Pablo Treviño Llorens is a Cybersecurity expert and the Director of Pablosec.

​

1. From SOC analyst to Director of your own consultancy, what’s been the single biggest mindset shift that allowed you to move from executing security tasks to shaping full-scale strategies?

 

The key shift was moving from focusing on solutions to understanding business challenges. As a cybersecurity engineer, I used to see technology and market solutions as the answer to everything. But as a director, I learned that customers don’t want to talk about the latest NPU features - they want to solve real challenges. The real value comes from listening, understanding their business goals, and shaping security strategies that enable those goals.

​

2. How do you explain the value of automation to business leaders who still think of cybersecurity as a purely human-driven function?

​

In a mid-sized company, there are often more than 2,000 cyberattacks per day  most of them fully automated. With this volume and complexity constantly increasing, 24/7 human monitoring alone no longer makes sense. Automated playbooks that can block attacks or isolate infected devices in real time are essential for protection in 2025. Believing that a human team can manually respond to every threat today is simply unrealistic.

 

3. Digital sales today is powered by trust - yet breaches erode trust overnight. How can online sales teams leverage cybersecurity narratives as a differentiator rather than just a compliance checkbox?

​

I always say that cybersecurity should be part of your core business, not just an add-on. It should be seen as a competitive advantage, not a blocker. Whether you’re a small local e-commerce site or a global brand, customers associate strong security with trust. Features like two-factor authentication or CAPTCHA make users feel safer, while good cybersecurity practices like implementing HTTP/3  can even improve website performance, SEO, and ultimately, sales.

​

4. What’s the biggest blind spot you see companies still struggling with in their day-to-day defences?

​

Identity management and the human factor remain the biggest blind spots. Many organisations invest heavily in perimeter defenses but underestimate how easily compromised credentials, and social engineering can bypass every layer. A firewall or SOC service alone doesn’t guarantee protection visibility does. Yet, around 99% of companies don’t have SSL inspection enabled, meaning most encrypted traffic (HTTPS) goes completely unseen. Without visibility, even the best security tools are blind.

​

5. As someone who’s worked with Fortinet, Cisco, Check Point and Palo Alto, do you think vendor diversity is a strength or a liability when building resilient networks?

​​

It depends on how it’s managed. Vendor diversity can be a real strength when it helps avoid single points of failure and leverages best-in-class capabilities  for example, in critical sectors where multiple firewall vendors operate in line for redundancy and control. But when diversity isn’t properly managed, it quickly becomes a liability, increasing complexity, reducing visibility, and creating integration challenges. The key is interoperability, clear standards, and centralised visibility.

​

6. Cybersecurity is rarely just technical, it’s also cultural. What’s one lesson you’ve learned about changing human behaviour that has stuck with you?

​

People don’t change through fear they change through understanding. When users see how security protects their role, their data, and their reputation, they engage. Awareness campaigns should be built on empathy, not punishment. I often use a simple example: if someone knocks on your door and you don’t know them, you wouldn’t let them in  the same logic should apply in IT.

 

​ 7. You’ve operated across Spain, Ireland, and multinational projects. What differences have you noticed in how organisations in different regions approach digital resilience?

​

In my experience, each country has a different level of maturity. For example, Spain has had critical infrastructure regulations for more than 15 years, while Ireland will adopt similar frameworks in 2025 under NIS2. But regardless of companies size big or small what truly makes the difference is how organisations prioritise cybersecurity and how their customers perceive its value.

​

​8. Looking ahead, how do you see AI and automation reshaping the Managed Security Service Provider model and where do you think the human consultant will remain irreplaceable?

​​

I’m convinced that within the next five years, we’ll see MSSPs running fully automated SOC operations for Level 1 and Level 2 tasks. Any MSSP with less than 85% of its workforce made up of engineers will soon face serious challenges, as the growing complexity of threats and technologies demands engineering-driven, not sales-driven, organisations. Many MSSPs still focus on selling “boxes” from a single vendor, but only a few truly understand the technology or deliver high-quality implementations. This often creates a false sense of security for customers who believe they’re protected by a firewall, when in reality it’s just an expensive switch with an any-any allow rule caused by poor configuration.

​

​9. Do you recommend any useful digital sales tools or platforms that can help founders or professionals raise their online sales expertise?

​

Collecting user data and metrics is becoming increasingly complex, and proper management of explicit user consent is now crucial. Implementing a tag management solution, such as Google Tag Manager, should be considered essential to ensure compliance with privacy regulations and new consent frameworks like Google Consent Mode 2.0.​​​​​​​​