At the IT & Cybersecurity Meetings 2025 in Marbella, I presented “Unlock the Human Element: Proactive Cyber Prevention”, a talk focused on shifting cybersecurity strategies from reactive detection to proactive, behaviour-driven prevention.
The presentation explored how over 80% of cyber incidents involve a human factor, highlighting the growing importance of understanding user behaviour as a core component of security. I introduced a human-centric approach based on User and Entity Behaviour Analytics (UEBA), demonstrating how behavioural signals—such as email interactions, browsing patterns, and authentication anomalies—can be leveraged to detect early indicators of risk before incidents occur .
A key part of the talk focused on risk-based user segmentation, where users are dynamically grouped based on behavioural risk profiles. This enables targeted preventive actions, such as adaptive controls and personalised awareness interventions, significantly reducing the attack surface. Real-world findings from large-scale environments showed that a small subset of users often accounts for the majority of risky behaviour, and that early behavioural deviations can predict incidents weeks in advance .
The session concluded with practical insights on operationalising preventive UEBA within Security Operations Centers (SOCs), including automation strategies, measurable ROI, and long-term improvements in organisational resilience.