Cybersecurity Leader Advocates for Integration of Human-Centric Approaches in Security Frameworks

By Ugo Aliogo

Joseph Edivri, a seasoned cybersecurity professional serving as Senior Security Program Manager at a major technology company, has emerged as a thoughtful voice advocating for security approaches that balance technical rigor with human factors. His perspective—shaped by over fifteen years navigating security challenges across multiple continents and organizational contexts—emphasizes that effective cybersecurity cannot be achieved through technology alone but requires understanding human behavior, organizational culture, and business objectives.
Speaking about the evolution of cybersecurity, Edivri challenges the notion that more sophisticated technical controls automatically translate to better security outcomes. Instead, he argues that security professionals must focus on creating frameworks that people can follow, systems that fit naturally into workflows, and policies that make sense to the individuals responsible for implementing them. This view represents a departure from traditional security thinking, which often prioritized technical sophistication over usability and practicality.

His perspective has been particularly shaped by recent high-profile security incidents that have affected major technology providers. As a member of a specialized task force established in response to sophisticated cyberattacks, Edivri has witnessed firsthand how even the most advanced technical defenses can be circumvented when human factors are not adequately considered. These experiences have reinforced his belief that security must be approached holistically, addressing not just technical vulnerabilities but also the organizational and human elements that contribute to security posture.
Edivri’s views on security governance reflect this human-centric philosophy. He emphasizes the importance of clear communication, stakeholder engagement, and continuous education in building security-conscious organizational cultures. Rather than viewing security as a series of mandates imposed from above, he advocates for collaborative approaches that help individuals understand why security matters and how their actions contribute to or undermine organizational security. This perspective recognizes that employees are not obstacles to security but essential partners in maintaining it.

His work overseeing security compliance across multiple business divisions has provided ample opportunity to test these principles. Managing initiatives that span production, pre-production, and various cloud environments requires not just technical coordination but also the ability to help diverse teams understand how security requirements apply to their specific contexts. Edivri emphasizes that security professionals must serve as translators, helping technical teams understand business requirements and help business leaders understand technical constraints and opportunities.
The scope of modern security challenges reinforces the importance of this human-centric approach. With assets numbering in the millions and security controls spanning categories including Zero Trust Architecture, Identity and Access Management, and Data Protection, maintaining security at scale requires more than automated tools and compliance dashboards. It requires building systems where security is intuitive, where individuals have the context, they need to make good security decisions, and where organizational incentives align with security objectives.

Edivri’s educational background in biochemistry—an unusual foundation for a cybersecurity career—informs his systems thinking approach to security challenges. Just as biological systems require balance and adaptation to maintain health, organizational security requires constant attention to evolving threats, changing business requirements, and emerging technologies. His multidisciplinary perspective, combined with an extensive portfolio of certifications including the recently obtained Chief Information Security Officer credential, positions him to advocate for security approaches that recognize this complexity.

His involvement with professional organizations including ISACA, where he serves as President of the Calgary chapter, provides additional platforms for advancing these views. Through mentorship programs, article reviews, and community engagement, Edivri works to shape how the next generation of security professionals approaches their work. He emphasizes that technical skills, while essential, must be complemented by communication abilities, business acumen, and genuine concern for helping organizations succeed securely.

Edivri’s perspective on the future of cybersecurity acknowledges both the challenges and opportunities ahead. As artificial intelligence, quantum computing, and other emerging technologies create new security considerations, he argues that the human element becomes even more critical. Security professionals must help organizations navigate these changes thoughtfully, implementing new controls and capabilities in ways that enhance rather than hinder business operations.

His volunteer work teaching cybersecurity concepts to young people through programs like the “YesWeCode” summer camp reflects his belief that building security awareness must start early and extend beyond professional contexts. By helping children understand online safety, critical thinking, and foundational security concepts, he contributes to developing a more security-conscious society—one where good security practice are second nature rather than burdensome obligations.