Yuval Sinay is the Head of the Active Cyber Defense (ACD) Department within the Israel National Cyber Directorate (INCD). In this role he leads national efforts in vulnerability research, secure development lifecycle (SDL), cloud and supply chain security, risk management, data protection, and cyber regulation. His work also extends into the field of emerging technologies where innovation meets national resilience.

Earlier in his career, Yuval directed the Cyber Security Governance, Risk, and Assurance (GRA) Division at the same directorate. Under his guidance, the division developed a series of essential publications that shaped Israel’s cyber defense vision, including the Israel Cyber Defense Doctrine 2.0. The doctrine was later recognized by the United States National Institute of Standards and Technology (NIST) as a case of international excellence.

Before joining the national directorate, Yuval served as Director of Cybersecurity and Research within a specialized Science and Technology Directorate. He also founded two cybersecurity startups and held senior positions in major financial institutions, where he combined strategic insight with deep technical expertise.

Yuval holds a Master’s degree in Armed Forces and Security Studies, specializing in Cyber and Strategy from Bar-Ilan University. His educational background in Practical Chemistry Engineering complements his broad professional qualifications that include CISSP, CISM, CRISC, CCSK, ISO 27001 Lead Auditor, CAIDP from the AI Policy Clinic, Disinformation Analyst, and C|CISO. He is currently pursuing his Doctorate in the field of cybersecurity strategy and governance.

In acknowledgment of his contribution to the professional community, Microsoft recognized Yuval as one of its Most Valuable Professionals (MVP) in both Enterprise Security and Datacenter and Cloud. His consistent commitment to innovation, leadership, and knowledge-sharing continues to influence the global cybersecurity landscape.

Why I chose Cybersecurity as my field: In the early ‘90’s when Yuval was a student, he first became aware of the high impact of Information Technology (IT) on our life. In 2003 Yuval was a team member handling an outage incident caused by the spread of the SQL Slammer worm in the infrastructure of an international enterprise. The high negative impact of the incident on the business activity made him realize that it is necessary to promote the issue of information security (IS). However, the field was in its infancy, the decision makers had partial or non-existent awareness to risks, there was no common regulation and the accessible professional knowledge was quite limited. Yuval understood that we were facing a challenging journey, and with the help of a number of professional colleagues, we began to promote the implementation of information security principles in various organizations. Over time, the attack surface and the activity of attackers increased, who took advantage of vulnerabilities in software components, and the negative impact visible to all. This situation made Yuval realize that the key to success lies in the activity with the development teams, when on the one hand it is important to preserve their elasticity and work methods, but on the other hand there is a need to integrate processes, people and technology (PPT) aimed at reducing the risk to the enterprises and customers.

The professional field has been evolved over time, and is now known as cybersecurity. Although the awareness of the decision makers has increased, and the regulation has begun to incorporate different security requirements, we are still in the middle of a challenging journey. Yuval look forward to the day when “secure by design and by default” principles will be the basis for any new product and service, and that the use of cyberspace will be safe for all of us. From Yuval point of view, Cybersecurity is not a technological challenge, but a strategic one. To us as individuals, enterprises and at the cross-national level.