Brussels, May 29, 2026– Marc Samson laughs when you ask about weekend plans – not because he’s lounging, but because he’s doing what he always seems to be doing: working, studying, and chasing the next thing he wants to understand.
“I’m busy with work and studies,” he says, almost apologetically. “Nothing interesting or relaxing.”
Then he paused and added the detail that explains a lot about him: he’s currently doing a postgraduate in finance – while also keeping up with professional recertifications – because for Marc, learning isn’t a phase. It’s a default setting.
He calls himself a “perpetual student.” But the point isn’t collecting credentials. The point is staying sharp enough to connect dots that most people keep in separate boxes: cybersecurity, industrial operations, business risk, finance, and leadership.
That combination is exactly why Marc fits his ISACA Belgium role so naturally: Director Research – the board member who wants to make the chapter’s knowledge and research feel clearer, more usable, and more alive.
The leap: from Curaçao to Brussels (without a safety net)
Marc was born and raised in Curaçao, where he spent most of his life studying and building his career. He also worked across North America, South America, and the Caribbean – but Curaçao, he explains, has a reality that ambitious professionals eventually run into:
“At a certain point, you reach your ceiling,” he said. “It’s a very small island… you can probably count on one or two hands how many senior cybersecurity and IT professionals are there.”
So, in 2019, he made what he calls a drastic decision: move to Europe and bet on growth.
What surprises people is how openly he describes that moment.
“It felt scary,” he said. “You’re leaving your country… different culture, different language. And I didn’t really have a plan.”
He first landed in the Netherlands, job hunting – until a recruiter message changed everything: a role in Brussels. Marc took the train, interviewed, and on the ride back, he did something that feels very him: he mentally rehearsed success.
“I treated it like training,” he said. “When you’re on the way back on the train… there are a few they want. You’re going to get the job.”
That blend – realism plus inner drive, shows up throughout the way Marc talks. He doesn’t oversell. He commits.
Why industrial cybersecurity feels “real” to him
Marc lights up when he talks about industrial cybersecurity – not because it’s trendy, but because it’s physical.
He put it plainly:
“If my email server is down… okay. People can’t work. There’s reputational damage, financial issues,” he said. “But industrial… if my production line is down, the company is not producing anything.”
For him, OT security isn’t just “higher stakes” in theory. It’s higher stakes in the way businesses feel risk immediately – and in the way failures can affect real people.
“If you don’t do your job right… there can be repercussions for health and safety,” he said. “You’re talking about systems that interact with the real world.”
But one of the most revealing parts is what he enjoys most: not the tools, but the moment when perception shifts.
“It’s satisfying for me to explain why cyber is important… and to see that switch in their mentality.”
That “switch” is Marc’s sweet spot: translating cybersecurity into a language engineers trust – and boards act on.
“If it isn’t broken, don’t touch it” – and why that’s no longer enough
Anyone who’s been around OT environments knows the phrase. Marc doesn’t dismiss it. He respects why it exists.
But he also argues it’s outdated in a connected world.
Industrial sectors differ, he says – but across the board, IT/OT convergence has changed the game. Systems built 15–20 years ago weren’t designed for today’s threat landscape, and many are now connected in ways they were never meant to be.
“You cannot really go back to the old school mentality,” he said. “Because the threats are evolving as well.”
Marc describes it as a balancing act: protect operations today, but also anticipate what becomes a bigger problem tomorrow if you keep postponing change.
Why finance is part of his cybersecurity toolkit
Marc’s postgraduate finance study isn’t a side hobby – it’s tied to how he practices cybersecurity at senior levels.
“Doing cybersecurity at the level that I do it,” he said, “you need to be able to communicate risk and the financial bottom line.”
It’s a simple statement, but it’s basically his leadership thesis: cybersecurity only scales when it speaks the language of decisions – and that language is often money, risk exposure, resilience, and trade-offs.
Publicly, Marc describes his work along those same lines: advising boards and senior leadership on cybersecurity, data protection, and governance, and aligning security strategy with business outcomes.
How he became ISACA Belgium’s Director Research (and why it fits)
Marc’s explanation for how he landed the research portfolio is refreshingly direct:
“The honest answer is… last year, I postulated myself, and I somehow won.”
At the time, the previous Director Research was stepping down, and Marc was the only newly elected board member. The role needed a home, and Marc took it.
He also brought something from his past board experience – he previously served on the ISACA Curaçao board – where chapter work felt more collective than siloed.
“We did everything together,” he said. “Everybody was equal.”
That mindset matters, because Marc’s ambitions for the research portfolio aren’t only about publishing more – they’re about building local momentum, not just consuming global content.
His mission: make ISACA’s knowledge easier to see, and easier to use
Marc has been an ISACA member for around 14 years, and even he thinks the resources aren’t always easy to navigate.
“It’s not clear enough all the resources that ISACA puts available to their members,” he said. “Not enough people make use of the research, the white papers… the frameworks.”
So his first big priority is practical: help members understand what exists, where to find it, and what matters for their career stage and role.
He’s already preparing a concrete deliverable: a chapter communication (newsletter or similar format) that highlights recent ISACA research, explains why it matters, and shows members how to engage – including contributing.
His second priority is equally grounded: he wants at least one or two local subject matter experts to support research – whether Belgium-specific work or participation in ISACA global initiatives.
And if you’re wondering where to start: Marc points members toward ISACA’s research archives – which can be searched and filtered by content type, so you can find validated research, frameworks, member opinion pieces, and more.
The “near and dear” goal: bringing younger professionals in and easier to use
Marc doesn’t sugarcoat the chapter’s demographic reality.
“We are greying out a little bit,” he said.
And he’s also honest about why attracting younger professionals is hard: early-career cyber talent often gravitates toward hands-on technical pathways – cloud, ethical hacking, architecture – while governance, risk, and compliance can feel like the “later-career” track.
“It’s not sexy,” he said bluntly. “But it is the cornerstone.”
He also noted that ISACA had attempted to address the practical/technical side through its CSX certifications – but with those now discontinued, there’s an opportunity (and a challenge) to rethink how ISACA communicates relevance to a younger audience.
Marc’s intent isn’t to dilute what ISACA stands for. It’s to help the next generation see how governance and risk become the lever that unlocks bigger roles – and bigger impact.
The human side: how he resets, how he sets goals
Marc’s hobbies reflect something you feel in his professional style: focus, discipline, and a preference for activities that demand your full attention.
He talked about taking up golf, riding cruiser-style motorcycles, and returning to strength and combat sports backgrounds like powerlifting and boxing. He also mentioned that “range time” is relaxing precisely because it forces full presence:
“You can’t think about anything else when you’re doing that.”
That same practicality shows up in how he approaches goals.
Break it down. Make it small. Make it consistent.
“I’m a firm believer in leveraging your network,” he said – and not only professional networks. Friends and family count too, especially when they have lived experience you can learn from.
And then he shared the most human line of the entire conversation:
“Consistency is the biggest success factor… and it’s a double-edged sword because it’s something I struggle with.”
It’s a quiet statement, but it tells you a lot about Marc: driven, structured, and self-aware enough to name the hardest part.
The human side: how he resets, how he sets goals
If you ask Marc where his passion comes from, he doesn’t point to a single defining moment. He points to curiosity.
“I think passion finds me,” he said. “I’m just a very curious person – curious about learning, but curious about people.”
And that might be the best summary of what Marc brings to the ISACA Belgium board: a curiosity that translates into action – not only for his own career, but for how he wants members to grow through knowledge, research, and community.
