Cybersecurity across the Middle East & Africa is shifting from awareness campaigns to capability building. That shift requires accessible certification training, hands‑on labs, and community platforms where practitioners can learn, share, and grow. In this candid conversation, Ouaissou DEMBELE – Co‑founder & Group CEO of Sainttly Group, General Manager of Saintynet Cybersecurity, and Editor‑in‑Chief of Cybercory.com – explains how Sainttly is scaling skills through Saintynet’s training portfolio and the launch of Cybercory.com and CISO Paradise to spread best practices and make training truly accessible.
Biography: Ouaissou DEMBELE
Co‑founder & Group CEO, Sainttly Group | General Manager, Saintynet Cybersecurity | Editor‑in‑Chief, Cybercory.com
- Career foundation: Began in 2005 as an IT Technician in Burkina Faso; advanced to Network Technician in Saudi Arabia; founded and managed projects in India; returned as Founder & CEO in Burkina Faso; now based in the UAE leading MEA‑to‑global initiatives.
- Focus areas: Purple teaming, governance, risk & compliance (GRC), security architecture, operations, and vendor go‑to‑market (GTM) acceleration.
- Role today: Sets Sainttly’s cybersecurity vision, designing long‑term strategies, aligning with regulatory standards, and guiding organizations to identify, mitigate, and measure evolving threats.
- Certifications (teach/hold): CISSP, CISM, CCSP, CEH, CCNP Security, Security+, PMP, ISO 27001, ITIL v4; Master’s Diploma in Network Security (2013).
- Community platforms: Launched Cybercory.com (editorial hub for timely insights and best practices) and CISO Paradise (professional network for IT & security leaders) to democratize knowledge, expand training access, and connect practitioners across MEA and beyond.
- Mission: Build resilient, measurable security programs and career pathway – from entry‑level analysts to leadership – through certification training, hands‑on labs, and partnered academies.
The Interview
1) Why launch Cybercory.com and CISO Paradise?
Q: What problem were you solving when you created these platforms?
A (Ouaissou): Two big ones, access and community. Cybercory.com spreads best practices through timely articles, interviews, and event coverage. CISO Paradise gives leaders a dedicated space to connect, benchmark, and mentor. Together, they complement Saintynet’s certification training, making learning continuous, discoverable, and social.
2) Certification training as a cornerstone
Q: Why put certifications at the heart of the Saintynet model?
A: Certifications are trust signals and capability frameworks. In our region, many professionals have experience but need globally recognized credentials to unlock opportunities. We prioritize CISSP, CISM, CCSP, CEH, Security+, ISO 27001, PMP, CCNP Security, and we embed hands‑on labs and purple team exercises so people can apply skills on day one, not just pass exams.
3) What makes your training accessible?
Q: Accessibility is a common pain point, how do you address it?
A: We offer multiple delivery modes: online cohorts for flexibility, corporate academies for tailored sector risks, and co‑branded programs with local/regional/global partners. Pricing tiers, modular curricula, and role‑based pathways ensure a SOC analyst, cloud engineer, or GRC lead can each take a route that fits their schedule and career goals.
4) From awareness to action: linking GRC and operations
Q: How do you connect governance with what happens in the SOC?
A: We start with business services and threat scenarios, then design controls you can test via purple teaming. Findings feed back into policy, detection content, and runbooks. It’s a closed loop – set objectives, validate controls, tune detections, re‑measure – until risk reduction is visible and repeatable.
5) Vendors, GTM, and adoption
Q: Many organizations buy tools they struggle to adopt, what’s your approach?
A: We help vendors with GTM strategy and help clients with integration. We map use‑cases, instrument telemetry, and co‑create runbooks and tabletop drills. Training + adoption planning turns tools into capabilities, not shelfware.
6) Building capacity at scale
Q: How do you plan to scale certification training across MEA?
A: Through partner academies, online campuses, and corporate centers of excellence. We localize content, align with regulations, and maintain global standards. Cybercory.com and CISO Paradise keep alumni engaged, sharing insights, mentoring, and staying current.
7) Career pathways and stacking credentials
Q: How should professionals plan their certification journey?
A: Think in stages: foundations (Security+, ISO 27001), hands‑on (CEH, CCNP Security), strategy (CISM, CISSP, CCSP), plus project/governance (PMP, ITIL v4). Pair each stage with labs and guided delivery, that’s how skills become confidence.
8) Awareness beyond IT
Q: Does awareness training still matter for non‑technical teams?
A: Absolutely. Attackers target people first. Role‑based programs for executives, finance, HR, ops – plus phishing simulations and incident drills – create an organization where everyone participates in risk reduction.
9) AI, cloud, and OT – practical realities
Q: Where are the biggest gaps right now?
A: Identity‑centric cloud security and safe OT validations. For AI, we teach augmentation with accountability: use automation, but anchor in validated detections and human oversight.
10) What’s next for Saintynet Cybersecurity?
Q: Where are you pushing hardest in 2026?
A: Expanding online certification cohorts, building regional academies, and deepening vendor partnerships. We’re also growing CISO Paradise as a home for executives and Cybercory.com as the MEA reference for applied best practices.
Sample Certification Roadmap (Role‑Based, MEA‑Ready)
Use this as a template; durations can be adapted to client schedules and sector needs.
Track A – SOC Analyst (Tier 1 → Tier 2)
- Phase 1 (Weeks 1–6): CompTIA Security+, ISO 27001 Foundation; phishing & alert triage labs
- Phase 2 (Weeks 7–12): CEH + hands‑on attack simulation; SIEM fundamentals, detection content creation
- Phase 3 (Weeks 13–18): Blue/Red/Purple labs, incident handling playbooks, tabletop drills
Track B – Cloud Security Engineer
- Phase 1 (Weeks 1–4): Cloud security basics; identity & access management (IAM)
- Phase 2 (Weeks 5–12): CCSP prep with scenario labs (secure configurations, data protection, logging)
- Phase 3 (Weeks 13–18): Threat‑informed detections, compliance mapping, DevSecOps guardrails
Track C – Governance, Risk & Compliance (GRC) Lead
- Phase 1 (Weeks 1–6): ISO 27001 Lead Implementer concepts; risk assessment workshops
- Phase 2 (Weeks 7–12): CISM prep; control design and audit readiness
- Phase 3 (Weeks 13–18): Business service mapping, metrics dashboards, board‑level reporting
Track D – Security Architect / Leadership (CISO Pathway)
- Phase 1 (Weeks 1–8): CISSP domains with architecture labs; threat modeling
- Phase 2 (Weeks 9–14): PMP / ITIL v4 for program & service management; executive tabletop drills
- Phase 3 (Weeks 15–20): Purple team validations, resilience planning, KPI design & governance cadence
Optional Add‑Ons: CCNP Security (network focus), specialized cloud provider certs, OT security workshops, privacy/GDPR alignment, incident commander drills.
Rapid‑Fire Round
- Most impactful cert pairing? CISSP + CCSP for cloud‑first programs.
- Most underrated capability? Detection content engineering tied to business services.
- One habit to build? Quarterly tabletop drills with cross‑functional leaders.
Closing Editor’s Note
Training that changes careers and programs requires three ingredients: clear certification pathways, hands‑on practice, and a community that keeps learning alive. With Saintynet’s training, Cybercory.com’s editorial engine, and CISO Paradise’s network, Sainttly Group is building the infrastructure for MEA to move decisively from awareness to action.
Get Involved
- Enroll / Partner: training@saintynet.com | sales@sainttly.com
- Explore: cybercory.com | sainttly.com | cisoparadise.com