We recently had the privilege of having an insightful conversation with Emil Opachevsky, a seasoned cybersecurity expert and founder of Cyincore, a cyber intelligence firm. With years of experience in this industry, his focus is to build an AI-native platform, specifically targeted for digital forensics. Bringing an in-depth understanding of how the industry works and the gaps that need to be filled, Emil Opachevsky envisions empowering investigators to focus on the work that matters most.
The Beginning
We started the interview by asking, “Could you start by telling us about your professional journey and what inspired you to jump into cybersecurity?”
Emil shared, “I got into IT about 14 years ago as a system administrator and security. After a couple of years, I decided to focus on cybersecurity, starting on the offensive side – penetration testing, red teaming, and understanding how systems break. I earned my OSCP and OSCE certifications from Offensive Security, which are fully hands-on exams. No multiple choice – you either hack into the systems within the time limit or you fail.
Over the years, I moved across offensive security, incident response, and security architecture, working with enterprises, financial institutions, and governments. I’ve been on both sides: breaking into systems and networks to expose weaknesses, and leading the response when real attackers got in first. That experience on both sides is what eventually pulled me deeper into digital forensics, where you reconstruct what actually happened during a cyberattack and produce findings that can stand up in court.”
Evolution of Cybersecurity Strategies
We then asked, “With 14 years in IT and cybersecurity, what’s the biggest shift you’ve seen in how organizations approach security?”
He added, “Scale. A decade ago, a simple forensic investigation typically involved examining one or two data sources. Today, a single ransomware incident can touch hundreds of endpoints, thousands of log sources, and millions of events across many security and IT solutions.
Evidence went from gigabytes to terabytes. But the number of qualified investigators didn’t grow with it – there’s a global shortage of almost 5 million cybersecurity professionals, and incident response is one of the hardest specializations to hire for.
You can’t solve a 10x evidence problem by hiring 10x more people. That’s what pushed me to start building tools that change what a single analyst can accomplish.”
Navigating through the Challenges of Forensics
Cybercrime costs reached $16.6 billion in the US alone last year. Intrigued to learn more, we asked Emil Opachevsky, “From your experience, what makes investigating these incidents so difficult?”
“Investigation is still largely manual. An analyst collects evidence, parses it with specialized tools, then semi-manually correlates findings across event logs, registry data, file system artifacts, network connections, trying to piece together what the attacker did, when, and how. That correlation is where most of the time goes, the average forensic investigation takes about 26 days because of complexity, backlog, and more.
The tools haven’t changed much either. The major forensic platforms still follow a model from 15 years ago and even look like it – the software shows you parsed data, and you do all the thinking. In most cases, you need 3+ software because they support different types of evidence and artifacts. None of them offer automated correlation, no relationship mapping between entities, and no AI helping you form and test hypotheses,” Emil mentioned.
Embracing the Digital Revolution
Emil Opachevsky is building at the intersection of AI and cybersecurity. To learn more, we asked him to share his perspective on how AI is changing the way of investigating cyberattacks.
He explained, “It flips the model. Instead of a human spending hours manually correlating timestamps across five tool windows, an AI agent can query millions of timeline events, map relationships between users, hosts, processes, and network connections, and surface significant findings in minutes.
But there’s a problem – AI hallucinates. It can fabricate file paths, invent timestamps, and attribute activity to threat actors based on training data rather than actual case evidence. In forensics, where findings end up in court filings and regulatory proceedings, one hallucinated artifact can destroy the credibility of the entire investigation.
So the real challenge isn’t just using AI – it’s governing it. We are building a system where every AI-generated finding starts as a hypothesis. It cannot become a verified fact unless a human analyst reviews it against the source evidence and explicitly approves it. Every conclusion links back to the specific artifact that supports it. The AI investigates, the human verifies. That’s the only way to responsibly use AI where accuracy has legal consequences.”
We further asked, “AI is everywhere now. Businesses are adopting it rapidly. What are your thoughts on this?”
Emil added, “Everyone is rushing to integrate AI into their workflows, and I get it, the productivity gains are real. But most organizations are adopting AI without thinking about what happens when the AI is wrong.
In my field, the consequences are concrete. If an AI fabricates a finding in a digital forensics that ends up in court, the entire case can fall apart. But this isn’t just a cybersecurity problem. Any industry where AI output feeds into decisions with real consequences – legal, financial, medical, regulatory, needs to think about governance before adoption, not after.
The pattern I see everywhere is the same: companies bolt AI onto existing workflows and treat the output as trustworthy by default. Nobody is building the verification layer. Nobody is tracking which conclusions came from the AI and which came from a human. Nobody is maintaining an audit trail that shows how a decision was reached.
The organizations that will get AI right aren’t the ones that adopt fastest. They’re the ones that build accountability into the system from day one. Separate what the AI suggests from what a human has verified. Keep a clear trail for every AI-assisted decision. And never let speed override accuracy when the stakes are high.”
Message for Aspiring Professionals
Addressing the beginners in the field of cybersecurity, we asked Emil Opachevsky to share some insights.
“Get your hands dirty. This is one of the few industries where what you can actually do matters more than what’s on your resume. Set up a lab, practice on Hack The Box or TryHackMe, and go for certifications that make you prove your skills under pressure, not just memorize answers.
Prioritize working in an environment that gives you the ability to explore and touch on many areas in cybersecurity. Don’t box yourself into one narrow lane too early. The ability to see the full picture of an incident, from the electricity flowing in the CPU to the zeros and ones, filesystem behavior, networking, and all the way up to user behavior, is incredibly valuable in today’s world,” Emil shared.
Connect with Emil Opachevsky on LinkedIn to gain industry insights.
Find Cyincore on LinkedIn and visit their website to learn more.
Also Read:
As Trump’s Deadline Approaches, Iran Rejects the Ceasefire Agreement
About Author
