Kaja Möller

Nominated in the Category:

Additional Info

Nominee’s NameKaja Möller
Nominee’s Job Title or RoleFounder CyberMaster, National Privacy Coordinator, Guest Lecturer
Company / OrganizationIndependent
Company size1-9 employees
CountryNetherlands
World RegionEurope
Websitehttps://www.linkedin.com/in/kaja-möller/

NOMINATION HIGHLIGHTS

At 28, Kaja Möller is redefining what a cybersecurity career can look like.

She holds a full-time national coordinating role in privacy at a Dutch government agency, where she coordinates and guides a network of more than 40 privacy officers across the criminal justice chain.

In parallel, she founded CyberMaster in 2025, a fully-immersive cybercrisis simulation that has trained professionals at Alliander, RVO, Municipality of Utrecht, DIVD, Croonwolter&dros, Flynth, Argos, Pieter van Foreest and others.

She lectures at the University of Twente and Technische Universität Darmstadt, and is writing the first Dutch book on data protection in the criminal justice chain.

Her professional trajectory started with a bold move. Fresh out of university with two degrees in criminology and European law and technology, she applied for a senior privacy position, a role usually reserved for people ten years further into their career. She got it. Since then, her career has been a rapid climb across sectors that rarely intersect.

Her voice in the field matters because it challenges the dominant frame. She is a vocal advocate for treating cybersecurity as a fundamentally human problem, not just a technical one. Her Darmstadt lecture “The Human Factor in Cybersecurity” argues that the phrase “humans are the weakest link” is one of the most damaging clichés in the field, and that we need to design systems around human parameters instead of blaming people for the parameters they cannot exceed. Her CyberMaster simulations put leadership teams into real pressure, then score eleven behavioural dimensions of how they lead under crisis, so improvement can actually be measured.

She works at the intersection of privacy, cybersecurity and the human factor: a combination traditional cybersecurity training rarely covers. Her audiences learn from someone who has three perspectives at once: government privacy leader, cybersecurity founder, and academic teacher.

She refuses fear-based marketing, refuses silver-bullet promises, and refuses to accept compliance theatre as a substitute for meaningful behaviour change. She is invited regularly to speak at conferences on privacy, cybersecurity and crisis management. And she is only just getting started…