Cybersecurity Landscape

Thriving in Cybersecurity Landscape: In Conversation with Cybersecurity Expert Zoya Schaller

Avatar photoGizel Gomes, May 7, 2025 | 5 min read

Cybersecurity and data breaches continue to rise, impacting organizations of all sizes and sectors. Despite increased awareness of cybersecurity risks, the complexity of the cybersecurity landscape is only exacerbating.

According to reports, cyberattacks around the globe increased sharply in the first quarter of 2025, with businesses experiencing more frequent and sophisticated attacks. The average number of cyberattacks per organization reached 1,925 per week, marking a 47 percent rise compared to the same period in 2024.

To navigate this complex landscape, there is a need for diverse perspectives. A wider range of experiences leads to stronger security solutions that account for the real-world challenges users face. 

Hence, to explore more on this pressing topic, we spoke to cybersecurity expert Zoya Schaller, Director of Cybersecurity Compliance at Keeper Security, Inc. She shares deep insights based on her experience in the industry spanning over two decades.  

Beyond technical skills, Zoya sheds light on how one can become stronger and better equipped to tackle the security challenges of tomorrow.

Q: As a cybersecurity expert, can you tell us what excites you about this role?

Schaller: I love solving problems. Cybersecurity offers endless opportunities to approach challenges like puzzles, requiring creativity and analytical thinking. Another aspect I truly enjoy as a cybersecurity compliance professional is the standards-driven nature of the field. I find great satisfaction in translating the often complex regulatory language into practical, technical requirements. That translation process is a puzzle on its own! And of course, I feel lucky to work alongside some of the sharpest minds in the industry.

Q: How do you think AI is transforming cybersecurity? Is AI a blessing or a curse?

Schaller: AI is both a blessing and a curse in cybersecurity. It’s important to remember that AI, particularly machine learning, has been part of our toolset for years, especially in anomaly detection, threat hunting, and intrusion detection systems. What’s relatively new is the rise of generative AI, where we must proceed with caution. The quality of any AI system directly depends on the quality of its training data and the accuracy of the input it receives. Otherwise, we risk outcomes I call the “snake oil effect,” where impressive-sounding outputs mask poor or unreliable results. Overreliance on generative AI may also introduce hallucinations – false outputs presented as facts, which can be dangerous in security contexts.

Q: The Ghibli-style photo trend is fun, but is it safe? How risky exactly is this trend?

Schaller: The trend is certainly fun from a creative standpoint, but I have ethical concerns about using AI to replicate or appropriate the work of established artists. Beyond ethics, there’s a security risk if users grant access to personal photos through unsecured or unknown platforms. It’s essential to be mindful of where your data is going and how it might be used – even for something that seems as harmless as an artistic filter.

Q: Social engineering in cybersecurity is a concern. The best way to outsmart a social engineer?

Schaller: If something feels even slightly off, it probably is. Whether it’s a strange email, text, or phone call, the best approach is to pause, question, and verify. The old saying “trust, but verify” remains solid advice. For organizations, regular training on current social engineering tactics is essential because attackers are constantly evolving their methods. Keeping your team aware and vigilant is your best defense.

Q: How can organizations stay updated on the latest security threats?

Schaller: Subscribing to vulnerability alerts from trusted sources like CISA, US-CERT, and vendor-specific advisories is crucial. However, it’s not enough to just receive alerts. Participating in cybersecurity communities, attending industry briefings, and maintaining open lines of communication with peers can make a big difference in staying informed and ready to act.

Q: What will cybersecurity look like in 10 years?

Schaller: I don’t expect the fundamentals to change much – it will still be defense-heavy, with smart, creative people on the front lines. But I hope we’ll see more effective use of AI and automation to handle repetitive tasks, freeing human talent to focus on higher-order problem-solving that machines still can’t match. With the help of well-designed AI workflows, we could get faster and sharper at identifying and fixing vulnerabilities.

Q: Any advice you want to give future tech or cybersecurity leaders?

Schaller: Stay current. This field moves fast, and adaptability is your best asset. Don’t just chase certifications – stay curious, keep learning, and constantly question how things work and how they can break.

Bio:

Zoya Schaller is the Director of Cybersecurity Compliance at Keeper Security, Inc. She has over 17+ years of experience in Information Assurance, Regulatory Compliance, and Cybersecurity. Her strongest skill set is leading organizations through complex regulatory cybersecurity compliance processes. Throughout her career, she has successfully helped many clients achieve numerous ATOs, P-ATOs, and attestations.

Tags
Avatar photo

Gizel Gomes

Gizel Gomes is a professional technical writer with a bachelor's degree in computer science. With a unique blend of technical acumen, industry insights, and writing prowess, she produces informative and engaging content for the B2B leadership tech domain.

Related posts

Trending