Speakers To Watch At Black Hat MEA 2025: The City Of Los Angeles’ Timothy Lee

The who's who of the global cybersecurity landscape is coming together in Saudi Arabia for the fourth edition of Black Hat MEA running from December 2-4, 2025, in Riyadh, and one of the most anticipated voices on stage will be Timothy Lee, Chief Information Security Officer (CISO) at the City of Los Angeles. 

Lee, who was recently selected as one of the top 10 CISOs in the Los Angeles City and County area, oversees one of the largest and most complex municipal environments in the United States. Through his work, he manages the city’s cybersecurity strategy, operations, threat intelligence, incident response, and risk management across more than 48 departments and critical city services.  

Over the course of his career, Lee has focused on strengthening operational defenses and advancing collaborative, scalable approaches to cybersecurity. One of the first examples of this, he explains, is an early initiative that he took to bridge the gaps between the public and private sectors. “Earlier in my career, I founded the LA Cyber Lab, the nation’s first local-government-led public–private cybersecurity partnership," he shares. "Its mission is to strengthen community-wide cyber resilience by enabling threat intelligence sharing and operational collaboration between government agencies, private industry, and academia. The model has since been recognized nationally as a blueprint for how large cities can collectively combat cyber threats."   

While awareness around the importance of cybersecurity has increased, Lee notes that many misconceptions about the industry remain. For starters, he points out that the first misconception about cybersecurity is that it is mainly a technical issue, whereas he stresses that “human behavior and organizational culture have just as much impact as technology.” Secondly, he notes that having more tools does not necessarily mean better protection, and that, while most organizations have too many tools, what they often really need is integration, visibility, and reducing noise. And finally, Lee is clear that cybersecurity is not solely the domain of CISOs, with today’s security requiring “enterprise-wide engagement—from executives to frontline staff.” 

Lee adds that, in fact, many of the trends shaping the cybersecurity industry worldwide today require organizations to rethink resilience, incident response strategies, and investment priorities. Walking us through potential threats to  organizations today, he points first to how artificial intelligence (AI) is changing the threat landscape, with adversaries using generative AI-powered attacks “to automate reconnaissance, improve phishing accuracy, and accelerate malware development,” resulting in attacks increasing in both speed and sophistication. Another threat, he explains, is the expanding attack surface across critical infrastructure, public services, and private enterprises, which comes as a result of increasing interconnectivity between information technology (IT), operational technology (OT), internet of things (IoT), and cloud systems.  

Lee also notes that identity continues to act as a primary attack vector. “Most breaches originate from compromised credentials and social engineering," he explains. "Identity-centric security and continuous verification have become essential pillars of defense.” He also points to tool sprawl and analyst overload as threats that are a result of organizations juggling too many disconnected tools, making consolidation, automation, and integrated detection and response key priorities. “Most organizations already have too many tools," he says. "The real need is integration, visibility, and reducing noise."  

Last but certainly not least, Lee notes that human factors must also be accounted for when evaluating modern risk. “Technology alone cannot solve today’s challenges," he says. "User behavior, decision-making, and cybersecurity culture remain decisive elements in security outcomes.” As such, Lee tells us that the future of innovation in the industry will come from human-centric protection models, AI-driven detection and response, precision security and high-impact prioritization, identity threat correlation, and cyber defense frameworks for large, interconnected environments. “The future lies in simplifying security, improving accuracy, and empowering people with actionable context,” he declares.  

At Black Hat MEA this year, Lee will explore precisely some of these topics in two panel discussions, each of which addresses a different dimension of modern cybersecurity leadership and operations. On December 2, Lee will take part in a panel titled “Critical Infrastructure Security in Volatile Times,” which will bring together global CISOs to discuss the challenges facing critical infrastructure, including nation-state threats, industrial control system and operational technology vulnerabilities, supply chain exposure, and resilience under operational and geopolitical pressure.

Following that, on December 3, Lee will speak on an executive panel, “Speaking Risk, Not Tech: The Boardroom Discussions,” which will focus on translating cybersecurity into business risk and how to communicate with boards to secure investment and build organizational trust at the leadership level. “Across these sessions, my goal is to provide practical insights rooted in real operational experience," Lee adds. "Whether you’re an executive, security leader, or practitioner, the discussions will offer clear, actionable strategies that can be applied immediately in your own environment."

Catch Lee at this year's edition of Black Hat MEA, the world’s largest gathering of cybersecurity professionals, taking place from 2-4 December 2025, at the Riyadh Exhibition and Convention Center in Malham. Inc. Arabia is a Media Partner for Black Hat MEA; register to attend the event by clicking here.   

Pictured in the lead image is Timothy Lee, Chief Information Security Officer (CISO) at the City of Los Angeles. Image courtesy Timothy Lee.