The InfoSec Control Room

Taher Amine ELHOUARI

The InfoSec Control Room is a podcast by Taher Amine ELHOUARI about cybersecurity, governance, risk, compliance, resilience, and CISO-level decision-making. This show goes beyond buzzwords, checklists, and surface-level security advice. Each episode explores the gap between what organizations believe they have in place and what actually works when incidents happen, audits begin, regulators ask questions, or leadership needs to make risk-based decisions. Hosted from the perspective of a CISO/DSSI, cybersecurity governance practitioner, auditor, advisor, speaker, and community builder, The InfoSec Control Room covers practical topics across information security, GRC, CISO leadership, ISO standards, cyber resilience, privacy, incident response, CSIRT operations, security awareness, regulatory expectations, and lessons from the field. The core idea is simple: most organizations do not have a security problem. They have a governance problem that manifests as security. This podcast is for CISOs, security leaders, GRC professionals, auditors, consultants, executives, aspiring cybersecurity leaders, and practitioners who want clearer thinking, stronger controls, and governance that actually works. No noise. No checkbox compliance. No fake maturity. Just practical conversations on how security is governed, controlled, measured, and improved. https://www.TaherAmine.org/

  1. 23 Jun ·  Bonus

    Media Archive: Conformity Assessment Meets Cybersecurity | FIRST & AfricaCERT Symposium 2025

    In this Media Archive episode of The InfoSec Control Room, Taher Amine ELHOUARI shares his conference session from the FIRST & AfricaCERT Symposium 2025 in Mauritius: “Conformity Assessment Meets Cybersecurity: Building a Common Language Between Auditors and Analysts.” This session explores one of the most important gaps in cybersecurity assurance: why organizations can appear compliant on paper while still struggling to detect, respond to, and contain real attacks. The discussion connects conformity assessment, certification audits, SOC operations, CSIRT response, security metrics, incident evidence, and governance maturity into one practical conversation. It shows how auditors, assessors, regulators, SOC analysts, and incident response teams can work from a shared language instead of operating in disconnected worlds. Rather than treating compliance as a periodic checkbox exercise, this talk argues for continuous, evidence-driven cyber assurance — where operational telemetry, incident tickets, detection metrics, audit evidence, and control effectiveness become part of the same governance model. Original session: FIRST & AfricaCERT Symposium 2025, Mauritius. Topics include: Conformity assessment and cybersecurityAudit and certification assuranceSOC and CSIRT alignmentISO/IEC 27001, ISO/IEC 27006, ISO/IEC 27007, ISO/IEC 27008, and ISO/IEC 19011ISO/IEC 27035 incident management lifecycleTranslating SOC telemetry into audit evidenceMeasuring real control effectivenessMapping detection and incident response metrics to governance requirementsContinuous assurance modelsBridging GRC, SecOps, auditors, and analystsAfricaCERT 3CF and regional cyber maturityNote: This episode is adapted from a public conference session featuring Taher Amine ELHOUARI. All rights to the original recording remain with their respective owners.

    27 min
  2. 23 Jun ·  Bonus

    Media Archive: The Hidden Face of Cyber Extortion on Algerian National TV

    In this Media Archive episode of The InfoSec Control Room, Taher Amine ELHOUARI shares a national television intervention from Taqassi — Season Five, produced by Algerian National Television, focused on cyber extortion and online blackmail. This episode explores one of the most dangerous and rapidly growing crimes in the digital space: how attackers exploit psychology, privacy gaps, digital habits, and weak awareness to pressure, manipulate, and harm individuals. The discussion reflects one of the core missions of The InfoSec Control Room: making cybersecurity, governance, risk, compliance, and resilience practical, understandable, and connected to real-world impact. Rather than treating cybersecurity as only a technical discipline, this intervention highlights the importance of awareness, digital responsibility, online safety, privacy protection, family education, national cyber maturity, and collective defense. Original appearance: Algerian National Television — Taqassi, Season Five, November 2025. Topics include: Cyber extortionOnline blackmailDigital safetyPrivacy risksSocial engineeringSecurity awarenessFamily and public cyber educationDigital responsibilityNational cyber maturityCollective cyber defenseNote: This episode is adapted from a public media appearance featuring Taher Amine ELHOUARI. All rights to the original recording remain with their respective owners.

    10 min
  3. 23 Jun ·  Bonus

    Media Archive: From Chaos to Control — Building and Maturing CERT/CSIRT Teams

    In this Media Archive episode of The InfoSec Control Room, Taher Amine ELHOUARI shares a full masterclass titled “From Chaos to Control: Understanding, Building, and Maturing Your Cyber Response Team.” This session focuses on the fundamentals, structure, and maturity of cyber response teams, including CERTs, CSIRTs, operational readiness, field tactics, and the architecture of cyber resilience. The episode reflects one of the core missions of The InfoSec Control Room: moving beyond theory and showing how cybersecurity governance, incident response, operational structure, and resilience come together in practice. Rather than treating incident response as a purely technical activity, this masterclass highlights the importance of team design, clear roles, governance, escalation, preparedness, coordination, continuous improvement, and the ability to move from reactive chaos to controlled cyber response. Original session: CyberSecurity DZ & WW, Algeria, August 2025. Topics include: CERT and CSIRT fundamentalsCyber response team designIncident response maturityOperational readinessCyber resilience architectureField tactics for response teamsGovernance of cyber response capabilitiesBuilding structure from operational chaosPractical lessons for security leaders and practitionersNote: This episode is adapted from a public masterclass featuring Taher Amine ELHOUARI. All rights to the original recording remain with their respective owners.

    1hr 4min
  4. 23 Jun ·  Bonus

    Media Archive: Cybersecurity Challenges, Certifications, and Career Lessons

    In this Media Archive episode of The InfoSec Control Room, Taher Amine ELHOUARI shares a guest podcast interview originally featured on Lweirday Experience. This conversation explores cybersecurity from multiple angles: fundamentals, career development, certifications, ethical hacking, development security, red/blue/purple teaming, cybersecurity teams, ICS and SCADA security, standards, and the challenges organizations face when building serious security capabilities. The episode reflects one of the core missions of The InfoSec Control Room: making cybersecurity, governance, risk, compliance, and resilience practical, understandable, and connected to real professional experience. Rather than treating cybersecurity as only a technical field, this discussion highlights the importance of mindset, continuous learning, structured teams, secure development, governance, and the ability to connect security knowledge with real organizational needs. Original appearance: Lweirday Experience, September 2025. Topics include: Introduction to cybersecurityCareer journey in cybersecurityCertifications and professional mindsetSecurity in development processesEthical hackingCybersecurity challengesRed, blue, and purple teamsCybersecurity team structuresICS and SCADA securityCybersecurity standardsBuilding cybersecurity departments in startups Chapters: 00:00 — Introduction to Cybersecurity02:57 — Career Journey in Cybersecurity06:03 — Impact of Certifications on Security Mindset08:59 — Integrating Security in Development Processes12:02 — Understanding Ethical Hacking18:00 — Challenges in Cybersecurity25:07 — Red, Blue, and Purple Teams in Cybersecurity32:29 — Understanding Cybersecurity Teams34:33 — The Importance of ICS and SCADA Security39:02 — Exploring Cybersecurity Standards45:38 — Building a Cybersecurity Department in Startups49:08 — Quiz Note: This episode is adapted from a public guest podcast interview featuring Taher Amine ELHOUARI. All rights to the original recording remain with their respective owners.

    51 min
  5. 23 Jun ·  Bonus

    Media Archive: Information Security — A Leading Experience

    In this Media Archive episode of The InfoSec Control Room, Taher Amine ELHOUARI shares a long-form interview hosted by Adel BOUROUIS for Algerian Tech Makers. This discussion explores Taher’s journey in information security and cybersecurity, including career development, lessons learned, certifications, challenges, field experience, community contribution, and the mindset required to grow seriously in the cybersecurity field. The episode reflects one of the core missions of The InfoSec Control Room: connecting cybersecurity knowledge, governance thinking, professional growth, and practical field experience in a way that is useful for students, practitioners, leaders, and the wider cybersecurity community. Rather than presenting cybersecurity as only a technical career path, this conversation highlights the importance of discipline, continuous learning, ethical practice, community building, leadership, and the ability to turn knowledge into real impact. Original appearance: Algerian Tech Makers, April 2025. Topics include: Information security career journeyCybersecurity professional growthCertifications and lessons learnedField experience and challengesCybersecurity community buildingEthical hacking and practical learningLeadership and mindsetAdvice for students and aspiring practitioners Note: This episode is adapted from a public interview featuring Taher Amine ELHOUARI. All rights to the original recording remain with their respective owners.

    2h 13m
  6. 23 Jun ·  Bonus

    Media Archive: IT/OT Convergence at North Africa OT Security Forum

    In this Media Archive episode of The InfoSec Control Room, Taher Amine ELHOUARI shares an intervention from the North Africa OT Security Forum, originally featured on ExpressFM. This discussion focuses on IT/OT convergence, cybersecurity risks, operational resilience, and the opportunities created when industrial environments, critical systems, and digital technologies become increasingly connected. The episode reflects one of the core missions of The InfoSec Control Room: looking beyond technical security controls and asking what cyber risk means for governance, continuity, resilience, accountability, and decision-making in real operational environments. Rather than treating OT security as only a technical challenge, this session highlights the importance of risk ownership, industrial cybersecurity maturity, executive awareness, business continuity, and collaboration between IT, OT, security, and leadership teams. Original appearance: North Africa OT Security Forum, ExpressFM, December 2024. Topics include: IT/OT convergenceOT cybersecurityIndustrial cyber riskCritical systems and operational resilienceCybersecurity governanceBusiness continuityRisk ownershipOpportunities and challenges in connected industrial environments Note: This episode is adapted from a public event/media appearance featuring Taher Amine ELHOUARI. All rights to the original recording remain with their respective owners.

    3 min

About

The InfoSec Control Room is a podcast by Taher Amine ELHOUARI about cybersecurity, governance, risk, compliance, resilience, and CISO-level decision-making. This show goes beyond buzzwords, checklists, and surface-level security advice. Each episode explores the gap between what organizations believe they have in place and what actually works when incidents happen, audits begin, regulators ask questions, or leadership needs to make risk-based decisions. Hosted from the perspective of a CISO/DSSI, cybersecurity governance practitioner, auditor, advisor, speaker, and community builder, The InfoSec Control Room covers practical topics across information security, GRC, CISO leadership, ISO standards, cyber resilience, privacy, incident response, CSIRT operations, security awareness, regulatory expectations, and lessons from the field. The core idea is simple: most organizations do not have a security problem. They have a governance problem that manifests as security. This podcast is for CISOs, security leaders, GRC professionals, auditors, consultants, executives, aspiring cybersecurity leaders, and practitioners who want clearer thinking, stronger controls, and governance that actually works. No noise. No checkbox compliance. No fake maturity. Just practical conversations on how security is governed, controlled, measured, and improved. https://www.TaherAmine.org/