Securing digital assets is a priority for organizations, in addition to making way through the emergent complexities of the cyber threat environment. In this scenario, a Strategic Cybersecurity Advisor is a professional who plays a pivotal role in helping the organization through guidelines for aligning the practices with broader business goals. They ensure that cybersecurity is not approached as an isolated IT concern but as a strategic enabler of business success.

The tasks involve more than the provision of technical solutions, including risk management, compliance and the development of long-term security frameworks. They conduct detailed threat assessments, advise on security investments and help organizations design systems that are resilient but able to adapt to emerging risks and technologies while providing added value aligned with the business goals.

By implementing knowledge of regulatory requirements and guidelines with her expertise, May Brooks Kempler, the Strategic Cybersecurity Advisor at Helena, helps organizations reduce legal and reputational risk while using cybersecurity to drive business growth. She stresses that cyber security knowledge should permeate all tiers of the organization, from the executive leadership to the rank-and-file staff.

With cyber threats, growing digital transformation and increased regulatory scrutiny, professional demand has increased in the IT sector. May’s ability to harmonize cybersecurity with business strategies and proactively manage risk opens innovation as a driving force for today’s advancing digital environment. Her expertise means that organizations can not only defend against cyber threats but also continue to maintain business and long-term resilience.

Growing and Evolving in Cybersecurity

May’s journey into cybersecurity began by chance when a friend invited her to join a new infosec team. Intrigued by the opportunity, she began her journey in cybersecurity, initially focusing on penetration testing and cyber intelligence analysis. Over time, her technical expertise expanded into Tech Presale and Security Architect roles.

After focusing several years on her technical skills, she broadened her focus to the organizational aspects of cybersecurity, including governance, risk and compliance, ultimately stepping into the Chief Information Security Officer (CISO) role. Throughout her career, she consulted for various organizations across industries, gaining insight into the diverse factors that influence security decisions in different business environments.

This experience led May to roles where she could share her knowledge on a larger scale, including content creation, consulting and strategic direction. Today, she serves as a strategic consultant for several companies, sits on multiple advisory boards and serves as a member of the ISC2 board, the world’s largest cybersecurity membership association.

May’s current work allows her to blend her technical expertise and business experience with her passion for education, empowering and guiding the next generation of cybersecurity professionals.

Flexibility and Compliance in Cybersecurity Programs

May believes that building a cybersecurity strategy across different markets is rooted in understanding the unique requirements of each market’s unique requirements and challenges. Local legislation, culture, diversity, and geopolitical challenges can all have a great influence on how an organization perceives and implements cyber strategies.

May believes in building strong relationships with clients and local cybersecurity communities, which helps her identify emerging trends and opportunities. This network-driven strategy ensures her programs remain relevant, impactful and aligned with the growing demands of the region.

Aligning with Cybersecurity Trends

May believes adaptability is key in cybersecurity education. She emphasizes continuous learning to stay informed about evolving threats like AI-driven attacks, regulatory changes and ransomware growth. Committed to aligning teaching strategies with industry shifts, she ensures her programs remain relevant, preparing professionals to effectively respond to emerging challenges and keep pace with the cybersecurity domain.

Transforming Cybersecurity into a Business Enabler

May emphasizes that security should support and enable business growth, not be the end goal. She encourages students to look beyond technical aspects and understand the broader business context—goals, opportunities, risks, and challenges.

She advocates for cybersecurity professionals to pursue business education and engage with leadership to align security initiatives with organizational needs. This strategic perspective, she believes, helps professionals create more impactful, business-driven cybersecurity solutions beyond technical execution.

The Role of Regular Assessments in Cybersecurity Success

May points out that understanding a cybersecurity baseline is crucial for organizations to prioritize resources and make informed decisions. She advocates for regular risk assessments, vulnerability scans and ongoing evaluation of the growing threat environment.

For her, cybersecurity is a continuous process, not a one-time project. She promotes the PDCA (Plan, Do, Check, Act) principle to ensure strategies remain dynamic, adaptable and capable of addressing emerging threats over time.

Cybersecurity Team Building

For May, building a high-performing cybersecurity team starts with developing a culture of purpose and empowerment. She believes cybersecurity directly impacts people’s lives and emphasizes the critical role of each team member. Passion about the field is crucial and must be prioritized when hiring talent.

To develop and grow teams, it’s vital to provide the tools, resources and collaborative environment needed for success while offering clear career development paths. Recognizing the high-pressure nature of cybersecurity, May emphasizes the importance of recognizing and reminding the team of the “why” behind their work, celebrating big and small wins to reduce burnout and maintain morale while ensuring the team stays motivated, resilient and mission focused.

Building Resilience for Cybersecurity Success

May is passionate about mentoring and developing new talent in cybersecurity, emphasizing that developing curiosity and resilience is just as important as teaching technical skills. She believes that there is a niche for everyone in the cybersecurity field and focuses on helping individuals find the right fit by understanding their motivations and aspirations. By exploring their “why“—what draws them to cybersecurity, what excites them and where their strengths lie—she tailors her guidance to their career goals.

May emphasizes three key areas for building a successful cybersecurity career: foundational knowledge, real-world experience and continuous learning. She follows the process of learning to walk before running, stressing that a strong foundation is essential for long-term growth.

Real-world experience, whether through hands-on practice or learning from others, is equally critical. Finally, she encourages a mindset of lifelong learning, empowering new talent to stay adaptable, curious and resilient in the face of emerging challenges, ensuring their success in a dynamic industry.

Cultivating a Community of Cybersecurity Innovators

May believes that cybersecurity training programs must grow fast to keep pace with the changing environment. Her approach integrates real-world emerging threats, industry trends and technological advancements like AI and machine learning into the curriculum.

She uses real-time case studies to ensure professionals are prepared to tackle real-world challenges. Advocating for experiential learning, she incorporates scenarios such as vulnerability assessments and incident response, helping participants think critically and act decisively under pressure.

By developing a collaborative learning environment, she not only builds technical skills but also cultivates a community of cybersecurity leaders ready to address future challenges.

Next Generation Cybersecurity

May trusts cybersecurity is at a pivotal point, transitioning from a foundation built on Fear, Uncertainty and Doubt (FUD) to a more mature, business-oriented approach. Her research, part of her doctoral dissertation, explores this shift and aims to drive the industry toward greater maturity and inclusivity, welcoming diverse perspectives.

Passionate about training the next generation of cybersecurity professionals, she works to develop programs that not only prepare individuals for careers in cybersecurity but also raise public awareness of cyber risks. Through her work, podcasts, talks and books, she seeks to help people and organizations build resilient strategies and create a safer, more secure digital world.