Keynote speaker Serge Christiaans: Founder, Cybersecurity Expert, and Veteran Pilot

Serge is the founder and owner of a Singapore cybersecurity firm and a veteran military pilot with extensive operational leadership experience. He is also an airline captain who holds European and Singapore commercial pilot licenses and is qualified as a captain on the Airbus A320.

Before assuming his CISO roles, he obtained a business degree from the esteemed Royal Netherlands Military Academy and completed a master’s degree in cybersecurity in London. With over 17 years of global IT and cybersecurity experience and more than 36 years of aviation experience, he has provided cybersecurity leadership for many organizations, large and small, since 2005.

He is currently leading the development of the Dutch CI-ISAC (critical infrastructure – information sharing and analysis center), which aims to share cyber threat intelligence broadly with all companies responsible for Dutch critical infrastructure. As an operational captain and CISO, he is also the lead instructor and program director of the Singapore-based Aviation Cyber Academy.

Known for his people-oriented management style and aviation expertise, Serge enjoys talking about leadership, company cultures, and lessons learned from the aviation industry, and especially how these influence cybersecurity posture and data privacy maturity.

Current Trends

• What are the most pressing cybersecurity challenges and trends in the current landscape?

In cyber threat intelligence, a primary consideration is the motivation of threat actors. What are they trying to achieve? In today’s complex geopolitical landscape, hybrid warfare is a widely used weapon to disrupt your opponent, for espionage, and to prepare your opponent’s critical infrastructure for future warfare sabotage actions. Although they are not firing rockets at us, it’s not peace either. Cyber attacks are part of hybrid warfare, which largely stays under the radar in order not to provoke a more significant kinetic conflict. That’s why you don’t read much of it on Instagram or TikTok feeds.

The motivation of these highly organised and sophisticated nation-state-sponsored cyber criminals, who execute these attacks, is high. Like all APTs, they have plenty of time and government-sponsored resources to disrupt their targets. They embrace the latest and best tools quickly, with AI-enabled tools being the most important today.

On the blue side, we are trying to protect highly vulnerable companies and critical infrastructure with often out-of-date IT hardware and software. Their complex and insecure supply chains are a challenge on their own. It doesn’t help that many corporate leaders still refuse to understand that cybersecurity is a business enabler, not a business cost. MNCs, NGOs, SMEs, and the large public sector struggle to cyber-secure their businesses. Daily newspapers love to publish the next successful cyber attack, often ransomware, in bold letters. This frequently starts the ball rolling towards the inevitable bankruptcy of the attacked company, especially the smaller ones.

Add to that the increasing complexity of digital networks and software, with our unchecked craving to connect every possible device to the Internet, and you’ll understand that cybercriminals today see the world as their playground.

Professional Insights

• How has your experience shaped your perspective on the evolving nature of cyber threats, and what advice would you offer to professionals entering the field?

My military (intelligence) experience makes it natural for me to think in terms like ‘attack’ and ‘defence’ on the physical or digital battlefield. And that is precisely how we should approach cybersecurity. Having 100% uptime of your tech stack does not mean we are secure. Being compliant with government regulations does not mean we are secure.

Defending our digital assets is a 24/7 activity, which always has room for improvement. This is the critical mindset a modern CISO needs today to defend successfully.

Key Takeaways for the Audience

• In your keynote address, what key messages or takeaways do you hope the audience will gain regarding cybersecurity insights?

Hybrid, or gray warfare, has been raging below the surface for many years now, with potentially significant implications for our people, businesses, and our way of life. There may be no bullets or missiles being fired as in a classic kinetic war, but it is certainly not peace either. The autocrats from Russia, Iran and China are attacking us daily. These actions are deliberate, well planned, and fit into a more significant long-term strategy to change our minds, create insecurity and chaos, and to polarise our societies as much as possible. These are aimed to disrupt freedom and democracy.

Therefore, cybersecurity is more than securing your IT and satisfying compliance. It has a higher purpose since it is an essential layer of defence.

Technological Advancements in Aviation Security

With the rapid technological advancements, how do you see aviation cybersecurity evolving in the following years?

The aviation industry faces a growing number of cybersecurity threats due to the increased connectivity and complexity of aeroplanes and critical systems, the rise of drones, and the digital vulnerability of airport infrastructure. Protecting sensitive data, better training personnel to recognize and respond to threats, and implementing robust security measures are essential to safeguarding aviation operations and passenger safety. Hybrid warfare, sparked by geopolitical tension, forces us to also look for espionage activities, sabotage attempts, and war preparations of those governments who feel they must do so.

Therefore, technology must keep up with the fast-changing threat environment, as aviation infrastructure is always a long-term investment, and legacy systems are a continuous challenge. We also need to allocate significantly more of the budget to reduce cyber risk since it’s a significant business risk and not ‘just an IT problem’. Critical infrastructure deserves more of our attention and budget, as the stakes are much higher.

However, I firmly believe that the true power to mitigate these risks lies in international collaboration while acknowledging the complex and polarising geopolitical challenges. By working together more closely and sharing more openly with trusted industry partners, staying informed about threat actors and their motivations, and better understanding hybrid warfare, the aviation industry can significantly improve the safety and security of its operations.

Importance of Cybersecurity Events

• Events like Cybersec Netherlands bring together professionals, experts, and enthusiasts in the cybersecurity domain. Why do you think it’s crucial for individuals in this field to attend and actively participate in such events?

As always, cybersecurity events like Cybersec Netherlands and Cybersec Asia in Bangkok offer invaluable opportunities for professionals to learn and stay updated on industry trends. By attending these events, cybersecurity professionals can build relationships, gain insights, enhance their careers, and contribute to the growth of the cybersecurity community. But what I enjoyed most was last year’s open and friendly atmosphere during Cybersec Netherlands in Utrecht. It was the most enjoyable network event of the year for me, meeting so many new professionals in the field and sharing many stories and experiences, all in a relaxed and non-pretentious atmosphere. I’m looking forward to seeing you all again in November this year.

As cyber attacks continue to threaten today’s tech landscape, this event is the premier platform for seasoned cyber security professionals and innovative start-ups to exchange knowledge and tackle cybersecurity challenges together. Organizations across all sectors will discover strategies to boost cyber resilience and safeguard critical assets. Don’t miss this chance to strengthen your cyber defenses—register for free now!