Cybersecurity mostly struggles with 1 of 5 issues: - They don’t understand customer's problems - They don't understand business' POV - They don't care enough about users - They go in armed with jargons - They overcomplicate tech Fix these and you've built far better security.

A crisis management document or a business continuity plan lying in your (virtual) drawer is not going to protect you from a cyberattack.

A fact: Past performance or history is not a reliable indicator or metric for when will you face a cyberattack (next).

Unpopular opinion: AI-enabled is NOT the solution to everything.

Hot take: If you want to be a successful security leader, get comfortable with taking and understanding criticism. You want your stakeholders and your team poke holes in your ideas and solutions faster than cyberattackers can.

As a CISO, more than 90% of your job is expectations management and negotiation. Not every battle is worth it. Save your time and energy for the battles worth it. Knowing what is worth negotiating is even more important than knowing how to negotiate. Pick your battles wisely.

The ability to be resilient and bounce back from adversity is the greatest trait of a successful CISO and leader.

5 ways to become a better CISO: 1. Care about your users 2. Build a non-blame culture 3. Throw away jargons in the bin 4. Understand your business' POV 5. Master the art of comm. & negotiation What would you add?

Only if I had a penny for every time a vendor said that they are 100% secure, I would be a millionaire. Add NextGen to that, and I'd already be a billionaire. Add AI-enabled to that, and I'd probably become the first trillionaire. Who knows!

Luck finds you faster when you're focused on putting in the work.