‍At BEUMER Group, cybersecurity doesn’t sit in the shadows as a siloed support function - it has a seat at the table and serves as a strategic partner to the business. Leading that vision is Ibrahim Memis, a CISO who blends hands-on technical expertise with a clear-eyed view of what truly makes organizations secure: people, clarity, and communication.

With roots in software development, leadership experience across Bosch and BEUMER, and a fresh perspective shaped by his MBA studies at WHU, Ibrahim brings both depth and drive to the cybersecurity world. In 2023, he was recognized with the CIO Young Talent Award, a milestone that reflects not just technical excellence, but a new kind of leadership - one that champions relevance over buzzwords, and culture over compliance.

We caught up with Ibrahim to explore why contextual awareness still matters, what most companies get wrong about AI, and how keeping security visible can turn it into a true business enabler.

Ibrahim, what first drew you into cybersecurity? And what drives you today?

“I’ve always been fascinated by systems - how they connect, how they fail, and how they can be secured. I started in software engineering, but I realized early on that pure tech isn’t enough for me. Cybersecurity is as much about people as it is about machines. What drives me today is the chance to make a real difference - not just by setting policies, but by shaping how thousands of people think and act around security. That’s a huge responsibility and a huge opportunity.”

As a CISO, what’s your philosophy when it comes to building awareness?

“Awareness still is - and will always be - key. But generic campaigns don’t cut it anymore. You need smart, contextualized initiatives that speak directly to specific roles and environments. Engineers don’t need the same message as HR or sales. When we tailor awareness to their real world, they start to engage. That’s when awareness becomes behavior and that’s what we’re aiming for.”

With AI becoming mainstream, what’s your take on its impact for cybersecurity?

“AI is powerful, but also dangerous if left unchecked. It’s not just about external threats - it’s about how we use AI internally. If we feed sensitive data into AI tools without strong guardrails, we risk violating ‘need-to-know’ principles and oversharing critical knowledge. Technology is moving fast, but our governance needs to move faster. For me, it’s about combining innovation with discipline.”

What advice would you give to other CISOs trying to build a strong security culture?

“Keep it real. Avoid fear-based messaging and long policies no one reads. Start conversations. Build bridges. Be present. Culture isn’t built in a PowerPoint deck - it’s built in the day-to-day. If your people trust you, they’ll listen. And if they feel seen, they’ll care. That’s the foundation of every secure organization.”

What’s your view on the cybersecurity industry’s obsession with the latest tech?

“There’s a tendency to chase shiny new solutions. But honestly? Cyber hygiene still wins the day. Do the basics right - patching, vulnerability management, endpoint hardening, a solid SOC - and you’re already ahead of the curve. I often say: we don’t need more tools, we need better habits. And those come from leadership and clarity, not complexity.”

Where do you see the biggest risk today for mature security organizations?

“The more mature your external defenses are, the more insider threats become a real concern. And I don’t just mean malicious insiders. Often, it’s someone with access who makes the wrong call, unknowingly. That’s why we focus heavily on culture, training, and visibility so that people understand the ‘why’ behind the rules. Because when security feels like someone else’s job, that’s when problems start. What we’re also seeing is that security awareness has increased across the board. It’s no longer just a workplace topic, people are thinking about it in their personal lives too. That broader awareness creates momentum we can tap into, and it helps make security feel more relevant and real.”

You mentioned visibility earlier. Why is that so important for the security team?

“Because security can’t be a black box. If people don’t know who we are or what we do, they won’t come to us when it matters. Communication is everything. We’ve worked hard at BEUMER Group to make cybersecurity a visible, approachable function - whether it’s through training sessions, internal communications, or just being present in the business. Trust is built over time, not in a crisis.”

Finally, congratulations on winning the CIO Young Talent Award! What did that moment mean to you?

“Winning the CIO Young Talent Award was a deeply meaningful moment for me. It felt like recognition not just of my work, but of the values I believe in - like staying close to the business, understanding people, and leading with empathy. It also reminded me why I chose this path: not just to implement security measures, but to help shape how organizations think and grow. That’s also why I started my MBA at WHU because effective leadership, just like effective security, means never standing still. I’m really grateful to the mentors who supported me and to the culture at BEUMER Group that encourages this kind of growth.”

Thank you, Ibrahim, for taking the time to share your perspective and leadership journey with us.

‍

‍