security system.

While technology reacts, humans anticipate. They question. They sense when something feels “off.” And because attackers increasingly exploit urgency, authority and trust, cybersecurity has become a cultural issue – not just a technical one.

From compliance to culture

Another key topic of the panel was the difference between compliance and genuine behavioural change. With regulations such as NIS2 and ISO requirements, many organisations still treat cybersecurity training as a checkbox exercise. But compliance alone does not create resilience.

Important to note: You can be compliant – and still vulnerable.

The discussion also addressed a common misconception in regulated industries: validation does not automatically mean security. Compliance ensures conformity with standards, but resilience requires continuous awareness and adaptation.

Real awareness changes behaviour. And behaviour change reduces incidents.

Micro-learning, gamification, storytelling and role-based scenarios were highlighted as effective methods to increase engagement. Relevance drives retention — especially when employees can see themselves in the examples.

Encouraging ownership: From control to empowerment

But how can organisations encourage employees to take ownership of cybersecurity?
Ownership cannot be imposed. It must be enabled. And that requires a shift from control to empowerment.

Four key principles emerged:

1. Make cybersecurity relevant: Employees take ownership when they understand how cybersecurity affects their daily decisions — not just compliance metrics.
2. Create psychological safety: If people fear blame, they hide mistakes. If they feel safe reporting suspicious activity, they become active defenders.
3. Lead visibly from the top: When leadership participates in training and openly discusses risks and lessons learned, cybersecurity becomes a shared responsibility.
4. Make learning continuous and manageable: Short, practical micro-learning sessions integrated into everyday work are far more effective than annual slide-based training.

Ownership happens when employees feel informed, trusted and supported. That is when cybersecurity shifts from “someone else’s job” to “part of how we work.”

Sector-specific challenges

Particular attention was given to manufacturing, MedTech and life sciences environments, where awareness challenges differ significantly from traditional office settings.

On the shopfloor, operators and technicians often do not see themselves as potential targets. However, attackers are not interested in job titles – they are interested in access. Production systems, connected medical devices, laboratory equipment and industrial control systems are increasingly networked, expanding the attack surface.

This is where Operational Technology (OT) security becomes critical. Unlike traditional IT systems, OT environments prioritise availability and safety. Cyber incidents in these environments can lead not only to data loss, but also to production downtime, supply chain disruption, safety risks and regulatory consequences.

Another challenge discussed was the challenge, that many non-desk employees have limited exposure to formal e-learning platforms. This requires alternative awareness approaches such as shift-based briefings, scenario-based discussions, supervisor-led toolbox talks or visual reminders in production environments.
Cybersecurity must reach beyond office desks and be embedded wherever technology and people interact.

AI: Opportunity and risk

AI was identified as both an enabler and a challenge. On one hand, AI allows personalised learning, adaptive simulations and improved training tools. On the other, it enables more convincing phishing emails, deepfake audio and highly contextual attacks.

The “Prince with 3 million dollars” email is gone. Modern attacks are realistic and tailored. This makes human judgement more critical than ever.

An interesting observation from the discussion: Cybersecurity is often driven top-down, while AI adoption is frequently bottom-up. Employees increasingly use AI tools in their daily work, prompting management to address governance, security and responsible usage.

What can you do?

Stop calling your people the weakest link. Cybersecurity maturity is not about eliminating human error – that is impossible. It is about creating an environment where:

• People feel safe to question
• People feel safe to report
• Continuous learning replaces annual training
• Leadership visibly participates

A cyber-smart team is not perfect. It is aware, curious and empowered.

And that is the foundation of sustainable cyber resilience.

What can CYRUS offer?

CYRUS provides free, multilingual cybersecurity training designed to raise awareness and build confidence – not fear. With more than 40 courses ranging from basic cyber hygiene to advanced topics, the programme offers accessible and structured learning pathways for beginners and experts alike.

What makes CYRUS different is its core philosophy: People are not the problem – they are the solution.

When training is practical, inclusive and relevant to real work situations, employees do not feel blamed. They feel capable.