Sphynx CEO Prof. George Spanoudakis participated in the Cyber Intelligence Summit 2026, contributing to a high-level panel discussion on cybersecurity, regulatory compliance, and resilience in a rapidly evolving threat landscape. The conversation highlighted a central shift facing organizations today: cybersecurity is no longer a static compliance exercise, but a continuous, socio-technical challenge.
A key theme raised by Mr. Spanoudakis was the need to rethink how organizations approach skills and training. He stressed that enterprises are complex systems made up of people, processes, and technology — and that threats emerge precisely from the dependencies between them. Generic, “checkbox” training programs may satisfy short-term requirements, but they fail to build long-term resilience. Instead, training must be tailored to each organization’s real threat landscape and measured by its impact on actual behavior and system usage and collectively make the organisation more resilient against threats. In terms of technology, the answer to this challenge requires the integration of Training with the Security & Risk Management solutions. Each solution though requires customization and adaptation to the specific requirements of the organisation and there is “no recipe that fits all”.
On metrics and measurement, Mr. Spanoudakis emphasized that there is no universal security score that fits all organizations. Meaningful metrics must be continuously measured, grounded in real evidence from systems and human behavior, and interpreted within the specific operational context of each enterprise. Combining data from different platforms and environments requires technically sound aggregation — not simplistic averages.
Looking ahead, Mr. Spanoudakis underlined that effect of the NIS2 Directive has not been fully grasped by the market, but is already changing the rules of the game, mandating continuous risk assessment and extending responsibility into the supply chain. Combined with the upcoming Cyber Resilience Act, these developments signal a future where automation, transparency, and continuous assurance are no longer optional, but foundational to cyber resilience.
Ready to build your path to Cyber Resilience?
Explore our Security & Training Solutions
