Dr. Luis O. Noguerol, President & CEO, Advanced Division of Informatics and Technology, Inc. (ADITusa, Inc.), has been recognized by The Enterprise World for his journey from a struggling student to a global cybersecurity leader. His visionary contributions, including groundbreaking mathematical models and hands-on expertise, have set a new standard for data security and fraud prevention.
Your journey is remarkable—not only for your professional achievements but also for the personal transformation you underwent. Can you share how your family, and especially your son, have been the driving force behind your success? How did their support and inspiration help you rise from being one of the lowest-performing students in elementary and high school to becoming a global leader in cybersecurity and innovation?
I am grateful beyond words for my entire family, specially my parents, my grandparents, my son Luis Orlando Noguerol Alvarez, “Landy,” and everyone who has loved, supported, and encouraged me, even when I struggled or made mistakes. No matter how low my grades were or how lost I felt, my family was always there: cheering me on, believing in me, and reminding me of my worth.
My grandparents’ wisdom and warmth helped shape who I am, and my parents, Daysi Rodriguez Cruz and Luis Orlando Noguerol Lopez, were my foundation, teaching me the values of patience, hard work, and kindness. My son Landy inspires me every single day, he is my greatest motivation and the reason I keep striving to be better. When I look back, I know that every achievement, from overcoming academic struggles to becoming a leader in cybersecurity and innovation, was only possible because of the endless love, support, and belief my family gave me. My story is truly our story, and everything I do reflects the love they have poured into my life.
Your mathematical model combining Elliptic Curve and Lagrange’s theorem with PIN Block encryption has influenced major institutions like WhatsApp and the Bank of China. Can you walk us through the genesis of this idea and its real-world impact on global data security?
Absolutely, and honestly, this story still makes me smile. From elementary school all the way through high school, mathematics and I were sworn enemies; I am talking cold sweats before tests and thinking calculators were invented just to bail me out.
If you had told me back then that I would not only pass mathematics but get a master’s degree in it, I would have bet against myself every time! But somewhere along the way, when I finally faced my mathematics fears (and powered through enough late nights), the crazy thing is, I actually started to enjoy it. Suddenly, all those weird symbols and numbers clicked, and I went from avoiding mathematics homework to actually loving the challenge. Actually, I never did any homework at the school, if memory serves well.
That turnaround became a game-changer for me. When I got into cybersecurity, I saw how Personal Identification Number Block encryption had some weak spots and thought, “Why not throw a little mathematics magic at it?” So, I mixed the clever techniques from elliptic curve cryptography and the group theory principles from Lagrange’s theorem, kind of like giving your front door a new deadbolt and a security camera at the same time.
It worked so well that even big players like WhatsApp and the Bank of China picked up on it for their own data protection. So yes, the kid who could barely survive mathematics class ended up helping raise the bar for global security. I guess sometimes, your old struggles turn into your best plot twist!
You were able to hack a Windows Server 2012 in just 33 minutes during the worldwide Hacker Halted “Olympic” competition, earning a gold medal. What specific skills or mindset do you believe set elite cybersecurity professionals apart in such high-pressure, real-world scenarios?
Absolutely. My wins at both the Asia Pacific Hackathon in Malaysia (July 2023) and the Hacker Halted “Olympic Competition” (October 2012) are really the result of years spent building deep technical expertise and constantly mastering new cybersecurity disciplines. Whether I was breaking into that Windows Server 2012 in record time back in 2012 or going head-to-head with the world’s best at the 2023 Asia Pacific Hackathon, my edge always came from truly understanding the details, everything from system and network vulnerabilities to cutting-edge encryption and privilege escalation.
This allowed me to spot weaknesses quickly, adapt my approach on the fly, and solve problems creatively, even under serious pressure. It is that combination of advanced technical depth, methodical troubleshooting, and genuine excitement for the craft that let me not only compete, but actually stand out and lead on the global stage, winning both the gold medal at Hacker Halted and first place in Malaysia, sponsored by Negara Bank.
With over 100 IT and cybersecurity certifications, how do you prioritize continuous learning in a field that evolves so rapidly, and what advice do you give to professionals seeking to stay ahead of the curve?
103 to be more specific, but I am not planning for more. Staying sharp in cybersecurity means embracing the fact that you’ll never know it all, so I treat learning as a daily habit, not a checkbox. I focus on what truly matters: regularly identifying the gaps in my knowledge, diving into new technologies that intrigue me, and surrounding myself with people who challenge my thinking.
My advice to anyone looking to stay ahead is simple: don’t chase credentials for the sake of collecting them. Instead, dig deep into areas that genuinely interest you, use real-world projects to reinforce what you learn, and keep your mind open to evolving ideas. In a field that changes overnight, staying curious and humble is the smartest investment you can make in your career.
As the first Hispanic invited to speak at the FISSEA Conference at the NIST in 2016, how do you view the intersection of diversity, representation, and innovation in cybersecurity leadership?
Stepping onto the stage at NIST’s FISSEA Conference in 2016 as the first Hispanic speaker was both surreal and humbling. I remember thinking, “How did I end up in a room full of such incredible minds?” That moment drove home for me how essential diversity is, not just for fairness but because it actually fuels creativity and innovation in cybersecurity. When people from different backgrounds collaborate, we tackle problems in ways that one perspective alone could never achieve (plus, the debates are never boring!).
Honestly, seeing someone with my story represented at an event like that is about more than just me—it’s about widening the door for others who never thought they belonged, and proving that real breakthroughs happen when everyone’s voice is welcomed. I left NIST with both pride and gratitude, and a renewed belief that when we champion diversity and inclusion, we make our field smarter, stronger, and a whole lot more interesting.
You have been recognized globally, including being named C|CISO of the Year among thousands of candidates from over 130 countries. What core principles define your approach to executive cybersecurity leadership?
Being named C|CISO of the Year among thousands of leaders from over 130 countries, an honor many call the “Nobel Prize” of cybersecurity, was an incredible milestone for me. This recognition was especially meaningful because, under my leadership, top financial institutions in two Central American countries saw electronic fraud drop by 39% in less than two years, thanks to my introduction of innovative fraud detection methods.
These achievements highlight what I believe are the real foundations of impactful leadership: technical expertise, visionary thinking, and a culture built on trust and innovation. That journey inspired me to write the world’s first book fully dedicated to the subject, “Leadership in Cybersecurity: Sweet Talkers’ Effect,” sharing proven lessons for making a measurable difference in this dynamic field.
Your scientific work has been acknowledged by the American Institute of Physics for challenging established physical laws. This is a rare and unique recognition. How does your background in mathematics and physics inform your approach to cybersecurity problem-solving?
Honestly, getting a shutout from the American Institute of Physics for playing around with Snell’s Law was just wild, there were moments when I thought someone would ask for my lab coat back! If you ask most of my university’s former professors, they will probably say I drove them crazy with all my unusual questions and never taking “because that is the rule” for an answer.
I just cannot help myself, rules are made to be poked, and I love seeing what happens if you push things a little. Being curious and a bit stubborn has shown me that is where the fun (and the best discoveries) hide, and I know I will probably keep questioning things until my last day! Sincerely speaking, I don’t consider myself an easy person to have technical debates.
You have been a featured speaker and consultant for organizations across North America, Europe, Central and South America, and Asia. What are the most significant regional differences you observe in cybersecurity threats and responses?
Speaking and consulting across North America, Europe, Central and South America, and Asia has been both humbling and clear proof that my expertise is recognized worldwide, a privilege I never take lightly. These opportunities have let me see up close how regions differ: North America and Europe focus on privacy and advanced persistent threats; Central and South America stand out for creative, agile approaches to fighting fast-changing digital fraud; and Asia’s scale brings unique mobile and tech adoption challenges.
No matter where I am, I find the best defenses come from local culture, available resources, and the courage to innovate. I am truly honored to learn from every team I meet while sharing what I have picked up along the way.
Your efforts led to a 39% reduction in electronic fraud within two years. What were the most effective tactics or technologies that drove this impressive result?
Thank you for the question. It is a result I am truly proud of, and I owe it to a multidisciplinary approach that combines deep technical skills in electronics, mathematics, physics, information technology, and cybersecurity. By bringing together insights from these different fields, I was able to design and implement innovative, data-driven fraud detection models that could spot subtle patterns traditional systems missed.
We tailored advanced analytics, machine learning algorithms, and real-time monitoring tools to fit each institution’s unique environment, making the technology both powerful and practical. But technology was just one side of the equation, collaborating closely with diverse teams and understanding the human element of fraud was just as important. This blend of broad technical expertise and a holistic perspective was key to driving such a remarkable reduction in electronic fraud, and I am grateful for the chance to have made that kind of impact.
As an author of the first book focusing specifically on Cybersecurity Leadership, how do you see the role of leadership evolving in the face of emerging threats like AI-driven attacks and quantum computing?
I want to be completely clear: with challenges like artificial intelligence and quantum attacks ahead, our field needs leaders with real, hands-on expertise and the willingness to keep learning. I hold immense respect for those who have truly earned their reputation through skill, knowledge, and real results.
But I have absolutely no respect, none at all, for those frauds who get promoted by repeating what others say, stealing credit, and pretending to know when they do not have a clue about cybersecurity or information technology. These individuals poison organizations, discourage the true experts, and put entire teams at risk, all because they are better at politics than protecting systems. Let us be honest: leadership must be about knowledge, honesty, and genuine action, not deception or empty noise. If you are one of those imposters, you are the real threat we should all be working to expose and remove.
You have combined roles in federal service, private enterprise, and academia. How do these perspectives inform your vision for the future of information security?
Serving as a federal officer stands as one of the greatest honors in my life. Though I am an American citizen by adoption rather than by birth, I am immensely proud to call this country my own, and being an immigrant only deepens that sense of duty and responsibility.
I honestly feel that stepping into this role as an American by choice compels me to work even harder, with unwavering patriotism, to live up to the ideals and trust that this nation represents. The privilege to serve is never lost on me; every single day, I strive to give back to the United States with the same generosity and integrity that welcomed me, and I stand ready, always, to defend and uphold the values that define us as a people.
Beyond federal service, I am tremendously proud of the opportunities I have had to teach at multiple universities, both in the United States and internationally. Sharing knowledge and inspiring the next generation of cybersecurity professionals has been one of the most rewarding experiences of my career. I am also especially honored to have founded and led the Advanced Division of Informatics and Technology, alias ADITusa, Inc. since 2006, guiding it to success on both national and international stages. Building ADITusa, Inc. from the ground up and seeing it thrive has reinforced my belief in hard work, innovation, and the importance of giving back to the community through both education and enterprise.
What do you consider the biggest misconception organizations have about cybersecurity, and how do you work to correct those misunderstandings?
The biggest misconception I see is the belief that cybersecurity is just a checklist, or something you can fully outsource with a few policy updates and some “magic” technology, rather than a discipline demanding hands-on expertise, continuous learning, and real, proven skill. Too many organizations trust flashy titles, impressive talkers, or the latest vendor pitch instead of demanding clear evidence of success and true knowledge from their teams and partners.
Let us be honest: if you cannot demonstrate genuine results, deep understanding, and the humility to question your own assumptions, you are not protecting anyone, instead just “putting yourself” on a show. I am not here to gently correct this, my message is direct: the real risk comes from confusing noise with substance, and the sooner we stop accepting “good enough” or “it sounds credible,” the safer everyone will be.
You have dedicated time to teaching information security to low-income and minority communities for free, I meant, without charging anything to the students, and absorbing all associated costs. Why is this outreach important, and what impact have you observed from these efforts?
Teaching information security to low-income and minority communities is my way of giving back to a country that has given me so much. Everyone deserves a fair chance to be safe and succeed online, and watching students gain confidence and new skills shows just how powerful that investment can be for our entire nation. I love all my former and present students, especially those from low-income communities as the great majority of them have been able to find IT jobs. It means a lot to me.
Given your experience in digital forensics, data recovery, and penetration testing, what new types of vulnerabilities do you anticipate will emerge with the proliferation of IoT, 5G, and sooner coming 6G and 7G technologies?
With nearly 41 years of real, hands-on experience in digital forensics, data recovery, and penetration testing, I know that every advance, whether IoT, 5G, or soon 6G and 7G, brings a surge of new risks: far larger attack surfaces from billions of insecure devices, weak authentication, outdated firmware, insecure APIs, supply chain threats, and the potential for massive, fast-moving attacks. What worries me most is how these advances speed up the scale and impact of attacks on everything from personal devices to critical infrastructure, demanding the kind of deep expertise, proactive standards, and relentless vigilance that only hard-earned experience and continuous learning can provide.
Reflecting on your journey from Holguin, Cuba, to international recognition, what personal or professional challenges most shaped your approach to innovation and resilience in cybersecurity?
Looking back on my journey from Holguin, Cuba to international recognition, I am deeply humbled and grateful for everything the United States has given me. Starting from scratch, facing language barriers, and adapting to a whole new world taught me strength, kindness, and the importance of perseverance.
Any success I have achieved, at home or abroad, comes from never forgetting my roots, honoring those who gave me a chance, and always striving to lift others as I move forward. Every step has been a blessing, and I dedicate it all to the people and country that believed in me, to all my former professors and classmates, to my family. As I mentioned right from the start, I’ve never really been one of those top students.
You have authored more than 20 publications and submitted three for patent consideration. Which of your published works or patent submissions do you believe will have the most lasting impact on the cybersecurity field, and why?
While I am grateful for each of my contributions, I believe the work that will have the most lasting impact is the one that sparked new questions and inspired others to think differently, rather than just offering technical solutions. Some of my most cited publications have focused on practical models for proactive threat detection, and among my patent submissions, there is one on adaptive security analysis that I hope will help organizations keep pace with constantly changing threats.
Ultimately, I see each publication or patent as a piece of a larger puzzle; the real impact comes from encouraging collaboration, continuous learning, and the kind of honest dialogue that moves the cybersecurity field forward for everyone. Please let me note that as per the patents go, I still waiting for final outcomes from the United States Patent and Trademark Office.
At the Asian-Pacific Hacking Competition, you won first place after discovering a live vulnerability on the Bank of China’s website in front of a global audience. Can you share what was going through your mind during that moment and how it has shaped your approach to ethical hacking?
Winning first place at the Asian-Pacific Hacking Competition by uncovering a live vulnerability on the Bank of China’s website was an intense and humbling experience that really drove home how, if you truly master the technology, almost any application can be exploited, even those thought to be impenetrable.
In that moment, I was completely focused on both the technical challenge and the responsibility that comes with revealing such weaknesses in front of a global audience. It shaped my approach to ethical hacking by making me even more committed to using this knowledge for good, reminding me that our real purpose is to protect, not to exploit, and that with enough technical skills and discipline, the boundaries of security are always being tested, which is exactly why we must never stop learning or defending, but I also understand that technical skills are never sufficient, instead, there is a permanent opportunity to keep learning.
When the first publicly recognized cybersecurity breach occurred in Japan in July 2023, you were specifically requested to lead the forensic investigation and collaborated directly with the Director of the National Security Agency of Japan and the Office of the First Minister. How did this experience differ from your previous work, and what were the key lessons learned from such a high-stakes, internationally visible case?
Thank you for the question. I cannot share technical details due to the investigation’s sensitivity, but I want to express how incredibly proud and truly honored I was, and always will be, to have led this critical forensic effort with Japan’s top security leaders. The trust and recognition from this experience remain one of the greatest highlights of my career, and its meaning will stay with me for the rest of my life.
Receiving personal recognition from top Japanese officials for your role in the 2023 cyber breach investigation is a rare honor. What did this acknowledgment mean to you on a personal and professional level, and how has it influenced your subsequent work?
Thank you so much for your kind words. Receiving personal recognition from Japan’s top officials was truly humbling, it meant more to me than any title or award, because it represented deep trust and appreciation from leaders I greatly respect. On both a personal and professional level, it inspired me to keep growing, stay humble, and always strive for excellence, knowing that genuine teamwork and integrity can make a real difference. That acknowledgment continues to remind me how important it is to serve others with gratitude and commit fully to every challenge I face.
Beyond your professional achievements, you continue to practice Judo and have been recognized by the International Judo Federation, Pan-American Judo Association, and USA Judo Association as a Black Belt Third Degree (Sandan). How has your commitment to Judo and its philosophy influenced your discipline, leadership, and resilience in the cybersecurity world?
Judo has profoundly shaped my approach to cybersecurity, teaching me discipline, humility, and constant self-improvement. Being recognized as a Black Belt Third Degree (Sandan) by the International Judo Federation, the Pan-American Judo Association, and the USA Judo Association is a real honor, but what means the most to me are the daily lessons of respect, perseverance, and adaptability that Judo brings.
The philosophy of Judo, embracing each challenge as a chance to grow, reminds me to stay calm under pressure, lead with integrity, and always learn, whether on the mat or facing complex cyber threats. Above all, Judo has shown me that true strength lies in supporting others, staying open to new lessons, and striving to continually improve both professionally and personally. Honestly, I could go on about Judo for hours—seriously, I could talk your ear off about it without even stopping for water! But after all these years on the mat, I still feel like a complete beginner compared to so many incredible Judokas I’ve been lucky enough to meet along the way.
Every time I step into the Dojo, I walk in with a white belt mindset, just hoping to soak up whatever I can. I truly wish I had more time to train, but, as it goes, life and work tend to pull me away from the tatami more than I’d like. It’s not my ideal situation, but it’s just how things are right now, and I began feeling the what I call “the age symptom.”
Your professional commitments are extensive, yet you still make time for family and personal passions. Can you share how your family inspires you and what strategies you use to balance high-level responsibilities with personal fulfillment and ongoing Judo practice?
I think we spoke about that at the beginning of the interview. Family really is at the heart of everything I do, they keep me grounded, inspired, and grateful no matter how demanding my professional commitments become. Their love and encouragement remind me that true success is measured just as much by the joy and resilience we share at home as by achievements at work.
Balancing high-level responsibilities with personal fulfillment is a constant effort, but I make it a priority to set aside dedicated family time, continue practicing Judo to recharge and stay disciplined, and remain fully present for both my loved ones and my passions. Ultimately, my family’s happiness and support empower me to give my very best in all areas of life, making every challenge meaningful and each success truly worthwhile.
How do you balance theoretical research with practical applications in your published works to ensure they address real-world cybersecurity challenges?
I ensure my research always bridges theory and practice by grounding academic models in real-world scenarios and validating them through hands-on experience and practitioner input. This approach means each publication not only advances conceptual thinking but also delivers immediately relevant, actionable solutions for today’s evolving cybersecurity challenges.
What emerging trends or technologies do your recent publications focus on, and how do you foresee these shaping the future of cybersecurity?
Honestly, my recent work is about bringing together the newest technology, like true random number generation, stronger ways to protect information, quantum computing, and intelligent artificial intelligence. I am focused on making sure the research I do is not just theory, but actually stands up when quantum computers become real threats. For example, with quantum key distribution, we can immediately (between quotation marks” tell if someone is trying to tamper with our data, which is a huge step forward compared to what was possible before.
At the same time, artificial intelligence is changing cybersecurity, and there is much more coming, helping us spot dangers quickly, but also creating new risks because bad actors can use artificial intelligence as well. By combining these powerful ideas, quantum technology, genuine randomness, and will tested artificial intelligence algorithms, I think we can build protection that actually stays ahead of threats, instead of always trying to catch up.
Your expertise in digital forensics has been pivotal in several high-profile investigations. What unique methodologies or tools do you employ that differentiate your forensic analyses from others in the field?
I base my work on the strongest traditional techniques, using advanced forensic imaging for precise evidence copies, targeted data carving to recover deleted files, and detailed timeline analysis from system logs and registry data. I rely on top tools like EnCase, Autopsy, Volatility for memory, and Cellebrite for mobiles, all supported by strict chain of custody and verified hash checks. This approach blends expert hands-on methods with the most sophisticated forensic capabilities to ensure every finding is both rigorous and legally defensible.
In your presentations, you often emphasize the importance of proactive cybersecurity measures. How do you recommend organizations shift from reactive to proactive cybersecurity strategies?
To move organizations from a reactive to proactive cybersecurity posture, I strongly advise a strategic focus on continuous asset identification, real-time threat intelligence integration, and consistent vulnerability management through advanced monitoring and regular penetration testing. Embedding these technical measures with a culture of security awareness, scenario-based drills, and iterative incident response refinement transforms security from a passive defense to an anticipatory, adaptive discipline, demonstrating not only resilience but also a mature, risk-driven approach recognized as industry best practice.
You discuss the role of leadership in cybersecurity extensively. What are the key leadership qualities that you believe are essential for managing modern cybersecurity teams effectively?
For me, effective cybersecurity leadership means staying relentlessly curious, fully accountable, and obsessively clear in communication, especially when translating complex threats for both technical teams and the boardroom. I believe in cultivating trust by listening first, mentoring talent, and embracing change as the norm; crises demand rapid, calm decision-making, and I strive to create a climate where learning from mistakes is not just allowed but expected. Above all, it’s about balancing sharp technical judgment with empathy and strategic vision, so the team remains resilient, innovative, and aligned as threats and technologies constantly evolve
When it comes to leading in cybersecurity, I keep things real and personal: I believe in owning my mistakes, staying curious, and never pretending to know everything. My approach is to listen as much as I talk, ask questions even if they seem basic, and support people when they get stuck because I have been there, too.
I care less about titles and more about showing up honestly, whether I am untangling a breach at two o’clock in the morning or teaching someone a new forensic technique. For me, leadership is about having the courage to say, “I need help,” making time for genuine one-on-one conversations, and being relentless in learning, so I can grow alongside my team, not just in front of them.
In several presentations, you explore the intersection of cybersecurity with emerging technologies like AI and quantum computing. How do you see these technologies transforming cybersecurity defenses and attacks?
I see artificial intelligence and quantum computing radically transforming cybersecurity by enabling powerful real-time threat detection, quantum-resistant encryption, and automated incident response—while also introducing new risks like quantum-powered attacks and AI-driven exploitation. The key is to stay ahead by rapidly integrating post-quantum defenses and advanced AI analytics, ensuring our protections evolve just as fast as the emerging threats.
Finally, and we truly appreciate you sharing your time with us, we came across an article in “Diario de las Americas” mentioning your remarkable story of saving nine people’s lives. It’s an incredible achievement, and we wanted to save this special question for last. Could you please share with us what happened and what you did during that experience?
Honestly, it was one of those rare moments in life, you know, the kind you might only get once. I just happened to be in the right place at the right time. I noticed on the Security Operation Center monitors that something really out of the ordinary was going on, the kind of cyberattack you’d only expect to see in movies. The attackers were actually trying to cut off oxygen to an emergency room where the 9 patients were receiving urgent care, in one of the top hospitals in Memphis, Tennessee.
Honestly, I have to give all the credit to God. I truly believe it wasn’t really me, just that I was put there for a reason. Somehow, I managed to stop the attack and, in doing so, helped save 9 lives. I think about that day more often than I talk about it, and to tell the truth, it still makes me emotional. Sometimes I even find myself in tears when I remember it. All I can say is that I was deeply blessed to be able to help.
To close, and thank you very much for the time, interview, and considerations, I want to share two phrases I always use and created after this unique experience, truly my own and not from anyone else:
“We are technology dependents.”
“The pace of the world is one click ahead.”
Visit luisonoguerol@gmail.com or president@aditusa.com to know more!
