Dewayne Hart brings frontline cyber experience to a field increasingly defined by speed, risk and constant change. A former U.S. Navy Chief Petty Officer with over two decades in defence systems and leadership training, he now works at the intersection of cybersecurity, business strategy and workforce readiness.

As founder of Secure Managed Instructional Systems, Hart has advised organisations including PwC, Kaiser Permanente and U.S. federal agencies, helping them strengthen cyber resilience and anticipate evolving threat actors. His work centres on shifting organisations from reactive defence to proactive thinking, encouraging teams to adopt a “hacker’s mindset” to stay ahead of attacks.

A recognised voice in cybersecurity leadership, Dewayne Hart is also the author of The Cybersecurity Mindset and a former Forbes Technology Council contributor, known for translating complex security challenges into practical, actionable strategies that resonate beyond technical teams.

In this exclusive interview with the IT Security Guru, conducted via the Champions Speakers Agency, Dewayne Hart discusses what trustworthy AI really means, the cyber threats causing the most damage to businesses, and why cybersecurity should now be seen as a fundamental quality-of-life issue.

In practical terms, what should “trustworthy AI” mean for organisations that want to deploy AI securely and responsibly?

Dewayne Hart: “Trustworthy AI. That’s a term that’s going around over the internet. It goes around everywhere. So, I like to take another stab at trustworthy AI and state that it is something that is there that’s represent secure by design because if an AI platform is securely designed then we can protect data. We don’t have to worry about the compromise of data. Privacy is taken care of, all right, but that starts with designing platforms safe and secure from the start.

“Some of us have been around the industry ever since like the 1970s and we have been designing all types of systems and that same concept we use about 50 years ago in trying to build platforms, it still works with AI platforms as well too because AI platforms are software-based, but at the same time we have to securely design those platforms so that we don’t have any data leakage.

“When you have data leakage, that’s when we have to go back and ask ourselves, did we effectively design a safe system? And it’s at most important that secure by design is one of the things that appends over to trustworthy AI because if the system is trusted, so that means that it is designed with the end state of mind, which is cyber security, and if it’s secure then we can trust these AI platforms to be utilised.”

From your perspective, which cyber threats are currently causing the greatest damage to businesses, and why?

Dewayne Hart: “One of the things I’ve always said is that cyber threats are always excellent, but at the top of the list, there’s always some cyber threats that always causing the most damage. I’ve always like to look at fishing at the top of the list. Fishing is one of the most damaging ways of terrorising an enterprise.

“All too often, fishing attacks happen. Although we have cyber awareness courses, fishing attacks normally happen because humans, yes, can become the weakish link because of their emotions because a lot of time hackers like to prey on their emotions. Let’s just say, for instance, if someone was looking at an email and it states that you get 75% off for this vacation and it looks enticing.

“So, the person goes and they select the link and so they go to a bogus website, and they put some information in, private information, credit card, whatever. And now two weeks later they realise that they’re not going on a vacation because it was a fishing attack.

“So, I’ve always state that fishing is number one. Number two on the top of the list is ransomware. And ransomware itself is very dangerous, but also, it’s very costly. A lot of organisations spend money trying to bring their enterprise back to life after a ransomware attack. So, ransomware is very dangerous and it cost a lot for organisation to sustain their operations.

“But in order for organisations to stay ahead, they’re going to have to practice some of the safekeeping things that come with ransomware itself. And that means that you need to have backups in place. You need to have the right software programs in place to identify ransomware. And thirdly, we still need to educate users because we have to do that because users can become the weakest link.

“The third one that’s really on top of my list is that vendors are a risk factor. If you are a corporation and you do business with a third party organisation, you need to understand their security state because if their security state is not understandable, well, guess what? You just put yourself in a tight situation because third party vendors that do not follow regulations and do not have a strong cyber security program, they’re going to pose risk to your organisation.

“See, it’s like a set of dominoes. Let’s say that we got domino number one, which is a vendor, and they don’t practice cyber security as they should. So, when the dominoes fall it’s going to come back to you as well too. And then the third on the line there is your customers.

“So, it would be a great idea to have a vendor engagement program making you constantly watch vendors, make sure that vendors follow rules and regulations and policies, and making sure that their cyber security programs are effective and successful as well.”

In the immediate aftermath of a cyber-attack, what are the first priorities for a business that wants to limit damage and stay operational?

Dewayne Hart: “Cyber-attacks come in so many different fashions and form. After a cyber-attack, I’ve always thought that most organisations should focus on two things: containment and operation, because you have to contain the cyber-attack. That is the first thing you need to do.

“But you need to make sure that your staff stay calm. Make sure that they stay focused because if they’re not focused and they’re not calm, they’re going to induce more risk to the enterprise.

“Operation is very important because you want to sustain business operations. So, if you have a cyber-attack, your job is to try to keep the system as operational as possible. Make sure that you contain the attack so that it does not spread across your enterprise and also to your customers as well too. So always stay close to containment and operations when it comes to a cyber-attack.”

When you speak publicly about cyber security, what do you most want audiences to understand about the role it now plays in everyday life?

Dewayne Hart: “As I begin to look into my past speaking events and as I travel to future speaking events, I’ve always said that I want my audience to look at cyber security as a quality of life issue. Here’s why. We live in a state now where cyber security is part of our lives. We cannot survive without cyber security and technology. So, humans have to take it very seriously because it’s a quality of life issue.

“Let’s just imagine if per se Facebook goes offline. Imagine how people live change. Imagine how many of the other social media platforms go offline. Imagine if the internet was to just shut down for 24 hours. It seizes business operations. Our quality of life is just diminished. We can’t go to the bank and get money now. We can’t go online, but we can’t use our cell phones.

“So, I’ve always tell my audience is that you have to look at cyber security as a quality of life issue. And everyone is held responsible and this is where individual responsibility comes to surface. Think about it. What is it that you are responsible for when it comes to cyber security?

“Because it’s your quality of life. And this is what I always like to preach to my audience too because if we were in a race and we are in lane A and hackers in lane B, the one that make it to the finish line wins. So, if you want to keep your quality of life at a high level, you got to find ways to beat to the finish line.”

The post Q&A: “If It’s Not Secure, You Can’t Trust It” appeared first on IT Security Guru.

IT Security Guru IT Security Guru https://www.itsecurityguru.org/ CySecBot CySecBot